Google has had to remove from the Android Market 22 so-called RuFraud malware applications which send automated messages to premium rate lines.
The apps are the latest pieces of malicious software to be uploaded to the Android Market and come at a time when security experts are warning that malware developers are increasingly turning their attention to Google’s mobile operating system.
The apps presented users with a single option to continue, which was seen as an acceptance of the premium charge. Lookout has called the apps “RuFraud” for “Russian Fraud” because they are often found on Russian download sites.
Lookout said that there had been numerous instances of premium SMS toll fraud apps in the last few months which affected users in a number of European countries, including the UK, but not North America, as the SMS code is generated by the users SIM card.
The firm notified Google of nine identical apps which posed as wallpaper apps for movies such as Twilight and popular games Angry Birds and Cut the Rope. These were downloaded by just a handful of users and the threat was supposedly minimal.
However 13 more apps, published under the name Logastrod, found their way onto the Market, again masquerading as games. These trojanised copies of free games added code to send SMS messages to premium rate numbers.
Google responded swiftly but was not fast enough to stop over 10,000 users downloading the malicious software.
“We have already stated several times that the requirements for becoming an Android developer that can publish apps to the Android market are far too relaxed. The cost of becoming a developer and being banned by Google is much lower than the money that can be earned by publishing malicious apps,” commented Vanja Svajcer, principal virus researcher at Sophos. “The attacks on Android Market will continue as long as the developer requirements stay too relaxed.”
Over 10 billion apps have been downloaded from the Android market, which boasts a catalogue over 200,000 applications, however the security of the store has been a concern for many, with infected apps often being uploaded.
In March, Google removed over 50 malicious apps, making use of the remote kill feature which removes apps from infected devices, while in June it had to remove another 10 spyware applications.
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…