Google Pulls 22 SMS Fraud Apps Off Android Market

Google has had to remove from the Android Market 22 so-called  RuFraud malware applications which send automated messages to premium rate lines.

The apps are the latest pieces of malicious software to be uploaded to the Android Market and come at a time when security experts are warning that malware developers are increasingly turning their attention to Google’s mobile operating system.

Don’t download Twilight

According to mobile security firm Lookout, a batch of apps was uploaded to the market last week, disguised as horoscope apps which had hidden terms of service agreements indicating charges.

The apps  presented users with a single option to continue, which was seen as an acceptance of the premium charge. Lookout has called the apps “RuFraud” for “Russian Fraud” because they are often found on Russian download sites.

Lookout said that there had been numerous instances of premium SMS toll fraud apps in the last few months which affected users in a number of European countries, including the UK, but not North America, as the SMS code is generated by the users SIM card.

The firm notified Google of nine identical apps which posed as wallpaper apps for movies such as Twilight and popular games Angry Birds and Cut the Rope. These were downloaded by just a handful of users and the threat was supposedly minimal.

However 13 more apps, published under the name Logastrod, found their way onto the Market, again masquerading as games. These trojanised copies of free games added code to send SMS messages to premium rate numbers.

Google responded swiftly but was not fast enough to stop over 10,000 users downloading the malicious software.

Security Fears

“We have already stated several times that the requirements for becoming an Android developer that can publish apps to the Android market are far too relaxed. The cost of becoming a developer and being banned by Google is much lower than the money that can be earned by publishing malicious apps,” commented Vanja Svajcer, principal virus researcher at Sophos. “The attacks on Android Market will continue as long as the developer requirements stay too relaxed.”

Over 10 billion apps have been downloaded from the Android market, which boasts a catalogue over 200,000 applications, however the security of the store has been a concern for many, with infected apps often being uploaded.

In March, Google removed over 50 malicious apps, making use of the remote kill feature which removes apps from infected devices, while in June it had to remove another 10 spyware applications.