Out-Law News 2 min. read
01 Jun 2011, 3:56 pm
The researchers claim that hackers used malware, which is maliciously coded software, to infect more than 30 apps that users may have downloaded.
"This weekend, multiple applications available in the official Android Market were found to contain malware that can compromise a significant amount of personal data," Tim Wyatt of Lookout mobile security said in a blog.
"At this point we believe between 30,000 and 120,000 users have been affected," Wyatt said.
"Google has removed all of the apps known to be infected from the Android Market while they investigate," Wyatt said.
Phone users do not have to access the apps on their phones to trigger the hack, Wyatt said.
The phone's identity number, the number the phone sends when it connects to the user's network, details of what handset model the device is and information about what other software is on the phone is all sent to the hackers when the infected apps are installed, Wyatt said.
"It appears that the [malicious software] is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention," Wyatt said.
"The malicious developer has inserted code that triggers when the phone receives a text message," Mikko Hypponen, Chief Research Officer with security researchers F-Secure, said in a blog.
"The added code will connect to a server and send details about the infected handset to the malware authors," Hypponen said.
Researcher Tim Wyatt said he became aware of the issue when a developer said that his application, and that of another developer, had been altered and then made available for download to users of the Android app market.
Lookout identified similar malicious coding within the manipulated apps as was present in other infected apps during a hack reported in March, Wyatt said.
"Our security team confirmed that there was malicious code grafted into these apps and identified markers associating this code with previously analyzed ... samples," Wyatt said in the blog.
Wyatt said Android phone users should only download apps from trusted sources, assess the name of the developer and the apps' reviews, and check that the app does not ask for permission it is not likely to need to operate in order to establish if it is safe to download.
Phone users should download a mobile security app and be alert to unusual behaviour on their devices, Wyatt said.
"This behaviour could be a sign that your phone is infected. These behaviours may include unusual [text messages] or network activity," Wyatt said.
Google did not respond when asked for a comment.
Last month the internet giant had to fix a problem that researchers discovered existed in almost all Android-supported devices. Hackers could gain access to phone users' log-in details, to Google Calendar, Google Contacts and possibly other services by intercepting a phone's attempts to connect to Wi-Fi networks, the researchers claimed.
Technology law news is also available from Bootlaw, a free resource for technology start-ups, with regular events hosted by Pinsent Masons.
