Google pulls more malware from Android Market

From InfoWorld: Google removed more malware-infected applications from its Android Market last week, according to a security researcher who reported the rogue software to the company.

On June 5, Google yanked 10 apps from the market after Xuxian Jiang, an assistant professor in computer science at North Carolina State University, reported his findings to the company.

Jiang published an analysis of the malicious code, dubbed "Plankton," in a blog post last Thursday.

Andrew Brandt, lead threat research analyst at Webroot, has also dug into Plankton.

"It has the ability to remotely access a command-and-control [C&C] server for instructions, and upload additional payloads," Brandt said in an interview Friday. "It uses a very stealthy method to push any malware it wants to phone."

Unlike other code embedded in apps that have appeared in the market, Plankton doesn't rely on a vulnerability to "root," or gain complete control of the smartphone, said Brandt. Once the victim has installed the bogus app, however, Plankton can call in other files from the hacker-controlled server, including ones that would exploit one or more unpatched Android bugs.

View: Article @ Source Site