Google to boost Android security after attacks

Google to boost Android security after attacks

Google has moved to tighten security on its Android platform following last week's widespread malware attacks, but questions remain over Google's response.

As many as 50 pirated applications were posted to the Market app store last week, each containing malware called DroidDream that snooped on phones.

Google was initially tight-lipped over the attacks, but has now confirmed it removed the malware from the Market and zapped it from infected handsets over the airwaves using its “kill switch” tool.

“We are remotely removing the malicious applications from affected devices,” the security lead Rich Cannings said on the company's official Mobile Blog. “This remote application removal feature is one of many security controls the Android team can use to protect users from malicious applications."

With Android facing criticism from end users over the incident, Google said it would review the security processes for flagging infected apps, although it has yet to provide any specifics.

“We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market," Cannings said. "And are working with our partners to provide the fix for the underlying security issues.”

However, the company's claim that it removed the malware “within minutes of becoming aware,” contradicts comments from developers who said they informed Google that infected copies of their apps had been posted to Market more than a week before the company took action.

It may be that the promised new measures include a review of reporting processes for flagging malware, or at least cross-checking reports of cloned apps more carefully to see whether the reported apps contain malware, as well as being pirated.

Google said it thought the malware was only able to steal information about handsets - not users - but admitted that “given the nature of the exploits, the attacker(s) could access other data”.

And amid mounting concern over whether Market's publishing model, which allows developers to post to the app store without moderation, Google warned consumers should be more wary.

“We always encourage you to check the list of permissions when installing an application from Android Market,” Cannings said.

This article originally appeared at pcpro.co.uk

Source: Copyright © Alphr, Dennis Publishing

See more about:  google  |  boost  |  android  |  security  |  attacks
 
 
Latest articles on BIT Latest Articles from BIT
Epson's 100ppm inkjet coming soon
24 Mar 2017
The Epson WorkForce Enterprise is the "most powerful office printing system ever built", capable ...
ReadyNAS RN214 review: Netgear's easy-to-use four-bay NAS
16 Mar 2017
Looking for a business-class four-bay network-attached storage device that’s easy to use? ...
How the CIA hacking tools allegedly work: inside the WikiLeaks files
8 Mar 2017
WikiLeaks reveals how the CIA has allegedly hacked into Samsung TVs, iPhones, Android phones, ...
Spammers 'leak database of 1.4 billion users'
8 Mar 2017
Spammer's data hoard – which includes real names, email addresses and in some cases home ...
Beware of fake 'ASIC' email carrying ransomware
6 Mar 2017
Security provider MailGuard says it has detected "one of the largest-scale fraud inundations" in ...

Latest Comments

Latest Competitions

WIN! One of ten double passes to see Ghost in the Shell! 

WIN! One of ten double passes to see Ghost in the Shell!

Scarlett Johansen stars as a special forces cyborg in the first live-action adaptation of the seminal manga series.
 

From our Partners

PC & Tech Authority Downloads