Google removes 21 apps from Android Market over malware
Some Android users are finding out the hard way the perils of an open platform, as Google was forced to take down 21 apps in the Android Market after it was found they contained malware. According to Android Police, which first broke the story on Tuesday, these apps may have been downloaded a combined 200,000 times.
The apps performed a variety of malicious activities, including root exploits, the stealing of phone data, and even acting as a Trojan horse to open the door for the device to download more malicious code. Google quickly pulled the apps from the store after being informed of the issue, and remotely wiped the apps from user devices.
Android Police said even though the offending developer and its apps were now gone, any extra code downloaded to the device after the fact would still remain. This would require a completely separate fix which would need to be downloaded to patch any created holes, which was said to be in the works.
Although a full list of apps has not been provided, the developer went by the name 'myournet.' The infected apps included 'Falling Down,' 'Super Guitar Solo,' 'Super History Eraser,' 'Photo Editor,' and 'Super Ringtone Maker.'
Instead of creating completely new apps, the developer copied popular ones and injected the malware code and republished on the Android Market. Unsuspecting downloaders may have mistaken these copies as the real thing. According to press reports, the malware-ridden apps were up for a period of four days.
This incident highlights the pitfalls of Google's open strategy. Whereas Apple individually inspects every app that is submitted for inclusion in the App Store, Google allows for a developer to publish apps freely to the Android Market once they have been registered.
Google does from time to time comb through apps to ensure they meet guidelines, but this is done after it has already been live within the Android Market.