Security Researchers Warn of Risks Posed by Web-Based Android Market

CIO Insight Staff Avatar

Updated on:

Some security vendors are

raising the question whether the browser-based version of the Google

Android market could open up opportunities for attackers.

Google

recently launched a new version of the market that allows a device owner

to search for, buy and install applications on their mobile

device remotely over the Web from a desktop computer. To do this, all the

user needs to do is log in to their Google account.

While the capability was

meant as a nod to user convenience, some warn that the functionality increases

the potential fallout if someone’s Google account is compromised.

“This is just one more

reason to create strong passwords, and be ever-vigilant about access to your

accounts and devices,” blogged

Denis Maslennikov, senior malware analyst at Kaspersky Lab.

“If your smartphone is

connected to the Internet, you will immediately notice that on the device’s

screen an install is already taking place,” he wrote. “Why is this a problem?

When installing apps via the market on your phone, you must agree to all the

permissions being requested before the app will actually install on your phone.”

For more, read the eWeek article: Google Web-Based Android Market Increases Potential Risk, Security Researchers Warn.

CIO Insight Staff Avatar