Multiple sources reported that Google has pulled 21 popular applications from Android market. The reason for this is that, according to the company, the apps are malware aimed at getting root access to the user’s device, gathering a wide range of available data, and downloading more code to it without the user’s knowledge.
Unfortunately, even if Google removed such apps, non less than 50,000 users have downloaded and installed them.
Basically what happend is that a user noticed something wrong in the application name and the publisher name (see Super Guitar Solo originally Guiter Solo Lite). He then downloaded the application and found that the binary contained the string “CVE-2010-EASY Android local root exploit (C) 2010 by 743C”.
“These apps are all pirated versions of popular games and utilities — an expeditious solution for busy hackers.
Once downloaded, the apps root the user’s device using a method like rageagainstthecage, then use an Android executable file (APK) to nab user and device data, such as your mobile provider and user ID. Finally, the app acts as a wide-open backdoor for your device to quietly download more malicious code.”
Well, this is a proof of how simple is to get in trouble if not paying attention. I think almost everyone, at least once, goes to the Android market and start to install a few apps. I was personally scared I had installed some of those very common applications.
Does this mean we will have to start installing software to detect malware also on our handsets? Is this just another nightmare?
Here is the list of the 21 apps
* Falling Down
* Super Guitar Solo
* Super History Eraser
* Photo Editor
* Super Ringtone Maker
* Super Sex Positions
* Hot Sexy Videos
* Hilton Sex Sound
* Screaming Sexy Japanese Girls
* Falling Ball Dodge
* Scientific Calculator
* Dice Roller
* Advanced Currency Converter
* APP Uninstaller
* Funny Paint
* Spider Man