Forgot your password?
typodupeerror
Android Security IT

More Malware-Infected Apps Found In Android Market 195

Posted by samzenpus
from the one-bad-app-spoiling-the-barrel dept.
Trailrunner7 writes "For the third time in the last few months, Google has had to remove a slew of malware-infected apps from the Android Market and suspend some publishers. Ten Android apps in the Official Android Market are known to be infected, but many more could be victims of the Plankton Trojan. Researcher Xuxian Jiang claims that early variants of the Trojan have evaded detection for as long as two months."
This discussion has been archived. No new comments can be posted.

More Malware-Infected Apps Found In Android Market

Comments Filter:
  • How about... (Score:5, Insightful)

    by Skarecrow77 (1714214) on Wednesday June 15, 2011 @03:00PM (#36453790)

    you post a list of the infected applications in the freakin summary, so when TFA gets slashdotted, we know what the hell they were?

    I'm just saying...

  • QC Required (Score:4, Insightful)

    by Microlith (54737) on Wednesday June 15, 2011 @03:03PM (#36453822)

    Sooner or later Google will need to do some sort of Quality Control on their store, or they'll just keep making the Marketplace look even less trustworthy and push people to the Amazon store.

    • You can have a "best of both worlds" solution by have a "code reviewed" icon for app developers that want to do it. May cost money for the review process...
      • by PickyH3D (680158)

        All that does is create an even bigger divide people the people that do it and the people that don't. And people that download half of the malware (the junk apps versus at least legitimate looking apps) are probably too stupid to recognize it anyway, thus negating the purpose unless it's done across the board.

        I agree that it is better than nothing, but creating a market where the big fish will probably get rubber stamped anyway, I feel uncomfortable with the idea of suggesting a system where the little fish

        • The malware scare is going to knock the little guy off equal footing anyway. Right now the malware apps are obvious, because it's cheap and easy to create crap that morons will download. But eventually, as people get a bit smarter, the malware apps will start to look more and more like normal, decent apps. At this point, when you can't easily tell a malicious app from a non-malicious app , some users will stop downloading from little guys all together, and only trust downloads from brands they recognize.
      • From TFA: (Score:2, Insightful)

        by PopeRatzo (965947) *

        Google has historically taken a hands-off approach to policing the Android Marketplace. It will suspend and remove suspicious or malicious applications when they're reported, but does not vet applications prior to posting them, as Apple does with its AppStore.

        Ah, that's what the story is really about. I'm surprised it took them so many paragraphs to get to their real agenda.

        localman57 has the solution. And who's to say that Google has to be the one doing the code reviewing? Why couldn't a group of Androi

        • Re:From TFA: (Score:4, Insightful)

          by localman57 (1340533) on Wednesday June 15, 2011 @03:41PM (#36454308)
          It doesn't have to be Google. But there really needs to be a single reviewer source. Think "Underwriters Laboratories" for software. Otherwise, the malware writers just setup their own review boards, and stamp it quality. As Tommy Boy once said:

          I can take a shit in a box, and mark it guaranteed, but then all you'll have is a guaranteed box of shit.

          You (and your friends) can't be allowed to stamp your box.

          Google would be the obvious choice, though, since they have the biggest investment to lose if this all goes to hell.

        • And the reviewing panel would probably do a great job for 2 months or so... and then they push back against crap code (because it would be harder to detect trojans in it if you can't tell what the heck it is doing) and then the developers would push back because the panel isn't supposed to comment on their code, just certify it as trojan free. Then they would either stop being a clearing house or would approve an app with a trojan in it, and by this time everyone would have just purchased an iPhone.

        • Why couldn't a group of Android developers get together and set up a reviewing panel that will certify apps as threat-free? Before I download an app, I can see if the reviewing panel lists it or not and have that one extra data point with which to make my decision. If the panel's work is done in a transparent manner, people would trust it and they would have a measure of safety without having to be walled inside.

          The only people that would protect are the people who don't need protection.

          You are trying to so

          • by node 3 (115640)

            You are trying to solve the problem of how to make life easier for YOU, not the average user who would have no clue the panel existed and would not care if they did.

            Actually, he's trying to solve the problem in a way that doesn't involve admitting Apple's model works better than Google's.

          • by PopeRatzo (965947) *

            You are trying to solve the problem of how to make life easier for YOU

            Well, that's true.

            A better approach is Amazons, to make a market of wholly vetted apps where probably Amazon does more verification of who a publisher is. Then non-technical users can stick to that market.

            I agree. But the key here is choice. I can shop at the store that can be trusted, or I can shop in the back alleys if Scumabad. But either way, I can make a choice.

            That's superior to having one company make all the choices for me.

            And

        • by H0p313ss (811249)

          But then you have to worry about who guards the guardians [wikipedia.org]?

          • by PopeRatzo (965947) *

            But then you have to worry about who guards the guardians?

            Sure, but that's what transparency is for. And there will be a lot of eyes on them.

            It will become clear pretty quickly if the "guardians" can be trusted.

            • by node 3 (115640)

              Sure, but that's what transparency is for. And there will be a lot of eyes on them.

              It will become clear pretty quickly if the "guardians" can be trusted.

              The only reliable guardians so far seems to be Apple. You're right that there needs to be some sort of QA panel for Android, but the only reason there's a call for one is Google's inability to do the job themselves. It's their store, after all.

              You can bitch all you want about a "walled garden", but at least it serves the consumer.

              • by PopeRatzo (965947) *

                The only reliable guardians so far seems to be Apple.

                Nothing I can say can make my point any better than that.

    • I agree. I know most slashdotters are relatively savvy users and aren't going to install the ZOMGFREEMONEY$$ app, the expanding user base guarantees that malware will get more sophisticated over time.

      Sure, we could only install applications developed by a corporation we already deal with and should have an interest in keeping us happy and keeping our business by not installing malware on our devices (Sony jokes aside), but doesn't this suppress the audience for "little guy" developers? Isn't that contrary t

      • by Microlith (54737)

        Sure, we could only install applications developed by a corporation we already deal with and should have an interest in keeping us happy and keeping our business by not installing malware on our devices (Sony jokes aside), but doesn't this suppress the audience for "little guy" developers? Isn't that contrary to the spirit of FOSSetc?

        Google's Marketplace has nothing to do with FOSS. So long as they don't try to lock users out of their own devices (by barring sideloading) then it's a non-issue.

        • I know that on /. you always have to couch every post with a defense for every possible pedantic reply, but in this case, I thought "FOSSetc" would encapsulate the spirit of the vaguely "open" android platform and the spirit of the enterprise as a whole.

    • by Ash Vince (602485) *

      Sooner or later Google will need to do some sort of Quality Control on their store, or they'll just keep making the Marketplace look even less trustworthy and push people to the Amazon store.

      Alternatively those of us who do not mind researching apps using the internet before we install them will carry on buying Android phones. I treat my phone like my home PC, I install stuff I trust after some basic research. Since Apple are not infallible I am more willing to trust my own judgement than theirs. If I screw up, I know to blame and can learn from my mistakes, if Apple screw up I just have to trust them learning their lesson on blind faith.

      • Alternatively those of us who do not mind researching apps using the internet before we install them will carry on buying Android phones.

        We need the unsophisticated users to buy the Android phones, or there won't be any. The economy of scale has to be there. If Android phones alienate the average user, then they'll end up like the N900: kick ass, but expensive and a relative hassle to get.

        • Re:QC Required (Score:4, Insightful)

          by tlhIngan (30335) <slashdotNO@SPAMworf.net> on Wednesday June 15, 2011 @04:54PM (#36455110)

          We need the unsophisticated users to buy the Android phones, or there won't be any. The economy of scale has to be there. If Android phones alienate the average user, then they'll end up like the N900: kick ass, but expensive and a relative hassle to get.

          There will always be Android phones.

          However, the problem is if the perception of the Marketplace is that it's full of malware ready to steal your phone's data and cost you a fortune in long-distance and premium phone number calls, then people may shy away from downloading any app from it. (or alternative app stores for that matter, since you can't trust that they aren't sending you malware either).

          Which means to most users, Android is the phone and what it comes with - the Marketplace will simply be a "never touch" zone. Which means Android devs have a harder time.

          Heck, carriers may see this and demand that Amazon be the primary marketplace allowed on the phone as a safety measure. And if that's the case, Android devs may have to submit to Amazon's even more restrictive terms.

    • Google announced today that to avoid lawsuits from apple over the app store name and to better describe the products offered, they are changing the name to the "malware market". They were immediately sued by Microsoft who claim to have copyrighted malware infected operating systems.

  • by NitzJaaron (733621) on Wednesday June 15, 2011 @03:03PM (#36453836)
    ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process. There's a lot of controversy about apps getting blocked from the iTunes App Store, but so far there haven't been any significant outbreaks of malware/trojans like the Android platform has had. Caveat: I actively develop for both platforms, so I have no "stake" in either side. Just making a point about the open vs. closed issue in related to PII leakage risks. Let the flaming begin!
    • by vux984 (928602) on Wednesday June 15, 2011 @03:12PM (#36453936)

      ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process

      Nobody has ever really said otherwise.

      The complaints about the apple store are not that its closed. The complaint is that its the only store you are allowed to use. (both as a consumer and as a developer)

      • The complaint is that its the only store you are allowed to use.

        Well then there are no complaints to be had because the technical people that actually want alternate stores, can jailbreak and use Cydia.

        Android people don't like to acknowledge this is possible because as you say that's the only argument they have.

        • by vux984 (928602)

          Well then there are no complaints to be had because the technical people that actually want alternate stores, can jailbreak and use Cydia.

          What about non-technical people who want alternate stores?

          Why should people have to jailbreak their phone?

          Why should jailbreaking be a violation of the EULA?

          Why should we have to put up with Apple imposing any barriers whatsoever to using a non-Apple store?

          As I see it, there are still lots of complaints about the status quo. The fact that I can hack my way to a semblance

          • What about non-technical people who want alternate stores?

            Who are they? Seriously?

            Jailbreaking has had a pretty widespread adoption mostly because people want more customization of devices, the non-technical people don't really care about it for the alternate store as much...

            But the answer to your question is there are many, many people who will jailbreak phones for you now. Go into just about any small independent phone or computer store and you can have it done.

            Why should people have to jailbreak their

        • by ADRA (37398)

          Does Jailbreaking void your warranty? Oh? darn. I guess you're argument is just fallacious. If I HAVE to void my warranty in order to use alternative applications on my phone then the market concept is NOT OPEN no matter how much of a bow you wrap around it. Time to take the fanboy cool aid and sit it out for a round.

      • by bonch (38532) *

        The complaints about the apple store are not that its closed.

        What Slashdot have you been visiting?

        • by node 3 (115640)

          The complaints about the apple store are not that its closed.

          What Slashdot have you been visiting?

          The one were complaining about Apple's "walled garden", while simultaneously avoiding saying anything that might make it sound like a good thing for the customer, is worth +5 Insightful, regardless of linguistic gymnastics or factual inconsistencies involved.

          Apple's model for iOS has worked out fantastically. iOS outnumbers Android close to 2 to 1. Yet somehow, according to slashdot nerds, this model doesn't work well for consumers, and they are clamoring for alternative app stores.

      • by Brannon (221550) on Wednesday June 15, 2011 @06:19PM (#36456090)

        1. There are alternatives, you can buy an Android phone.

        2. If IOS devices made it easy to use another store, then non-technical users would be at more risk. They would get an email that said, "Hey try out this fun app" which would take them to the non-curated store, they would blindly click-through all warnings from the OS and voila, you've got a mobile experience every bit as toxic and unusable as the Windows PC experience--and you've just destroyed Apple's value proposition and their $100B market cap.

        What it really boils down to is that most of Apple's critics (a) don't care at all about non-technical users and (b) really want Apple to fail anyway so are happy to argue for Apple to adopt flexibility that would lead to financial disaster for them. Apple fundamentally disagrees on both points so you aren't going to sway them.

        But you have other options, see #1.

      • by node 3 (115640)

        ...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process

        Nobody has ever really said otherwise.

        The complaints about the apple store are not that its closed. The complaint is that its the only store you are allowed to use. (both as a consumer and as a developer)

        Um... The part you quoted said 'iOS being a "closed" platform'. Your correction is just a restatement of that.

        But, since it sounded like a way to complain about Apple, without having to acknowledge their model works, +5 Insightful!

  • What the (Score:4, Informative)

    by vajorie (1307049) on Wednesday June 15, 2011 @03:11PM (#36453924)
    Why do you not link to the original [ncsu.edu] article?!
    • That doesn't have the list of apps either. The internet is broken.
  • by TyFoN (12980) on Wednesday June 15, 2011 @03:17PM (#36454006)

    You wouldn't install Schkype from Mr Hong on your PC and you should not do that on the phone either!

  • by idontgno (624372) on Wednesday June 15, 2011 @03:19PM (#36454024) Journal

    turns up Sophos' analysis [sophos.com] of this "Plankton" malware.

    The sample of the EULA associated with the malware app (yes, malware EULAs) lists "Angry Bird Cheater" by name, so there's one of the candidates. Also, quoting the article:

    The code suggests that it is a platform, but it does not disclose its purpose. Descriptions of the apps pulled from the Android Market contain the text:

    This application is brought to you free sponsored by Choopcheec Platform. It adds a search shortcut on the home screen or application screen.

    So, "Choopcheec" seems to be a common codeword for the apps. Whatever that is.

    • by idontgno (624372)
      AAaaaand, another 10 seconds with Google tells me "choopcheec.com" has sample EULA text like the one above for one other product that Google can find: "Can You Drive".
      • by idontgno (624372)
        OOOH, the off-market AndroidZoom app website seems to not have pulled any apps down in response to this fiasco. Searching the site for "Choopcheec" returns this: [androidzoom.com]

        Angry Birds Cheater by Crazy Apps
        Chit Chat by Crazy Apps
        Snake Kaka by Phill Dig
        Angry Birds Rio Unlock by Crazy Apps
        Favorite Games Backup by Crazy Apps
        Gun Bros Helper by Crazy Apps
        Call Ender by Crazy Apps
        Angry Birds Multi User! by Crazy Apps
        Bring Me Back My Droid! by Crazy Apps
        Shak

  • In case you're wondering, that's "Author too stupid;didn't read"
    When I saw that the author apparently didn't know the difference between 'affect' and 'effect' I gave up.
    IMNSHO, If you can't get that right, you don't deserve to be read.
  • 0) Do some research on your apps before installing
    1) Stick to open source apps whenever possible
    2) don't just click through like whack-a-mole when installing... read the perms!

    Take the same precautions on your Android phone.

    • Alternatively:

      1) Install Amazon Appstore, and use it exclusively

    • by sayfawa (1099071)
      I'd like to stick to open source apps. Is there a way to tell which ones are by just looking in the marketplace, without searching on the net?

      Ok, a quick search found the oblig. wiki page [wikipedia.org]. Which says that no, you can't. But there are 3rd party lists of open source Android apps.
  • by JohnG (93975) on Wednesday June 15, 2011 @04:37PM (#36454928)
    The Android Market in general is pretty broken because of the lack of even a rudimentary review process. The other day I was looking at the new releases in the Sports Games category and there were about 5 or 6 pirated ebooks of Harry Potter, the Twilight Series and several others. Needles to say, this is not only illegal, it's in the wrong category. This has been a problem in the market since its inception and Google still has yet to do anything about it. If they are unwilling to have someone at least look over the titles and categories that an app is placed in before allowing it on the market, in order to cut back on massive copyright and trademark violations and make browsing the store by category possible, why do we think they'll take any preemptive strike against malware? Google doesn't even give Android developers a convenient way to contact them. It seems to me that they wanted the Android Market to be a set it and forget it kinda thing. Will the negatively publicity form the malware for them to change that stance? I doubt it.
    • I've noticed that from the beginning. All the apps offering (IP-infringing) ringtones and soundboards, pretty much from day one, never mind pirated ebooks and so on. I think Google's strategy is kind of the Youtube/safe harbour policy: Let people decide what they want to see, take things down on complaints.

      I'm not saying this is the smartest idea, because I tend to be quite wary about any app that has permissions I can't immediately determine (why does a calculator need full network access? Okay, perhaps
    • I do wonder how long it'll take for handset manufacturers to start preinstalling Amazon's market in addition to (or even instead of) Google's for all these reasons.

  • So I should download the Krill anti-malware suite?

    Should I be watching out for Baleen?

I cannot conceive that anybody will require multiplications at the rate of 40,000 or even 4,000 per hour ... -- F. H. Wales (1936)

Working...