Google has stepped in and removed 21 applications from its Android Market that could have affected devices running older versions of Android. Any devices running Android 2.2.2 or later would not have been affected, but the applications were all created by a publisher called Myournet and were capable of a number of different malicious attacks on your device.
Attacks could have included rooting your phone, uploading phone information (including IMEI) to external servers, and installing backdoors that allowed additional code to be pulled down and executed on your device.
Details of the Malicious Activities
The malicious applications were designed to exploit vulnerabilities in older versions of the Android operating system. Rooting a phone, for instance, gives the attacker full administrative control over the device, allowing them to install or uninstall software, access private data, and even control the hardware components. By uploading sensitive information such as the IMEI (International Mobile Equipment Identity) to external servers, attackers could potentially clone the device or use the information for other nefarious activities.
The backdoors installed by these apps could download and execute additional malicious code without the user’s knowledge. This means that even if the initial app seemed harmless, it could later transform into a more dangerous threat by downloading more sophisticated malware. This kind of attack is particularly insidious because it can evolve over time, making it harder for users and security software to detect and remove.
Impact and Response
Not only did the apps slip through Google’s Market screening process, but they were also downloaded by around 50,000 users before Google pulled the plug. This incident highlights the challenges that app stores face in maintaining a secure environment for users. Despite rigorous screening processes, malicious apps can sometimes slip through the cracks, especially when they are designed to appear benign at first glance.
Google’s swift action in removing these apps is commendable, but it also serves as a reminder of the importance of user vigilance. Users should always be cautious when downloading apps, especially from lesser-known publishers. Checking app reviews, permissions, and the publisher’s reputation can provide additional layers of security.
The offending apps from publisher Myournet included a variety of seemingly innocuous applications, ranging from games to utility tools:
- Falling Down
- Super Guitar Solo
- Super History Eraser
- Photo Editor
- Super Ringtone Maker
- Super Sex Positions
- Hot Sexy Videos
- Chess
- 下坠滚球_Falldown
- Hilton Sex Sound
- Screaming Sexy Japanese Girls
- Falling Ball Dodge
- Scientific Calculator
- Dice Roller
- 躲避弹球
- Advanced Currency Converter
- App Uninstaller
- 几何战机_PewPew
- Funny Paint
- Spider Man
- 蜘蛛侠
The diversity of these apps shows that the attackers were trying to cast a wide net to attract as many users as possible. From entertainment apps like “Super Guitar Solo” and “Hot Sexy Videos” to utility apps like “Scientific Calculator” and “Advanced Currency Converter,” the goal was to appeal to a broad audience.
In conclusion, while Google’s intervention has mitigated the immediate threat, this incident underscores the ongoing need for robust security measures both from app stores and users. Staying informed about potential threats and practicing safe downloading habits can go a long way in protecting your device from malicious attacks.
Via Android Police
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.