For months now I've been writing about the security problems with Google's Android operating system. Now yet more malware has been found in the Android marketplace, this time by security researchers.
The news, which was reported by ComputerWorld, said that four new malware apps were discovered on Friday by Lookout Security that were infected by a variant of the DroidDream Light virus. This is now the third time this year that this particular malware has been found in the Google marketplace.
Yesterday though, North Carolina State University researchers found new malware that would force Android phones to text premium rate numbers. According to ComputerWorld, Google has been forced to pull over 80 infected applications from its app store since March this year.
In a poor attempt to defend themselves, Google said in a blog post that "Fortunately the malware was available in the Android Market for a short period of time so the number of downloads was limited to 1,000-5,000." How the company can possible claim that up to 5,000 people's smartphones and tablets have been infected is 'fortunate' would need explaining to many people.
Ever increasing volumes of malware are being found on the Android marketplace and security researchers from across the world are warning repeatedly about the dangers posed by downloading them. These malware apps can do everything from texting and calling premium rate numbers, to stealing your personal and contacts information and email and other log-in information.
Currently the Android platform offers no protection from these apps and Google simply aren't being proactive enough in preventing them from appearing on their app store to begin with.
The problem stems from the open nature of the platform. App developers don't have to submit apps for rigorous testing in the way they do for Apple and Microsoft smartphone and tablet platforms. This is one of the factors that has allowed Android to become so popular in the last year and to build up huge numbers of available apps.
Furthermore, the open-course nature of the operating system gives malware writers unfettered access to Android source-code which they can use to refine and test their malware, to make sure that it remains as hidden and as deadly as possible.
Neither of these are problems facing Apple, Microsoft, RIM or HP on their own platforms. The problem is compounded however by a lack of clear communication and information from Google to their customers. Most Android users will be completely unaware that any malware problem exists on the platform. Obviously Google aren't too keen to highlight this to them as it would clearly damage sales, and harm the reputation of their operating system.
Also, the company has made no moves towards tightening up control of their own app store, or locking down specific features within the OS to prevent malware from actioning requests unless specifically called by the user.
Clearly something is going to have to give. Android is the most vulnerable operating system currently available and either Google will have to step in soon and take positive action to defend their platform against the threat, or the ever growing volume of negative publicity their action is bringing will eventually come to the attention of the mainstream press.
Xuxian Jiang, an assistant professor of computer science at North Carolina State University offered this advice to Android users keen to avoid malware on their devices. He said to make certain that the permissions an app requests from you match the permissions you would expect that app to have, while Lookout security said "Use common sense to ensure that the permissions an app requests match the features the app provides".Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.