International security specialist Kaspersky Lab says more free applications are appearing on Google’s Android Market that are infected by malicious software, or malware.
The company says the applications look legitimate, but are actually copies of applications injected with code that infects Android devices with Trojans.
Malware analyst at Kaspersky Timothy Armstrong says one example the company identified was the Super Guitar Solo application.
He says the app contains code called “rage against the cage”, which is a root exploit that allows the application access to super-user privileges on Android devices.
“Once somebody gains super-user rights, they have full administrator level access to the phone’s operating system. In this case the exploit was launched without the owner’s consent,” says Armstrong.
He says the application gathers information about the infected device and its user and uploads the data to a remote server.
“This discovery is important because, until now, most Android malware has been found outside of the Android Market, which requires a number of special steps to be taken in order to infect phones. In this case, users are even able to install from the Web with the new Android Market format,” he says.
Armstrong says Google has made an attempt to stop the malicious applications by removing the corresponding download pages. It also launched an application called Android Market Security Tool for the remote removal of infected applications.
However, he says Google’s application does not fix the vulnerability; it simply removes the application known to be malicious.
“We strongly recommend that users always check all the permission requests from an application during installation and to always think twice before jail-breaking or rooting their smartphones,” Armstrong says. — Staff reporter, TechCentral
- Image: Laihiu