Code that is very suspicious is traveling around in a Chinese version of the Google tool package revealed just last weekend to from a distance clean out malicious applications off Android phones, said today by Symantec.
This version of the package that is apparently “trojanized” was discovered on a very unregulated foreign Chinese marketplace and not within Google’s own Android Market, said by Symantec in a post in their own blog.
Since quit a few apps were discovered on the Android Market just last week previously, and were downloaded into 260,000 devices, they were all removed from the marketplace by Google and which they were wiped from the phones too.
Since Symantec says a unknown person has used the “Android Market Security Tool which was used to clean up the Android’s infected with the malware, rebadged it or repacked it with their own inserted code within the tool and was apparently capable of being sent messages to be controlled over a command line server. Imagine, your own hack on someones phone being controlled by your computer, that would be cool to see but really lame if you were the user of the phone. Unfortunately there is a bright side and an evil side to owning an Android phone, but as long as you read comments on all apps on the marketplace, and read reviews of applications on the internet, making sure that the application your not downloading onto your phone is a virus, you could be a little safer than sorry.
It seems that the code has also used itself in a new security threat which is based on a project hosted on Google Code and is licensed directly in Apache License’s name, as said by Symantec.
A spokesperson from Google gave this statement after being requested to comment: “We encourage Android users to only install applications from sources that they trust”.
A number of questionable facts raise a flag to what people can be putting themselves into with these security threats on their phones, it’s seriously a risk to download any app that is not on the Android Market. If you download from the Market, you get what is verified and is known to be non-malicious.
This specific malware was discovered on the Android Market, named “DroidDream” was not just used to discover user and product information from within a Android phone but also had the skills to use it’s own code to cause alot more destruction to phones.
“we have added detection for the trojanized version of Google’s application as Android.Bgserv,” said by Symantec.
And on the side, a Kaspersky that researches threats, asked about the efficacy of the ways Google’s own Android security tool works.