Google continues to be admirably quick to react to DroidDream, the nasty Android Trojan we helped uncover on Tuesday. After removing the offending apps from the Market in just a few minutes of finding out about them, a new post on the Google Mobile Blog reveals that they're now ready to take further steps.
"There is no need to download and install this application on your own.
This is an Android Market security update that undoes exploits caused by the malicious applications that were removed from Android Market on 03/01/2011. Only some users were affected. Those users will receive an email notification that states this update will be automatically pushed to their devices. This app will be removed automatically after it has completed running."
First, as expected, they plan to remotely wipe the apps from affected users using the "remote application removal feature." Next, they're rolling out an update to infected devices that "undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices." These affected users will receive an email from Google notifying them that they are infected, and the update - "Android Market Security Tool March 2011" - will automatically be installed. Finally, they're taking steps with the Market to prevent something like this happening again, as well as working with their "partners" (manufacturers and/or carriers, I'd assume) to patch the security issue.
We've pinged the Google Mobile team to ask for clarification on the last two points, although it's doubtful we'll hear anything back. If we do, we'll be sure to update the post.
[Source: Google Mobile Blog]