Image via Wikipedia
The Android Market was the hub of a 58 malicious applications that invaded 260,000 devices that downloaded infected software. Mobile phone IMEI/IMSI codes, used to identify mobile devices, and the Android version of the device, were the targets of attack, not personal or account data. Google purged the applications from the market with swift speed after notification. No data was transferred despite the fact that these apps had root level access to the devices.
Email notifications were issued to users affected by the attack that a “remote kill” response would purge malware from affected Android devices without user participation. The completely automated security response was issued to devices that installed “Android Market Security Tool March 2011″ and removed the rootkit.
The security hole that allowed the unauthorized third-parties to access mobile devices without owner knowledge is a system level security breach affecting Android 2.2.1 and lower. Carriers and manufacturers of the hardware must upgrade the system. A Google patch has been issued until the carriers can reach consumers with the fix.
The event underscores the fact that Android Market, unlike CNET, does not prescreen applications before uploading to confirm there is no user risk of malware.
Among the variety of freemium security software offered by Google is its Google Pack. Included in this software bundle is freemium antivirus, anti-spyware technology Avaste! The software technology is based on an ICSA Labs certified central scanning engine that includes West Coast Lab Checkmark certified anti-spy ware. It provides anti-rootkit and self-protection features. The software has won numerous Virus Bulletin VB100 Awards for detecting 100% of wild viruses. Over 130 million global users rely on Avast! for cyber security.
