Androids Hijacked by Innocent-Looking Apps
posted Friday Mar 4, 2011 by Scott Ertz

We've talked in the past about the benefits and issues from Android's lack of approval process for apps. This week, the fears we had about the process came true when Google was forced to remove 50+ apps from the Android Marketplace for containing malware. Yes, there are now distributed viruses and bots for Android.
While other OS developers have known that anytime data can be installed to a device from outside the developer's direct control there can and will be malware, Google seemed to think that they were above it. Microsoft doesn't include a web browser on their Xbox 360 console just for this reason. Google, however, was brought kicking and screaming into the real world when as many as 200,000 devices became infected with DroidDream, a rootkit malware, installed through these apps.
To find out what happened and how Google responded, hit the break.
Google, once informed about the issue, "suspended" these apps from the marketplace. Suspension suggests that they will eventually be reinstated after some sort of investigation process. It also suggests that the apps were not removed from the infected devices. In fairness, it is probably now impossible for the apps to be remotely wiped since the devices have been rooted.
What's all the fuss about? Well, DroidDream roots the device, which gives the developer complete access to your phone. It immediately takes your IMEI, model number, partner (service provider), language, country, userID and more and sends it to a remote server. After the offenders have this information, they proceed to download new code to your phone. At that point, they could have it acting like and normal computer bot - sending spam, attacking other devices, etc. Working off of a wireless device, however, makes it harder to track and harder to fix without a complete system restore.
It would appear now that Apple may have had the right idea with their rigorous testing process, as much as that pains me to say. What do you think? Is this the first of many malware attacks through the Marketplace or will Google start testing apps before publishing them? Let us know below.