On March 1, news broke that dozens of malicious applications had made their way to Android Market, each infected with a rootkit that could grant hackers deep access to Android devices that installed them. Google removed the malicious applications from Android Market within a few minutes of being notified, but has otherwise remained silent on the situation.
Google has now confirmed that 58 malicious applications were uploaded to Android Market, and that they were downloaded onto around 260,000 devices before Google removed the apps Tuesday evening. That number sounds alarmingly high, but Google believes that only device-specific information, namely the phone’s IMEI number, was compromised — and that no personal data or account information was ever transferred. Given that these apps were getting root access, this could have been a lot worse. Now the cleanup begins.
Beginning tonight, Google is going to invoke a special ‘remote kill’ function that allows it to remove these malicious applications from any affected Android devices with no action required from the user. Google will also be issuing a fully automated Android Market security update to infected devices that should remove the rootkit (again, no user action will be required). All affected users will be receiving email notifications about the situation as well.
Unfortunately, while Google can remotely fix affected devices, it can’t automatically patch the security hole that made the exploit possible in the first place. That’s because the hole exists on the system level, so it requires a system upgrade to resolve — and it’s up to the carriers and hardware manufacturers to deploy the fix. Google is issuing a patch and informing its partners that it is urgent, but who knows how long it will take the carriers to push it to users.
As if to underscore this problem, Google says that the exploit was actually already fixed in recent versions of Android, and that it only affects version 2.2.1 and lower. Unfortunately the vast majority of Android devices are still running older versions of the OS because of the aforementioned sluggish carrier updates.
Beyond these software updates, Google says that it’s taking steps to try to prevent similar malicious apps from making it onto Android Market.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.