Google has taken action to delete greater than a dozen cloned applications hosted on its Android Market when they were found to be malicious, racking up expensive text messaging charges on owners smartphones.
We've already seen it done inside the Android Market and we're guaranteed to see it happen on other platforms.
Roger Thompson, emerging threats researcher, Verizon ICSA Labs.
A developer created cloned copies of a couple of dozen popular gaming apps, including Angry Birds, Cut the Rope and Assassin's Creed Revelations, in step with a blog post published Monday by U.K.-based security vendor Sophos. The malicious Android apps were uploaded Sunday and were taken down by Google Android Market staff early Monday.
“Google's reaction have been quick, but not quick enough -- at the least 10000 users downloaded some of the malicious apps from the list,†wrote Vanja Svajcer, a principal virus researcher within the SophosLabs Naked Security Blog.
Users who installed the cloned games were warned that the appliance had access to the device's SMS text messaging capabilities. The appliance developer also disclosed via the terms of service that users would receive premium text messaging charges.
Experts were warning in regards to the rise in malicious mobile applications that reap the benefits of device services to steal data, secretly send premium rate text messages or other nefarious activities. Roger Thompson, emerging threats researcher at Verizon's security testing division, ICSA Labs, said it is very likely that more applications will try to tap into device processes to achieve access to the sensitive data of smartphone owners.
“We've already seen it done within the Android Market and we're certain to see it happen on other platforms,†Thompson said in an interview with SearchSecurity.com. “This is the process mobile attackers tend to take.â€
Rather than traditional desktop malware, “Trojanized†applications could initially cause trouble to individual owners and ultimately be an issue for enterprises, Thompson said. Attackers could steal account credentials and use them against corporate networks or they are able to tap into freely available information â€" data found on Facebook and other social networks â€" to conduct targeted social engineering attacks against employees, he said.
In March, Google removed greater than 50 applications that contained a hidden Trojan called DroidDream. The quest engine giant said it was building more safeguards into its Android Market to stop hidden malware in applications. A second variant of DroidDream surfaced in July, infecting as much as 5,000 those who downloaded the malicious applications. DroidDream gives cybercriminals the power to interrupt out of Android's built-in application security sandbox feature.
Nessun commento:
Posta un commento
Comments links could be nofollow free