Google is removing a number of malicious apps from Android smartphones through a remote wipe and is stepping up the operating system’s security after thousands of smartphones were infected by apps published to Android Market last week.
The apps contained malware capable of gathering device identification codes on Android smartphones using older versions of the operating system. Devices using Android 2.2.2 or higher were not vulnerable to the attack, Google said.
“For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device). But given the nature of the exploits, the attackers could access other data, which is why we’ve taken a number of steps to protect those who downloaded a malicious application,” said Android security lead Rich Cannings in a post on Google’s mobile blog.
Google removed the malicious apps from Android Market and suspended the developer accounts associated with the apps last Tuesday. Tech blogs estimate that 58 different malicious apps were downloaded onto approximately 260,000 smartphones before being removed from Android Market.
The company is now in the process of remotely removing the malicious applications from affected devices and is pushing a security update to all affected devices to prevent the people behind the malware from accessing any more information from affected devices. Cannings said Google also is “adding a number of measures” to block malicious applications from being published to Android Market.
Android users affected by the malware will be notified by e-mail and will receive a notification on their device that “Android Market Security Tool March 2011” has been installed. Users may also be notified if Google removes apps from their phone.
Comments on Google’s blog post about the malware attack showed some Android users were uneasy about why the apps were published to Android Market, Google’s response to the apps and its decision to use a remote wipe to address the problem. Some questioned the timeliness of Google’s response to the malicious apps, while others expressed reservations about Google’s ability to remove apps from their smartphones without prior permission.
Android is not the only operating system to employ remote wipes. The technology is commonly used in other mobile operating systems for security purposes.