As earlier reported, A series of applications emerged on one of the fastest growing App Store, containing malicious code. Google’s Android Market has been successful enough to pull down the said software from the portal immediately while also removing such apps from the affected devices.
Taking matters seriously, the company unveiled plans concerning the security of Android users, while ensuring users to get the malicious software removed from the affected phones completely.
The malicious apps took advantage of vulnerabilities that existed in Android versions prior to 2.2.2, but were fixed with newer versions of the OS.
In a recent blog post:
On Tuesday evening, the Android team was made aware of a number of malicious applications published to Android Market. Within minutes of becoming aware, we identified and removed the malicious applications. For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).
One of the first step which Google took was to suspend associated developer accounts from the Android Market linked to the malicious apps. Furthermore, the company is removing the malicious applications from affected mobile phones and is deploying an Android Market security update to all devices that were affected by the attack.
Google is adding more measures aimed at preventing the inclusion of other malicious applications from being distributed through Android Market.
via [Download Squad]