Google's App Market a Target For Malware Developers

By CIOinsight  |  Posted 03-02-2011 Print
Rather than go through third-party app stores, hackers have their sights set on Google's own app store for Android.

Google has removed numerous applications laced with malware from the Android app store, underscoring the threat of rogue applications infiltrating the company's mobile marketplace.

According to Lookout Mobile Security, more than 50 applications released under the developer names "Myournet", "Kingmall2010" and "we20090202" were infected with the DroidDream Trojan and removed by Google. A complete list of the affected apps is available on the Lookout blog linked to above.

An analysis by Kaspersky Lab found that the Trojan attempts to gather a variety of information, including product ID, device type and user ID data. After swiping the information, the Trojan will upload it to a remote server. Unlike most of the other samples seen so far, there is no attempt at sending or receiving premium rate SMS messages, the firm said.

"DroidDream is packaged inside of seemingly legitimate applications posted to the Android Market in order to trick users into downloading it, a pattern we've seen in other instances of Android malware such as Geinimi and HongTouTou," Kevin Mahaffey, CTO of Lookout, told eWEEK.

eWeek eWeek

Have the latest technology news and resources emailed to you everyday.