Google yesterday admitted that up to 260,000 smartphones have been hacked after handset users unwittingly downloaded virus-infected apps. The threat came to light last week when the technology giant was forced to withdraw at least 50 apps from its official Android Market.Google operated a ‘killswitch’ and remotely removed all of the affected apps from peoples’ phones. The firm has now sent text messages warning those affected that the malicious applications could access their personal information and take control of their handset.
Studies have found that the dodgy applications were downloaded after they had been repackaged with a code that corrupted them. Google Android is an open-source software stack for mobile devices that includes an operating system, middleware and key applications.
The deadly apps were simply copies of existing programs which had malware DroidDream found in them, and were swiftly taken off the site and recalled - but not before affecting hundreds of thousands of users.
DroidDream fires sensitive data, such as a phone's unique ID number, to a remote server. In addition the malware will check if the phone has been infected already. If it hasn't the program bypasses security controls and hands its creator access to the handset.
This means that the user can access information, including passwords for other personal things. Security expert Mikko Hypponen said the incident is embarrassing for Google because it shows the firm hasn't fully tested the safety of its apps.
No comments:
Post a Comment