01
Mar
andy_trojan
Last Updated: March 6th, 2011

Update 2: Google has officially acknowledged DroidDream and is taking further steps to correct it. Details can be found here: Google Acknowledges DroidDream: Remotely Wiping Apps, Removing Exploit, Making Changes To Prevent It From Happening Again

Update: For more details on DroidDream, check out out the follow-up post. It includes more information about the virus and how it works, who's to blame, and provides a link to a flashable .ZIP that prevents the virus from working.

Openness - the very characteristic of Android that makes us love it - is a double-edged sword. Redditor lompolo has stumbled upon a perfect example of that fact; he's noticed that a publisher has taken "... 21 popular free apps from the market, injected root exploits into them and republished." The really scary part? "50k-200k downloads combined in 4 days."

Lompolo explains the situation quite well:

Link to publishers apps here. I just randomly stumbled into one of the apps, recognized it and noticed that the publisher wasn't who it was supposed to be.

Super Guitar Solo for example is originally Guitar Solo Lite. I downloaded two of the apps and extracted the APK's, they both contain what seems to be the "rageagainstthecage" root exploit - binary contains string "CVE-2010-EASY Android local root exploit (C) 2010 by 743C". Don't know what the apps actually do, but can't be good.

I appreciate being able to publish an update to an app and the update going live instantly, but this is a bit scary. Some sort of moderation, or at least quicker reaction to malware complaints would be nice.

EDIT: After some dexing and jaxing, the apps seem to be at least posting the IMEI and IMSI codes to http://184.105.245.17:8080/GMServer/GMServlet, which seems to be located in Fremont, CA.

I asked our resident hacker to take a look at the code himself, and he's verified it does indeed root the user's device via rageagainstthecage or exploid. But that's just the tip of the iceberg: it does more than just yank IMEI and IMSI. There's another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID. But that's all child's play; the true pièce de résistance is that it has the ability to download more code. In other words, there's no way to know what the app does after it's installed, and the possibilities are nearly endless.

Justin pinged a contact at Google to bring the issue to their attention. In the time I've proofed this post, they've already checked the apps and are planning on pulling them from the Market [Update: holy cheeseballs, they've been pulled already! Took less than 5 minutes from first contact to pull!], as well as remotely removing them from user's devices. Unfortunately, that doesn't remove any code that's already been backdoored in.

Let's hope they're quick to react - this is the ultimate Android Trojan to date, and it's already been downloaded over 50,000 times.

Feel free to discuss this over at Droid Forums, or via the comments below.

Update: The publisher's been removed entirely from the market, so you can no longer see the list of apps. Luckily, I managed to grab a few screenshots last night. There's been a ton of response to this, and we've been contacted by a few big dogs. Justin is also working on a removal tool. I'll be doing a follow-up post this evening.

apps_by_myournet

guitar_solo_lite super_guitar_solo

Left: the real app. Right: Myournet's virused-up version.

The offending apps from publisher Myournet:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • 下坠滚球_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • 躲避弹球
  • Advanced Currency Converter
  • App Uninstaller
  • 几何战机_PewPew
  • Funny Paint
  • Spider Man
  • 蜘蛛侠

Over 30 more have been found by Lookout:

  • owling Time
  • Advanced Barcode Scanner
  • Supre Bluetooth Transfer
  • Task Killer Pro
  • Music Box
  • Sexy Girls: Japanese
  • Sexy Legs
  • Advanced File Manager
  • Magic Strobe Light
  • 致命绝色美腿
  • 墨水坦克Panzer Panic
  • 裸奔先生Mr. Runner
  • 软件强力卸载
  • Advanced App to SD
  • Super Stopwatch & Timer
  • Advanced Compass Leveler
  • Best password safe
  • 掷骰子
  • 多彩绘画
  • Finger Race
  • Piano
  • Bubble Shoot
  • Advanced Sound Manager
  • Magic Hypnotic Spiral
  • Funny Face
  • Color Blindness Test
  • Tie a Tie
  • Quick Notes
  • Basketball Shot Now
  • Quick Delete Contacts
  • Omok Five in a Row
  • Super Sexy Ringtones
  • 大家来找茬
  • 桌上曲棍球
  • 投篮高手
Aaron Gingrich
Aaron is a geek who has always had a passion for technology. When not working or writing, he can be found spending time with his family, playing a game, or watching a movie.

  • http://twitter.com/tokyomonster Chris Dehghanpoor

    Excellent work guys, let's hope Google does more to keep this from happening in the future.

    • Jon Garrett

      they damn well better !! if they don't, then it wont matter what kind of hot new gadgets and phones they put out. people will go with apple.

      besides, whose to say that this isn't being done by Apple black-ops employees !!!

      corporate sabotage is nothing new.

      • THAT CIA

        Jon, why don't you just go back to your BB. Stop talking your craziness. :P

      • Kornholio

        The beauty of "open" is apple doesn't have to to anything, you did it to yourself when when you bought into the system.
        Hahahahahahaha classic! Those jerks at apple trying to keep my data safe I hate em. Your the next contestant on exploit my data come on down.

      • paul jacobs

        Dude... both the iphone and the google phone are run on a linux / unix kernel that's under the GNU lic. So going to apple does nothing to change the OS on the phone or the security problems on them. But apple and google make tons of cash off the phones because its all freeware that they customize and sell for 500% markup on the phones hardware! Damm people are stupid at times.

        • Watanabe

          Mr. Jacobs,
          Technically speaking, you are absolutely correct. Your last statement had tears of laughter running down my face because it's the holy truth. Don't hold back. Please tell us how you really feel. ;-)

        • paul jacobs

          Well the big company's take advantage of the consumer and then people complain its stupid

        • http://www.thedigitalorchard.ca/ Ted Wood

          Learn a few things before replying. iOS is not "freeware that's been customized". Yah, nice try there, Paul.

        • paul jacobs

          Ahh poor ted... poor trusting ted yes apples Os has been freeware under GNU from OS10.x sorry to bust your fantasy bubble!

        • paul jacobs

          The truth has no agenda it is just the truth!

        • Andrew

          Fucking moron.

          iOS is based on OS X from a BSD kernel and BSD utilities and many libraries under the same license or LGPL (such as Webkit).

          There is NOTHING open about the interface, Cocoa/Carbon.

        • paul jacobs

          You meen free BSD? And there is no need for the lang. Your. All the same when your wrong.

        • paul jacobs
      • Watanabe

        With all due respect, and disregarding the Apple conspiracy theory because it's heresay, I've discovered 3 suspicious apps in Apple's app store. Don't foolishly fall into a false sense of security with Apple just because of recent revelations.

        • http://allanwhite.tumblr.com Wazungu

          I love how it only takes a few comments (scratch that - all of two) to completely change the subject to iOS.

          I mean, are you not all crapping your pants out there at the implications of this article? How many other trojan apps are out in the wild now? With. Root. Access.

          Yikes.

        • chris

          really which ones?

      • Sigivald

        Apple doesn't need to do that.

        After all, they've got over 50% profit-share, huge revenues from the AppStore, and no reason to worry about Google's horrible one.

        And of course, if Apple was caught doing it they'd be hit with a gigantic and unwinnable lawsuit and it might well kill the company completely reputation-wise, for basically no benefit.

        Logic suggests Apple has nothing to do with it; they gain nothing and risk everything. Apple plays hardball just like Google, but they're neither stupid nor takers of that sort of risk.

        (Amazon's forthcoming Android store? That might be competitive, and raise the bar vis-a-vis Apple.

        Google's one is terrible.)

        And of course, there's all sorts of motive for people who aren't Apple to do such things, for their own personal gain...

    • Steve

      What would you have them do?

      There's malicious webpages on the internet, too, but that doesn't mean we're all running back to AOL.

  • coldfuzion

    HOooly Sh*t

  • Coldman

    I've been expecting this, kind of surprised it took this long. Root exploits are great if you are the one authorizing the rooting, but it also means there are vulnerabilities to be exploited by malware like this.

    Scary stuff, very scary.

  • acupunc

    Google really does need to proof apps a little. . . a lot better. The average user using a smartphone these days isn't all that tech savvy and it really is the responsibility of the app Market owner to ensure that apps are save and apps like this don't make it into the wild.

    After all you know some crazed Apple fan will no doubt put things like this into the Android app market. . . where do you think all the Win trojans come from? /sarcasm

    • Phoenix

      So I guess Microsoft should monitor all of the millions of programs, exe's, java applets, flash websites and anything else that goes onto a computer because someone out there makes malicious code? It is the responsibility of the owner of their own device to be careful of what is put on their phone.
      Guess nobody wants to be responsible for their own crap. "Let's take the easy way out. Oh gee, I downloaded Hilton Sex Sounds and got a virus. Let's all blame someone else besides ME for that."
      If you can't use something correctly that you purchase, you shouldn't purchase it in the first place.

      • rudyy

        Ok, we won't blame you.

      • TTM

        Yes, Google should examine 100% of them, and then develop hash verification libraries. It's the only way. If not, they're not doing a responsible job. 100%. Not a sample. 100%.

        • Steve

          Like they verify 100% of webpages they index? Like Apple verifies 100% of applications you can run on a Mac, or Microsoft verifies 100% of applications you can run on a Windows PC? Like Volkswagen verifies 100% of gas stations in the world dispense fuel that works with their engines?

          Examining code can take as long as writing code -- you can cut out the design phase, but you still need to understand the entire program. Any policy or mechanism, therefore, that requires Google to examine all programs would essentially say that the openness of the Android market is virtually pointless: they could save the time and money and just write everything themselves.

      • http://justskate.me/skateTalk/ netposer

        Yeah, MS should do that if MS ran a Market or App Store.

        And if it's in the Market it should be vetted.

        Now all deals are off when you have to side-load and app.

      • acupunc

        Looks like others have sufficiently answered the question however. . .

        Google owns the app store and puts it forward as a trusted place to down load apps from. Other app stores monitor their apps to ensure such things don't happen--MS, Apple, Nokia, etc.

        And as my statement says, if the dev doesn't want to do things right they can sell their app anywhere else, just like Windows apps and then it is totally up to the person downloading the app. At that point you are totally right. The person downloading from an untrusted source is at fault.

        Nowhere do I say the individual has no responsibility. If they download from an unknown/untrusted source then they take that risk, but when downloading from a trusted source they have done their due diligence as a user.

        Sounds like you have some personal issue going on here. . .

        • Biggestmexi

          "Google owns the app store and puts it forward as a trusted place to down load apps from"

          no, they dont.

          Read the terms and conditions.

      • Beerhider

        The difference here is Google is SELLING the App. I don't think Microsoft sells "all the millions of programs, exe's, java applets..."

      • Mike

        I'm sorry, but is downloading a scientific calculator app from the OS vendor's marketplace really the kind of thing that consumers should have to be suspicious of? How are responsible users supposed to know that this might be malware?

        • Tulpa

          A scientific calculator program shouldn't be asking for full Internet access and the ability to modify SD. There's a reason Android tells you what permissions the app wants before you install it.

  • squiddy

    glad to see Google taking quick action on apps like this... I just hope it doesn't happen again. There are so many people out there that don't know how to keep themselves safeguarded against this kind of stuff. My mother being one of them.

  • jcase

    This is a case of manufactures slacking. These root vulnerabilities (exploid and rage) have been known and patched in AOSP, all devices should of been updated.

    • Coldman

      Absolutely. I hope this will help show them what they're messing with by not patching/upgrading/keeping up.

      • paul jacobs

        This is a problemwith all OS! Free ware unix / linux is the easyest for people to hack because its instructions are on the internet for everyone to see.

        • Andrew

          Source availability makes making exploits only a tiny bit easier, not extremely. Linux has been open source since the beginning, and security vulnerability fixing have always been top priority. We have far less exploits than Windows, and Linux is running countless servers out there beating Windows in the server space.

    • ZZ

      Yeah, the fact that this was patched/closed in 2.2.2 and 2.3 should really be mentioned in the article, now that the entire internet is linking to it.

      Don't get me wrong, this is a huge issue, but there's no point artificially raising the "ANDROID IS TEH INSECURE!!!!111" sentiment more than what is necessary by leaving out key facts like this.

      • unhappybirthday

        That may be true, but users are at the mercy of their carriers and/or device manufacturers for receiving OS updates (eventually), right? To say that "Android is patched" doesn't have much practical significance.

        • I am Root

          All the more reason to root and bypass the carrier. Why anyone in their right mind relies on a carrier is beyond me.

        • Andrew

          How about when you can't root?

          How about when you don't feel like it?

          How about when rooting will void your warranty?

          All you Android users are exactly the same. And this is what will take it down, and others will win (including iOS).

          I own an iPhone 4 (jailbroken), and I run Gentoo Linux at home.

        • Anything

          @Andrew:
          Nope, that is simply wrong. Why should anyone care what "all the android users" are like? Hell, if you knew a lot of iOS-owner you probably wouldn't own one yourself.
          That being said: Android won't go anywhere. It is already the most used smartphone-os on the market and it will continue to evolve quickly, because it is a great system with a great security architecture. Of course there will be exploits, it is practically impossible to build devices which are not-exploitable. Why do you think the iOS is still jail-breakable? If Apple could, they would stop it immediately - but there always seems to be a way around.

    • ZZ

      Scary.

  • rTiGd2

    Classic example of 'Bolting the stable door AFTER the horses have gone'

    Given how Google are so quick to pull apps that don't pay them (sorry, comply to their payment terms for subscriptions etc) it really is about time they concentrate on the entire market, not just the bits they can scrape money from.

    • Elwyn

      We're on a journey and the destination is worth the mileage. If you don't believe me then feel free to get an iPhone. No hate, we're building the train track as we go, when we get to a destination you're more happy with feel free to hop on board... all aboard the gravy train!

    • http://www.droid-den.com Lekky

      But they were quick were they not? The post says the apps were removed 5 minutes after knowing about them...?

    • paul jacobs

      I thought microsoft could only put out bugged holy beta OS? Guess I was wrong lol

  • Syntk99

    Hide yo phone, hide yo apps, hide yo market cuz they be stealin all yo data up in here!

    • Beavis

      LOL!

    • Aaron Gingrich

      Irony: I told Artem that we missed an opportunity for a Bed Intruder tie-in with the title about 20 minutes ago.

      Our original title was:
      "Step 1: Download Apps. 2: Modify Code, Make Them Secretly Root Phone. 3: Upload To Market. 4: Steal User Data. 5: ??? 6: Profit?", but once we found out it was way worse than originally thought, we had to change it =(

      • http://www.AndroidPolice.com Artem Russakovskii

        Word.

      • name!

        ot, but somebody rightfully noticed that remotely pulling the app makes it quite a bit harder for the user to find out whether he is affected. therefore, "only" warning him would have been much better.

  • Scott

    Did any of those protection apps like Lookout Mobile Security recognize and do anything about it?

    • John

      I had spiderman on my phone. Lookout scanned it and said it was perfectly safe soooooo

      • http://www.droid-den.com Lekky

        The original or the modified one? There is a difference!

        • John

          I couldnt tell google pulled both of them from the market so I couldnt compare the two. pretty sure it was the myyournet version as I remember looking at the other apps and thinking how crappily made they were

      • Martin

        Lookout is complete marketing FUD! They cannot protect form zero day attacks, their "Security Research Team" didn't know about the malware until Android Police posted about it and it appeared in Mashable, then they copied and pasted the content from here and put it on their site saying they they discovered it.

  • demus

    We need today be our own Police. Google gave us this open OS. Let's take it and run with it....own it!! We don't need a nanny like those iPhone folks! Let those malware guys know that for every Android user there us a geek who has a clue, watching. Go pick on another OS.

    ..
    ..

    • Josh X

      I couldn't agree more. It's up to us, the users, to protect our devices and OS. I would seriously like to track these scumbags down and beat the shit out of them.

      • Praveen

        Agreed users should protect their devices and there is no safeguard against stupidty, but then again you cannot have an authorized channel like android market to have been hosting such malicious apps.

        If the user has side-loaded the app from some shady forum then it is his mistake, but allowing apps in the market which is stealing user data is completely googles fault.

        • acupunc

          Exactly. Google can't allow the Android market to get a bad reputation. Could you imagine the kind of press that would lead to? Not to mention what competitors would be saying--get an Android device and load it up with malware from the Android market! Not cool! And like some comments here--why is it that Google is quick to take down an app that isn't paying them but does nothing to protect their users?!?!? On and on it would go. . . and that would be a huge marketing blow to Android.

    • Mike

      That's noble, but 50–200,000 people already downloaded this garbage. An army of volunteer geeks is a powerful thing, but I don't know if it instills huge consumer confidence.

  • jojo

    oy-vay. Explains why that google account was hacked. ...and what remedy for having fallen victim this? - wipe phone & start over?

    • jcase

      Right now, best bet is to flash it back to stock with odin/ruu/RSDlite (depending on your phone) we have no clue what the malware downloaded. At the very least wire wipe phone and reinstall your rom.

  • David

    You guys kick ass. AP and Reddit ftw.

  • charlie

    Could we have the offending authors names with the app list please?
    Also, is there anyway to check yourself?

    • Evan Edwards

      Agreed... there are a few "dice roller" apps, and I don't know if the one I have was the problem one. If there way to tell?

    • Jonjmik3

      I have to agree with you here, when searching for the best cheap android phone you should look at a number of different reviews, in order to find the best android phone which is suited to your needs.

  • Appelflap

    Those guys are just killing a beautiful open platform. If evolution was based on those free riders we would all still living in trees. But again, survival of the fittest will overcome these errors of nature :)

    thanks for the heads up.

  • jcase

    I found a flaw in his code that will prevent reinfection, details tomorrow after I confirm.

  • Chris

    Does any of these apps violate my cat? ;)

    • Appelflap

      Definitely! If your cat has a chip implanted, your cat will be rooted and reflashed. It will reboot as a giant Android. So beware

  • Martin

    I am really pissed. I installed and purchased Lookout for my Droid. It looks like my device was infected by one of these apps, I contacted them and sent them links to this post asking about it. No response. Then an hour later they have a Blog post where they basically copied and pasted the Mashable article and your content into their own blog like they are the ones who discovered. Meanwhile my phone is completely screwed their software did not detect this, I am asking them for a refund for the service
    Looks like Lookout is taking credit for you discovery, at least they give you a link:
    http://blog.mylookout.com/2011/03/security-alert-malware-found-in-official-android-market-droiddream/
    In their post they tell people to contact them if they are infected, I am a customer who has an infected phone and no response. So pissed. They can't do anything if your phone is already infected. Sorry for the rant, just really really pissed.

    • Thomas

      The blog you linked to gave lompolo full credit for discovering the exploit. It only goes on to mention that the LookOut team found some apps by additional developers that use the same exploit and they have released an OTA update to catch/block DroidDream.

      Not sure if LookOut can even do anything to *fix* your phone as that might be a little deeper than they are allowed to get without physically having your phone to flash something to it.
      Sure LookOut didn't catch it, but then neither did anyone else and if nobody knows about the issue, it's hard to block something. Viruses, trojans et. al. are only found and programs set to recognize them after they have been discovered in the wild. So there will always be SOME people who get hit before these programs are updated to catch them. That is a chance you take when downloading anything. All because some little s**ts with no morals feel the need to f*** with others.

      • Martin

        Exactly my point, these anti-virus applications are bullshit, they don't protect from new malware, it takes them time to find them then they have to send out an update. Google took the apps out of the market faster, Lookout then a day later sends out a patch that would have blocked their installation. It is completely worthless at this stage, the people who are infected are screwed. Then Lookout touts their "Security Research Team" as the guys who found it, it is marketing spin. How many of the 50K infected users had Lookout and still got the malware?

      • melgross

        Isn't that the entire point to a program and service called LOOKOUT? If it isn't actually looking out, then it isn't worth anything.
        That's the biggest problem with an "open" system, whatever that means. Google has to throw in the towel on this and begin checking ALL the apps in the marketplace. Otherwise, this problem will just get worse. Who knows how many other apps are doing this?

        • I am Root

          Horse Pucky.

          If you don't know what Open means, then don't post here to demonstrate your clueless state.

  • Peter

    This morning I downloaded an update for Flash as Firefox was kind enough to tell me my current version of Flash had security issues. Until the Android fix-release-update cycle gets under a couple of weeks we will see a lot more of these issues.

  • http://carsonicity.wordpress.com J.R. Carson

    Great job guys - I recommend to my readers that they use apps like AVG Antivirus - would that have caught this particular exploit?

    • Steve

      No it wouldn't. None of the anti-virus apps picked this up until it was too late. Google was first by pulling the apps. Lookout, AVG, Norton, DroidSecurity all failed to pick this up until today and only if you get the OTA updates...but the app is no longer in the market so the effect is the same.

      • http://carsonicity.wordpress.com J. R. Carson

        Thanks for the reply, Steve. Any restore point apps out there that would at least let you clean the device without having to factory reset? Something in-Market that works well? I don't trust gray market apps these days.

        • Steve

          Do you work for AVG? So the updates these companies push out will fix those devices that have already been compromised? I don't think that is possible, this malware rooted the device and opened a back door. As far as I know the only way to fix it is to do a hard reset and I am not even sure that will completely clean it.

        • http://carsonicity.wordpress.com J.R. Carson

          I meant going forward - like with Windows Restore Point - so that future infections are easily erased. And no I don't work for AVG or any app developer. :)

      • Watanabe

        AVG for desktop does detect the malware. I'm deliberately not discussing the algorithm because there's always one ID10T who can't follow instructions.

  • PP

    Hi,
    I posted the following comment to the Lookout's blog and thought to share it here as well:
    "Hi,
    looks pretty scary that there are malware even in the Android Market. But good that there are people that are watching the AM more carefully than Google itself.
    So I was about to install your Lookout app from the AM, but then I looked at the list of privileges your application needs:
    This application has access to the following:
    * Your accounts:
    manage the accounts list
    * Hardware controls:
    change your audio settings
    * Your location:
    coarse (network-based) location,
    fine (GPS) location
    * Your messages:
    read SMS or MMS,
    receive SMS,
    edit SMS or MMS
    * Network communication:
    full Internet access
    * Your personal information:
    read contact data,
    read sensitive log data,
    add or modify calendar events and send email to guests,
    write contact data,
    read Browser’s history and bookmarks,
    write Browser’s history and bookmarks,
    read user defined dictionary
    * Phone calls:
    read phone state and identity
    * Storage:
    modify/delete USB storage contents modify/delete SD card contents
    * System tools:
    make application always run,
    prevent device from sleeping,
    modify global system settings,
    write sync settings,
    disable keylock,
    delete all application cache data
    * Your accounts:
    discover known accounts
    * Hardware controls:
    control vibrator,
    control flashlight
    * Network communication:
    view network state,
    receive data from Internet
    * Your personal information:
    write to user defined dictionary
    * System tools:
    automatically start at boot,
    read sync settings,
    kill background processes
    A loooong list… f.ex. why your application needs to “read SMS or MMS, receive SMS, edit SMS or MMS”? Or all the other things? This sounds more scary than the malware you warned us about… :/"
    Any thoughts from guys on here? Why it needs so many accesses?

    • Steve

      They won't post your comment to the blog as it is critical of their app.

    • Daniel

      Lookout Mobile Security also includes a back-up and restore utility, which I assume would need to read(back-up) and write(restore) SMS/MMS messages.

    • Bmental

      Is it possible that they require access to all of those areas because perhaps they're making an exhaustive sweep of the system to make sure they're don't miss any of the offending code? That would be my guess.

  • http://www.position-absolute.com Cedric Dugas

    damn! I got chess, :/

    • Evan Edwards

      I have Dice Roller, but I believe that (since it is still in the market), that mine is the okay, open source version that is from the actual author. If you still have the app, it is likely okay. The bogus version was from "Myournet".

      Best of luck -- I hope your version is okay.

  • ashok pai

    nab those evil hackers/ crackers NOW!

  • GergS

    Yet ANOTHER reason to root your phone. So you can have control of it!

  • Dano

    Oh no. I installed one of these too

  • Jen

    I installed super bluetooth transfer. Thank god I had Bluetooth firewall too which detected some bluetooth connections to my paired devices whereupon I uninstalled the transfer app.

  • Phoneboy

    Oh yeah, I desperately need another device I have to keep clean and secure... NOT!!!

    • Andrew

      I agree, fuck that.

      I own an iPhone 4. You (poor) guys should join in. :P

  • Goleador OZ

    Hi,

    I'm new with Android, one month ago I bought the HTC Desire HD. As you can imagine, I started to download everything available for free.
    I would like to know how can I see if my phone was rooted or affected with this problem.
    I'm not sure if I installed one of the 20 apps and then deleted it just to try something new.

    Thank you very much for all!

    Cheers

  • Don

    How recently were the hijacked versions posted? I downloaded Spider Man for my kid over a month ago, but quickly uninstalled it b/c it sucked.

  • Zargron

    IMHO, this is excellent in the long run for Android. We had a minor breach in security that we can learn much from, before wholesale adoption of the platform and it's associated delivery infrastructure. In a years time, with another 100 million devices, including especially tablets, we'll be thankful for this incident and the resulting improvements.

  • Ron

    People saying "good job Google acted so quickly" etc... The developer of one of these apps was trying for over a week to get them to take the offending apps down. Only when it was posted to reddit did Google do anything. Piracy is rife on the app store its getting crazy. People are just selling other peoples apps and making money from it.

    Lets just clone the whole fucking app store. They need to start looking into combating the piracy.

  • Bolders

    Let's have a look at a probable timeline for the hacker's shall we?

    Six months to catch the person or persons
    Slap on the wrists or nominal jail term
    Released and then given an outrageously well paid job in an internet security firm writing code for an anti_virus!!!!!

    • I am Root

      ....or, post their real name and address. 2 days later, their bullet ridden body will be found in a back alley.

  • http://bestandroidappsfor.com/ Concerned Android User

    Oh dear, the price of freedom is indeed high. Perhaps Google should take a hybrid approach to policing the Android Market and check every app for malicious content, beyond that they can leave things unregulated.

  • TechKid

    Is there any android software that will show me a log exactly whats going on on my phone
    What app did what?
    as sometimes for example my volume gets changed in the middle of the night and I have no idea what app triggered it

    This would be a Great idea to track malicious apps

    Thanks

    • Eggcake

      aLogCat

  • Vaderoid

    PHU8ar, 7HX Dr01D P0-p0... g00gLe 7igH7En up

  • http://carsonicity.wordpress.com J. R. Carson

    Any restore point apps available in 2.2?

  • http://linuxbasix.com/ knuckleheadTech

    I find it interesting that so many people are saying Google should monitor and verify every app. It seems to me that to many people are getting an android phone thinking it is basically a mirror copy of the iPhone and they have no clue what Open Source, Linux or anything that android is built from is.

    Yes lets have Google monitor every app. Then we will have a true iPhone clone and only certain apps will make it to the market. Our phone will get so locked down that these "exploits" that the OS has will go away and Google will no longer refer to it as "opening" the phone.

    I for one root my phone within an hour of getting it and had a new rom on it within a week once I decided which I wanted to try first. These are not really phones. They are pocket computers that you can make calls with.

    If you don't understand what an "open" platform is then go get an iPhone or a Windows Mobile phone and you will get your greater restrictions to keep you safe. Personally I will take the time to read and possibly have to work on my phone to keep it safe and keep an "open" platform in my pocket.

    Sorry for the long reply but this particular topic has been driving me a little crazy.

    • http://www.pretentiousname.com Leo Davidson

      I would like a compromise:

      - Google vet what is on the app store to filter out apps which are malicious or illegal (i.e. the insane amount of pirate stuff).

      - I still have the option of installing stuff from other sources if I want something special which Google reject for some reason.

      I don't see what we would lose from having Google get rid of the stuff that is actually going to harm us or which is ripping people off.

      I don't want an Apple-like world where I am not allowed to install things which compete with Apple's (or whoever's) software or which Steve Jobs (or whoever) has some personal beef about, but that does not mean I would not appreciate better quality control on the official app store.

      There is no reason we cannot take the best of both worlds here. Nobody is saying we should lose the ability to install apps from other sources, and nobody is saying Google should adopt Apple's insane filtering; we just don't want malicous/illegal stuff being fed to us via the official store.

      • DP

        What you want is Blackberry AppWorld. No rooting needed to load software from anywhere (even OTA), but RIM police their own appworld store. Get Google to do the same, and you'd have exactly what you want

        • I am Root

          And I would dump Android in a second......

          For the clueless, there always is The Evil One from Cupertino.

        • http://www.pretentiousname.com Leo Davidson

          @I am Root:

          You would dump Android in a second if Google's Market just started filtering out pirate and malicious software?

          Why is that, exactly? You want to run lots of pirate and malicious software, so much that you don't want to go to a separate app source for that kind of thing?

          All the pirate crap makes the platform look like an unmaintained mess and puts people off installing apps in case they are dangerous. It's not doing anyone any good. Not the users and not the reputation of Android.

          Again:

          - NOBODY is suggesting that Google apply an ever-changing, arbitrary, anti-competitive, prudish, fascist set of rules to the app store like Apple have done with theirs.

          - NOBODY is suggesting Google force you to only use their app store like Apple have done.

          - We just don't want rip-offs and trojans pushed through the main app store.

    • mark

      well sead
      the custom rom on my old cliq makes quite fast and stable about 4 months with out a reboot, and no memory manager ad on as linux handles that quite well on it's own

      the great thing about opensource is it's free
      and many eyes to find and report the issues.

  • Ib

    how can I have a refund?
    what the fuck? we want google to close those bad guys accodunts now and pay our money back. fuck them all

  • Darren

    I downloaded Scientific Calculator at one point but don't remember when. I only had it for a short time and uninstalled it. I have a rooted DROID X 2.2.1 and I have root explorer. I'm wondering if there is a specific file I can look for to tell if I'm "infected" Any thoughts?

  • Eduardo Cruz

    I agreed with Apple vetted program. Look at the Android market with just one very important example. They are allowing the official Wells Fargo app, but also somebody else’s Wells Fargo app that as far as anybody knows will steal customers information. There have been many message left for Google to take it down and has been reported as malware, and the app is still there for many months.
    So boys, what do you prefer, freedom to get scam and taken to the cleaners or allow someone to vet every app to be clean? I go for clean!

    Maybe Justin can check with his Google friend and have this false Wells Fargo app taken down also.

    • I am Root

      Then why don't you buy from The Evil One of Cupertino, take your whining there and leave all of us with a brain alone.

  • Frank Lee-Speaking

    One thing I don't see mentioned here is that can Motorola devices even be "rooted" with their encrypted bootloader, I suspect the answer is NO.

    • Aaron Gingrich

      Having a locked bootloader doesn't affect your ability to root a device.

      So, the answer to your question is YES.

    • Darren

      The answer to can a Motorola device be rooted is definitely yes. I am currently using a rooted Moto DROID X running android 2.2.1. However, you CAN'T install custom ROMS (or it's difficult to say the least).

  • H.A. Lamb

    As one of the ones who downloaded History Eraser before 4 days ago- IDK if it is the infected version. I'd like to know how to check to see what it has actually done, etc.

  • http://www.mylookout.com Lookout

    Hi everyone, Lookout here. Wanted to provide a quick update. All existing users who have Lookout installed and active on their Android phone, are now protected against the DroidDream malware. Last night, we delivered an update over-the-air (OTA) and Lookout users do not need to take any additional action.

    The Lookout support team is more than happy to help anyone who thinks they may have been infected, whether they had Lookout installed or not. You can email our team at support-at-mylookout.com

    • Steve

      A little late don't you think? Google has already pulled the application from the market. What about those infected, does your OTA fix those users, or do they need to do a hard reset?

    • Steve

      I am guessing by the lack of response that the answer is no.

  • Zeal

    I reported Super History Eraser for being a ripped off app about a week ago, so slow response there.

  • Ed
  • abeee

    the developers of the original free app's - could they have done anything to prevent their APK from being used like this?

    For example, would proguard have prevented this ?

  • Tijs

    Excelent! Good that Google is not putting this info in a corner so that wikileaks has to tell us :D.

    I hope (and know) Google wil be able to recognize the troyans and remove them from the market.

    I will be uninstalling my applanet for now, this could become a real troyan market...

  • Gabi

    I bought Galaxy S yesterday and downloaded the Photo Editor... shit. =/

    • Watanabe

      If you're running Gingerbread, your phone is immune. Also, you can always wipe. Since you've only had the phone for a day, talk to your carrier about finding a sol'n. Good luck.

  • Martin

    can anyone tell me what the spider man app looks like.. I downloaded it yesterday.

  • Davros62

    Yep, serious issue. Don't know the answer.

    Just a couple of points.

    Good anti-malware software is not merely signature based, but can also look for 'virus-like behaviour' to catch zero-day exploits. (e.g. programs sending out personal info etc)

    I seem to recall Lookout can do a report on what apps have those kinds of permissions?

    There also seem to be some misconceptions about the kind of 'vetting' that Apple do in the App store.

    While Apple certainly do exert more editorial control over what goes into the App store and in general; it is more closely monitored and moderated, there are limits.

    According to the court disclosure documents Apple had to submit over the court case re the rejection of Google Voice from the App store, they do an average of about 6 minutes testing per app. Some will get more obviously and some less, depending on their procedures and the nature of the app.

    They do not review the code, and they basically do just style and sociability checking and a basic test to see that the app does what it claims to and has no obvious bad stuff.

    With the volumes of apps coming through daily in the 1000's and only (at that time anyway) about 40 people vetting apps, you can see that it's a huge task.

    It has been pointed out by security researchers and demonstrated in practice that it is perfectly possible to include hidden functionality in iphone apps that Apple approve into the app store.

    Two examples; the Flashlight App that had hidden tethering functions and more recently, Camera Plus got banned for including a hardware shutter trigger in direct contravention of Apple policy.

    These were benign apps and in both cases they only got found out by Apple because happy users were discussing them. However, if it was possible for these legit developers, then it's no doubt possible for less scrupulous and more stealthy apps as well.

    Regarding patching, according to stats from Citka, over 60% of iphone users still haven't patched to mitgiate the pdf/jailbreakme exploit.

    Just saying it's a difficult world out there.

    • Andrew

      As a Linux user (and iPhone owner), I don't blame openness but consumers expect far better protection than this, and not having to get themselves anti-virus apps (this requires them to be thinking and consumers hate that).

      If 60% of iPhone users have not upgraded from the jailbreakme vulnerable firmware, then it's because they are jailbreaking? Sounds strange to me. The majority of people I've talked to know about jailbreaking but refuse to do it as they are afraid something will break.

      • smarty pants

        The implication isn't that they are jailbreaking, but that 60% would still be vulnerable to an app that would jailbreak the phone and then have control of the phone.

  • Jim H

    Even without the issue of publishers and copyright, the real question on the Internet is identity and security. You may want to have root, but you need to KNOW it is YOUR root, and not some other person. That's an authentication problem, and I don't know if there's any way to do it except through encryption:

    LOOP: how do I prove I'm me that lets me do stuff and knows who CAN'T do things on my phone.

  • Jim H

    Well, to be honest, the thing that's encouraging is that these apps didn't last too long.

    And any software on mobile devices will have to solve this problem with encryption: meaning, your DRM that gives you "copyright" on your own output. .

  • TechKid

    How about Google should offer in the market "Android Certified Applications" ?

  • John

    How long were these apps available? And how long was myournet a developer in the Market?

    I had Spider-Man about 9 months ago, but I have since removed it completely from my phone, and I don't know who developed my version.

    • John

      And yes, I have read the articles that say over 50,000 downloads in four days, but I have yet to find anyone who has said that myournet has only been around for four days (or any specific amount of time).

  • kip

    So lookout missed the other apps you identified? If so, that's not good!

    Thanks for the work!

    Kip

  • Nexus1

    hm.. buy nexus one, you won't get much space to install more apps!!! i'm safe.. lol

    Nexus one owner

  • Hamranhansenhansen

    Words like "root" and "exploit" and "virus" and "malware" are not part of the Consumer Electronics lexicon. Fail. Plain and simple. Excusifying will not fix this failure.

    If you had to take a CS/IT class before buying an Android device, then OK, but they are sold in carrier stores to consumers. Fail.

    • I am Root

      Take your whining and business to The Evil One of Cupertino and leave us intelligent people in peace.

      Hamranhansenhansen. Fail.

    • Heinz Kiosk

      Bingo, Hamranhansenhansen. The whole Android concept is sold in phone shops worldwide as a consumer device.

      Knowledgeable users like "I am root" represent about 0.1% of the market, and a similar device targeted just at "us intelligent people" as he puts it would cost about $10k/pop, because of lack of economy of scale, and it wouldn't have a noticeable app store either, because the market wouldn't be big enough to make it worth anyone's while to develop apps selling for $3.

      I love my Android phone, but stuff like this is seriously making me consider having one phone for business (that might as well be one of the closed devices), that I never install *any* 3rd party content on, and one Android phone for fun, that never has any stuff on it that needs to be at all secure.

  • http://segment6.blogspot.com/

    I hope people will spread this news around and finally raise a fuss over the total lack of quality control in the Market. While I definitely do not approve of Apple's overzealous censorship and refusing to allow users to install apps from third-party sources, Google is doing no better letting the Market get flooded with complete crap and now trojaned copies of legit apps.

  • http://twitter.com/dukenugem NUGEM

    Just one more reason guitars suck.

  • Keez

    Yes...let's make it so that any consumer that doesn't have the capacity or desire to delve into the depths of their phone shouldn't even consider an android device. Great idea. Oh yeah...what are you going to do when this strategy cuts sales by 90% and it is not profitable to use the platform and therefore it goes away?

  • KT

    Ahhhhh, now I know why my e-mail started sending out viruses to all my contacts not long after I got my phone. Well that sucks. Now what do I do? I'm pretty sure I don't have "sexy" anything on my phone! But a few games, and a strobelight app. Hmmm...

  • teebox17

    Have a Droid 2 that as of today the incoming calls cannot be heard when I answer the phone. When I return the call everything works as expected. They can hear me but I am unable to hear them. Anyone else experience this?

  • rareasasparagus

    So... if they've deleted the apps in question, remotely, how do I remember what random stuff I downloaded and whether it matches anything on this list?

    There doesn't seem to be any kind of install log, that I can find anyway. Actually, I can't find any logs at all.

    • I am Root

      Gain Root, then get Titanium Pro. It has this functionality and much, much more.

      • rareasasparagus

        Ah, thanks. Guess this is where my weekend is going.

  • DB

    Only cheap developers care about openness. If consumers cared so much, why doesn't Linux or OpenOffice dominate the office or the home. ANSWER: Because 95% of the population doesn't even know what open-source is.

    Marketing your product as open-sourced to the general public is akin to telling them that their car has Dual Overhead Cam. What the hell is that???

    • Ron84

      A dual overhead cam is where your engine's head has 2 cams that adjust timing of the engine, rather than 1. In a noob friendly version, it means your car will go faster. IVTEC or VTEC (Honda) is a modification of DOHC (dual overhead cams) and adds an extra lobe on the cams with more advanced timing that kicks in above a certain RPM to give you more speed, but sacrificing gas mileage (thus why it only kicks in at 75% or greater throttle, or a certain RPM's). These manufacturers market this to people like me that love sports cars and only want to buy a sports car.

      Marketing open source is marketing to the nerds like most of the die-hard android fans.

      What's the difference between android fans and apple sheeple? We are mostly nerds or tech savvy individuals. Most of which wouldn't be caught downloading something that would possibly contain malicious code. Just the same as I don't do on my PC's - I don't even run AV software on them because I don't need it. I'm a Sr. Network Engineer, by the way.

      Apple is a great company and make quality devices that are beautiful, and extremely simple. The apple sheeple are mostly defined by the "hip" crowd and the people that want a simple device that just works. However, if my 50 year old mother that is about as tech savvy as a rock, that just recently discovered the internet in the past 3 years, can operate a Samsung Galaxy S to a flawless caliber then that argument doesn't hold true. Apple's name and reputation win in this scenario, and that's not Android/Google's fault.

      Now that I have that addressed and out the way - Yes, I do agree that Google needs to step up and moderate the market though. There's more benefits to it than just preventing careless users from downloading malware. It would encourage more developers to add to the market rather than hosting it on the web. It would also encourage better quality apps when the devs know they have to be approved. I could go on further but it's bed time.

      • Melissa

        This.

  • Matthieu

    Hi,
    I guess they forgot ABonentendeur.
    I had the same problem with this app.

  • bolek

    поместите на маркете объявление.напишите антивирус. вы должны нас защитить-ведь мы доверились этому зеленому человечку. многие и не знают про эти вирусы.гугл должен решить проблему найти больные смартфоны и предупредить их владельцев.

    • Prozact

      Yeah, what he said...! ;)

  • Peter da Silva

    The problem isn't openness, it's that Android has a single source software distribution system. The application store model is a huge magnifier for malware, because it removes the site cues end-users normally have when buying or downloading software.

  • bolek

    нужен антивирус

  • Davros62

    Perhaps there is a middle ground that would offer a solution to the probem, while still supporting the open nature of the Android platform.
    Let's face it, there is obviously a reasonably large consumer demand for the Android Market model, or it wouldn't be as successful as it is.
    How about Google offering a 'Certified secure' program, where devs can voluntarily pay a few bucks to get their apps vetted and google slaps a sticker and digital certificate on certified apps.
    DRM and various copy protection mechanisms are now part of the Android API's so it should be possible to make it much more difficult to clone apps and republish them.
    This way users can make a choice whether they want to download anything they like or stick to certified apps only.
    Choice is what it is about with the Android platform after all. And that could include the ability to choose the level of risk exposure.

    • Midnight Sun

      Well said Davros

    • http://www.formandfunction.com/ Jonathan Gibson

      The problem here is that Google has abdicated control of the market and left Developers in the lurch. I'm reading iOS-v-Droid profitability is running 1000% for equiv products. The ROI for apps that are too easily copied while being shoved amongst a mediocre array of background-pattern retreads and soundboard-things is not appealing.
      I think upping the QA ante is fine, but there has been no economic proposition here except for ad-supported Google-centric biz.

      Google is security-negligent. I know parents are leery of their kids & these malware issues looming. A few more exploits like this and people wont touch an Android as a vector for hassles. The Google marketplace feels like a rummage sale, not anyplace I can expect to keep make the kind of money Apple is dishing out to it's partners.
      It's a tough sell and the G-man is doing damn little to help consumers or developers feel satisfied.

  • http://www.freegeekculture.com TOmcat

    All this was a matter of time, really surprised it too this long.

    Welcome to the shitty side of life. Google NEEDS some form of vetting. While Apple is too strict, Google is too lax.
    Hopefully Amazon and their new App shop will have some form of Vetting.

  • Frankie

    Have developers buy a real certificate that has to be vetted before they sign their app. Hackers don't want to be known so this is a deterrent and a step in the right direction.

    • smarty pants

      Exactly what I was thinking... make people get a verified account before they can publish an app... and then hold them responsible for malware/viruses in their apps they publish. No need to investigate every update posted for every program. Google should have thought about this before the market ever launched..

  • Dan

    That's great for Google's Android Market but has anyone made sure the virus/trojan infected apps aren't on other Android app stores like AppsLib and Handango? Is Google in charge of making sure all Android customers are kept safe by notifying other app vendors?

    • Tulpa

      Obviously 3rd party app stores are not Google's responsibility. If users download malware from SlideMe or AndroidFreeware, Google would be totally justified in saying that it's a risk you take by downloading from a 3rd party. Unsophisticated users are less likely to seek out 3rd party app stores anyway.

      As far as the official Android Market goes, it wouldn't take Google very long to make sure that an app isn't a clear knockoff of another app that's already there, and this would go a long way to protecting Android's reputation. That doesn't require examining every line of code.

  • http://www.flickr.com/people/christospalmer Christos

    Thankfully I never downloaded any of these rogue apps, but then, I always read other people's comment's before downloading anything.

    • smarty pants

      Exactly.. if only more people looked before they leap... oh, and lookout mobile security might detect and stop the apk from installing...

  • Phone Banking

    Good work. However, please invest more resources to find these potential info thieves sooner. Like many others, I use my Smart Phone for banking. Thanks again.

  • Chris

    Looks like I'll hang on to Symbian for a while longer.

  • http://page4shree.blogspot.com/ Shrinivas

    Ohh.. Thank god I have N900.. Maemo is lifesaver till now .. :)

  • Fin

    I have downloaded Spider Man - how can I tell which version I have downloaded? (i.e. was there a safe version and an infected version?)

    Spider Man does not appear in My Apps (on the Market place) - but it does appear under Downloaded Apps in Settings. (I have force closed it - and have switched off phone until I can call my mobile operator tomorrow - O2 in the UK.)

    Is there any way of finding out the developer name of the version that I have?

    Is there a checklist of what to do if I think my phone may be infected? I do use the phone to connect to my GMail.

    Thanks

  • Another mark

    There is something confusing about this news and how people reacts to it.
    I dont know about a way to rootyour device without doing some steps. So I don't thinkthe trojan does that, as some maybe thinking.
    What it does is affect phones with rage or exploid root access. So, if you don't have a rooted phone it can do nothing to you.
    Is it right?

    • smarty pants

      There are one click root solutions out there. Once it installs and reboots your phone, you are fair game. Anyone can be affected, not just rooted users... sorry.

      • john smith

        i wish i knew about one before i spent a fiver on a compatible microsd card which i could turn into a goldcard in order to root my legend....couldve bought a pint instead :(

  • smarty pants

    Just require security on WHO publishes apps to the store. If a malware/virus is found in your app you uploaded.. bam, sued... problem solved. This isn't rocket science google!

  • ThumbTug

    For all u Nubz who got boned by this trojan, remember, the first time is the deepest ~ after being rooted a few more times you will begin to loosen up and enjoy it more ";0))

    PS: Perhaps Google will now offer a free tub of lube jelly / analgesic cream with each smartingphone sold?

    • Leon

      @Thumb Tug. You sound like you need to get laid.

  • paul jacobs

    Wow this starting to sound like a windows blog!

    You people are so dumb accept everything your told like linux / unix is secure and does not need anti virus or defrag. Stupid people you get what you pay for and apple google paid zero for the OS AND IOS so you get shit hahahahahahahaha

    • Joaco Ej

      It's the same in every OS if you are careful enough you won't get any malware. But, it's true you don't need defrag in GNU/Linux, unless you have 95% of your disk occupied.
      The OS is secure as much as you don't click yes to everything without reading or having some common sense. For example in Windows 7 you are relatively secure with UAC, but some viruses are proof to disguise themselves as flash player updates for example, if you weren't insensitive and dind't desactivated UAC, then you should see a pop up asking you to install Flash Player. It's up to you then, the malware will try to cheat you, but if you watch the flash player version, and compare it to yours, for example, then you will notice there's something wrong

  • unknown

    there are AV's out there in the app store that will boath scann all downloads and block such malware from stealing youre data.INSALL ONE

  • Phoenix

    Enough of Android shit.
    I am moving to Apple.
    Period.

  • Andrdude

    I can't believe, after reading this whole stack of comments, no one mentioned that, despite Google's pulling apps to help us, which is a good thing, isn't it a little scary that they can "remotely remove" apps from our phones? I was surprised to read that way back in the beginning story. Such an ability could just as easily be used to whisk away any app they "don't want" us to have. I don't like that.

    Reminds me of my local cable ISP. They had a "antivirus suite" they were pimping for free so I tried it once. Not only did it uninstall all my other anti-malware apps on my PC, but it DELETED THE DOWNLOADED INSTALLATION FILES for them too! Fortunately I had backups so I could reinstall them when I ditched their suite. I think at the very least Google should have to "ask" before deleting one of the apps on our phone.

  • paul jacobs

    So microsoft closed kernal had it right from the start! Open is less secure. Can't wait for win mobie 7 to come out using CDMA

  • ThumbTug

    I have hijacked a normally-paid Android AntiVirus App from the Marketplace, cracked the protection and repackaged it with some added functionality [AutoRoot.KillPatch.Trojan.Worm.Dialer] ~ now am ready to re-upload this FREE AV but cannot think of a good name ... any help?

  • grafixfrh

    the fact being the carriers werent at fault at all here the exploits were using the rooting of a phone which by the carriers standard is hacking their software so the only people who should be responsible for all this are those of us who root our phones not the carriers if you root your phone which voids the warranty how can you blame android or even the carrier you are the one doing the wrong thing haha get it in perspective peeps these were root exploits and the rooting of a phone is just like the maliscious code its hacking lmao whether you know what your doing or not live by the sword..........

  • paul jacobs
  • Rahuman

    Long Live Android!!!

  • paul jacobs
  • KENTAURUS

    To all of you guys: looks like you don´t use phones to speak... Want internet go get a computer!
    PS. Apple user sucks...

  • KENTAURUS

    Simply go the the Android Market and download the AVG free for mobiles, and scan your phones. By the way, is it possible to download and install AVG thru the Apple´s App Store?

  • rikx

    Why the F*ck does apple have to be there in every mobile forum?????
    Good for NOTHING

  • ANDROYD27

    Thanks for this article.i WONDERRED what does Android Market do with apps that have been flagged by users or have been identified as outright malware.

    Developers: IS there an app that i can download that updates a list of malware apps where i can click the widget and view the latest list ? Otherwise, haave to do daily searches on the net for any new news. An app that can spit out the latest "flagged" apps when a user click the suspicious button would be nice. I know running virus scanners check 'as you download' but would be nice to avoid up front even before choosing such apps if we had a suspicious list at our fingertips.

  • http://www.seatvacations.com omeoomedia

    Nice info dude. Thanks.

  • Crunchy

    I’ve got an HTC Wildfire – don’t laugh it is my first “smartphone” and I had read that the desire gobbled up your battery…now I’m not so sure I should’ve forgone the extra “horsepower”…anyways i’ll upgrade soon.

    Question: I’ve read alot of comments about the market place and google etc but what about sites like get-jar i.e. fulla malicious stuff or "legit"?

    I had seen, on CNN i think, a report talking about angry birds, which my Wife wanted, and D/L’d from there. It works fine but I have to power the screen off then on to make it start…ya think it's something malicious?

    Thanks for your replies….you catz seem knowledgeable…more than I am anyways. I feel bad for bothering my brother in law (he’s a tekki) for every little nuance of my tech-life:)

    • Aaron Gingrich

      I think it's best that you stick to legitimate markets such as the official Android Market, Amazon Appstore, and GetJar.

      • Crunchy

        Thx Aaron so "GetJar" IS legit...i typed it wrong.

        Was wondering, after reading this thread; which I found by way of searching for mobile security, if I had got a piece of malware from angry birds...as I mentioned; I have to power the screen off then on to make it start.

        However, based on this thread, seems like there's no such thing as mobile security atm huh? I have N360 premier on my laptop - my brother in law thinks it's hilarious as he has nothing...says he'll just remove whatever he gets, IF he gets anything. For us less savvy peeps it's like a seat-belt on the airplane I guess.

        On the other hand I've had maybe 5 or 6 attacks out of Beijing China stopped by Norton....at least that's what it claims lol!

  • nox

    This might be a stupid one, but is there any possibility to download the APK from Android Market on a computer for dexdump etc. analysis before installing it on the phone?

    • Crunchy

      You have to use HTC Sync. Check with these guys on how to do it though. My Bro-in-law did it for me...kinda complicated for a "low-tech" like myself:)

  • Paarkhi

    The best thing is to download apps from the market which has higher download count and high stars review

  • Namez

    The "app store." What a marvelous invention! It is hard to imagine a more tempting target than a centralized repository for all of a device's software, and direct access to potentially every single user. I also appreciate the aura of corporate legitimacy it gives to any and all two-bit developers who manage to post a title. Apple will be doing the world a favor if they DO manage to monopolize the concept.

  • http://www.dubturbosoftware.org Jack

    Thank you for putting some proper clarity into such things. I have a TMOUS-HD2 with Nandroid running Gingerbread and its amazing. There is quite a bit of choice with custom roms and I don't stress much on "malware" when I know it can and will be easily re-flashed in about a month anyway.

  • Stef

    Hi i have downloaded a Tetris trial that let me think it was EA's tetris but in the meantime it has aquired rights to see my sms and send sms on my cost and all my contact information etc. i can not remove the app and i don't know what to do next.
    If anyone has a way for me to trace and remove the app without losing my warranty that would be great. i have this HTC Sensation for 2 weeks now.

  • Stef

    Oh, i have reset to factory settings including erasing sdcard but no effect. the app seems to remain in mobile memory or something. the bad part is that i also can not find it on the market after a day or so.

    I am really worried..

  • Trevor

    My phone seems to be acting strangely. Earlier today it seemed to hacked and was vibrating randomly so I thought I'd look into it and found this article. I've suspected different things, perhaps hackers or some jokesters trying to get my information.

  • http://www.betsharks.net/ Jean Spencer

    Hello, I love reading through your blog, I wanted to leave a little comment to support you and wish you a good continuation.

  • linda nelson

    Accant download you're. app

  • http://google linda nelson

    Os anyway could contac by phone?

  • http://www.brusselsbestdogwalker.com François Huysman

    Thanks for all the info. Keep it up!

  • http://seotop.in.ua/ Andrew Borman

    Very informative! ;)

  • http://www.technologyexplores.com/ Muhammad Lal

    what you have shared in this article is very knowledgeable and fantastic. keep sharing this type article to keep in touch people with your self. i really like your article.

  • http://www.androidrooting.com/ Rooting

    OMG !! This is such a killer news and very astonishing for android users too.

  • Stacey Fitch

    Hello, I stumbled on this post while doing some research about an app that is causing problems with teens in our schools giving them the ability to cyber bully anonymously. Complaints caused the high school to shut down it's wireless. I've tried researching what I can about this app and who made it. I attempted to download it but did not like the idea that it asked to have access to modify or delete on my SD card. Since this is your area, I thought you might be able to take a look at it and see what you think. Yik Yak is the app. Seems to have just recently been released. Thanks!

  • Patricia do Santos

    KKKKK LIKED THE LOGO OF YOU!

    http://cartoescaixa.net/

  • Orange

    Nothing like a bit of malware on phones in the morning.

  • http://www.indexinferno.com William Presenod

    There needs to be higher standards and more screening before apps hit the market. Although users should be aware of what they are downloading, these app stores should also take some responsibility in what is listed in their stores.
    http://www.indexinferno.com

  • laurakelly

    It's a nice post. I really like it. Thanks for sharing..!!
    New Release !! Lets see this game "Wash My Car" for kids - FREE at Google Play..!!
    I'm sure that kids really love this game ..so download it & give rating.!!

    http://kidsandroidgames.wordpress.com/2014/07/02/how-to-wash-car-download-free-android-game-wash-my-car-for-kids/

  • zaki

    Pls tell me how to remove Trojan virus from my xolo 500s mobile phone?????
    mail me at mohd.zaki143@gmail.com

    pls pls help me out.

  • http://www.techlazlo.com/ Tech Lazlo

    Technology is developing by leaps and bounds. The Climate is changing with its own dynamic approach. Today cellular phones especially there functions and <a href="http://www.techlazlo.com/category/mobile"android apps in pakistan. Has Provided a great charm to technology and all.

Quantcast