Last month, a Google employee responded to a report about increased Android malware by accusing virus companies of "playing on fears," but he may want to change his tune — a recent wave of attacks by a threat called RuFraud has caused Google to remove a total of 27 malicious apps from the Android Market. Mobile security company Lookout says it began notifying Google last week of the malware, which tricks users into agreeing to SMS charges by mimicking well-known apps such as Angry Birds and Cut the Rope. While the first reported attack included nine apps that were downloaded by relatively few users, the second wave of 13 apps may have reached a wider audience — Lookout estimates over 14,000 downloads of the apps before Google pulled them from the Market. Based on the short codes found in RuFraud, it appears to only affect users in Eastern Europe as well as Great Britain, Italy, Israel, France, and Germany. What's more worrisome is that premium SMS toll fraud apps have been on the rise in recent months, and given the lack of a strict Android Market approval policy, there's little reason to think that these attacks couldn't be continued or even duplicated.
Google removes 27 apps from Android Market in response to RuFraud malware threat
There are 89 Comments. Add yours.
I need a flamesuit and some popcorn.
Posted on Dec 14, 2011 | 4:01 PM EST reply Recommend (17) Flag actions
FLAME ON!
Posted on Dec 14, 2011 | 4:02 PM EST reply Recommend (3) Flag actions
asbestos popcorn?
Posted on Dec 14, 2011 | 4:15 PM EST reply Recommend (2) Flag actions
Mmmmmm cancer tastes yummy!
Posted on Dec 14, 2011 | 4:17 PM EST reply Recommend (1) Flag actions
I like android, even though i’m on WP7…but it does have some serious fundamental issues. As nice as a non curated app store can be in terms of speed of updates (seriously, there isn’t a day i don’t have an update for an app), and creative apps….with the large number of users they should divde their official store with approval based submissions and then a wild west store that is up to the user to decide if an app is safe or not.
Posted on Dec 14, 2011 | 4:03 PM EST reply Recommend (2) Flag actions
Or they could follow Xbox Live and have a Google-approved curated section and a community-approved “indie” section.
Posted on Dec 14, 2011 | 4:09 PM EST reply Recommend (2) Flag actions
Those have a little badge near their name – Top Developer.
Posted on Dec 14, 2011 | 6:37 PM EST reply Recommend (1) Flag actions
My guess would be that this is an all or nothing thing. There is a ton of copyright infringement on the Market and the only way Google gets away with this is to not curate anything.
Posted on Dec 14, 2011 | 4:14 PM EST reply Recommend Flag actions
I think app developers or the apps themselves (or both?) should get “rep points” so the longer they go without any REAL complaints the better their “rep” gets.
And not to say a 0% rep would be something to avoid, it would be to “watch” versus ones with negative rep points being up for review to be removed.
Posted on Dec 14, 2011 | 4:31 PM EST reply Recommend (2) Flag actions
Well the current android market has a user rating scale that gives the average rating.
Posted on Dec 14, 2011 | 4:35 PM EST reply Recommend Flag actions
Rep bots… I can see it now…
Posted on Dec 14, 2011 | 4:36 PM EST reply Recommend (1) Flag actions
I don’t use Android, so I’m not familiar with the app store, but couldn’t they do something like what Amazon does with resellers?
Posted on Dec 14, 2011 | 4:36 PM EST reply Recommend Flag actions
What would that achieve?
Posted on Dec 14, 2011 | 4:42 PM EST reply Recommend Flag actions
That is also counting that enough people recognize its malware and report it as such.
Posted on Dec 14, 2011 | 5:19 PM EST reply Recommend (2) Flag actions
If the seller rating is low, you know not to trust them, and thus the amount of malware downloaded will decrease.
Posted on Dec 14, 2011 | 10:57 PM EST reply Recommend Flag actions
This is why you need to have your carrier block texts on your number and use Google Voice. Seriously, if you’re on Android, and you’re paying for texts, you’re doing it wrong.
Posted on Dec 14, 2011 | 4:11 PM EST reply Recommend (1) Flag actions
Agreed. If you use Android you should block all calls, text and data for fear of all the malware and spyware. Pull the battery too.
Posted on Dec 14, 2011 | 4:14 PM EST reply Recommend (18) Flag actions
lol
Posted on Dec 14, 2011 | 4:22 PM EST reply Recommend (2) Flag actions
Also throw away the battery
Posted on Dec 14, 2011 | 4:31 PM EST reply Recommend (2) Flag actions
just toss the phone away as well and use a phone booth if you need to keep in touch. oh wait, you cant since they have been removing them. Just use smoke signals then
Posted on Dec 14, 2011 | 4:33 PM EST reply Recommend (1) Flag actions
How would a booth for your phone protect you?
Posted on Dec 14, 2011 | 4:45 PM EST reply Recommend (2) Flag actions
:face palm:
http://thumbs.dreamstime.com/thumblarge_231/1201845417mtB1by.jpg
Posted on Dec 14, 2011 | 4:47 PM EST reply Recommend (1) Flag actions
Looks expensive, where can I order one?
Posted on Dec 14, 2011 | 4:56 PM EST reply Recommend (5) Flag actions
It’s tough these days, but you can easily find one if you can afford to travel down to 1995.
Posted on Dec 14, 2011 | 5:01 PM EST reply Recommend (3) Flag actions
Oh, it’s a relic. I’ve been working on a time machine in my mom’s basement but it only travels to the future… damn Grandfather paradox. I’ll check Ebay.
Posted on Dec 14, 2011 | 5:18 PM EST reply Recommend (3) Flag actions
Can I interest you in these two cans and a piece of string?
Posted on Dec 14, 2011 | 4:51 PM EST reply Recommend (2) Flag actions
yes please! lol
Posted on Dec 14, 2011 | 4:55 PM EST reply Recommend (1) Flag actions
Oh come on, anybody can copy and paste from the Norton sales manual!
Posted on Dec 14, 2011 | 4:38 PM EST reply Recommend (1) Flag actions
I was wondering how long it would take for the first Android hate post would hit. Fifteen minutes. That’s all it took.
Posted on Dec 14, 2011 | 5:11 PM EST reply Recommend Flag actions
because you say so? Sorry but use common sense and none of this would happen.
Posted on Dec 14, 2011 | 4:32 PM EST reply Recommend Flag actions
Outside of the US, texts are included in your plan you don’t pay for them separately..
Posted on Dec 14, 2011 | 4:37 PM EST reply Recommend (1) Flag actions
Not premium texts
Posted on Dec 14, 2011 | 4:39 PM EST reply Recommend Flag actions
Define “premium” texts
Posted on Dec 14, 2011 | 4:39 PM EST reply Recommend Flag actions
Some numbers entail a premium service – you text them it doesn’t just cost the standard text fee.
http://en.wikipedia.org/wiki/Premium_SMS#Premium-rated_short_messages
Posted on Dec 14, 2011 | 4:40 PM EST reply Recommend (1) Flag actions
one time I order something online and I entered my billing info, email and phone number. 3 months later I realized that I was been charged premium txt for 9.99 a month.
Posted on Dec 14, 2011 | 6:52 PM EST reply Recommend Flag actions
Yes obviously not premium texts. What I’m saying is, you can’t exactly block your texts if you live outside of the US, which is where this malware was targetting (Europe).
Posted on Dec 14, 2011 | 4:43 PM EST reply Recommend (1) Flag actions
Oh, fair point.
Posted on Dec 14, 2011 | 4:44 PM EST reply Recommend Flag actions
but malware is everywhere and blocking texts wont do a damn thing as malware is malware and it can get on your phone regardless if you block texts
Posted on Dec 14, 2011 | 4:44 PM EST reply Recommend Flag actions
The network operator can block the SMS service altogether.
Posted on Dec 14, 2011 | 7:08 PM EST reply Recommend Flag actions
and US carriers like Sprint has them included. But I refuse to use some ugly app that looks like it came from 2003 that only supports other google voice users and the fact that oyu need a new phone number when I can just use the stock SMS app that came with my rezound.
Posted on Dec 14, 2011 | 4:39 PM EST reply Recommend Flag actions
Yes the app is ugly, but I don’t know where you got that bit about only working with other Google Voice users. It functions as a normal SMS service. Just wait for your contract to expire and port your number over.
Posted on Dec 14, 2011 | 6:41 PM EST reply Recommend Flag actions
2013. I think I’m good anyway.
Posted on Dec 14, 2011 | 11:09 PM EST reply Recommend Flag actions
Its like fishing turds out of a septic tank. lol
Posted on Dec 14, 2011 | 4:12 PM EST reply Recommend (4) Flag actions
I have to admit that I am starting to find this troubling, Its getting pretty hard to just shrug it off.
Posted on Dec 14, 2011 | 4:23 PM EST reply Recommend (1) Flag actions
No, it is easy to shrug off. They repackage things like angry birds from the wrong developer, and they release this stuff on apps that are CLEARLY not even worth the download if they made it themselves.
If they weren’t lazy thieves they’d just make an app that actually made money.
I scrutinize everything I download, a habit I learned from owning computers.
Posted on Dec 14, 2011 | 4:33 PM EST reply Recommend (4) Flag actions
The problem is that not everybody thinks that way, especially people who didn’t grow up with technology. To them, they’re selecting a service on an app that came supplied with their device, so they presume it is safe.
Posted on Dec 14, 2011 | 4:43 PM EST reply Recommend (5) Flag actions
That’s exactly it. They buy a consumer device, they expect consumer levels of service.
You buy a box of wheaties from Walmart and it has A dog turd in it, you sue. You aren’t expected to have read the small print that says "may contain canine faeces
"
Posted on Dec 14, 2011 | 4:56 PM EST reply Recommend (4) Flag actions
These apps are not pre-installed on the devie when you buy it.
If you buy a box of Wheaties and some guy comes up to you in the parking lot and sells you a turd for your Wheaties, you take some of the responsibility for turds in your Wheaties.
Posted on Dec 14, 2011 | 5:17 PM EST reply Recommend (1) Flag actions
But you are not buying from some guy in a parking lot, you are buying from Google, one of the biggest brand names on the planet.
Posted on Dec 14, 2011 | 5:56 PM EST reply Recommend (3) Flag actions
Except that you aren’t.
Posted on Dec 14, 2011 | 7:15 PM EST reply Recommend Flag actions
You are buying it from Google’s Market.
Posted on Dec 14, 2011 | 8:02 PM EST reply Recommend (4) Flag actions
You are. Google runs the market and take a comission for it so they are legally responsible for its content
Posted on Dec 15, 2011 | 4:40 AM EST reply Recommend (3) Flag actions
Android market is installed on the device isn’t it?
Posted on Dec 14, 2011 | 5:58 PM EST reply Recommend (2) Flag actions
So the owner of the parking lot is responsible for the botched drugs you got from a dealer there?
Seriously, how can they fix this particular problem? Ban all SMS interaction? It’s not like these apps did not explicitly request a permission to send SMSes.
Posted on Dec 14, 2011 | 7:26 PM EST reply Recommend Flag actions
They can actually be serious about curating the app store.
This malware is easy to spot remember, we’re repeatedly told that no sensible android user could possibly fall for it. So it should be trivially easy for Google to employ some sensible android users to spot it shouldn’t it?
Claiming that Google is powerless in this is ridiculous.
Posted on Dec 14, 2011 | 9:25 PM EST reply Recommend (4) Flag actions
The question is, where will most smartphone customers want to hang out, in a store, or the parking lot outside?
Posted on Dec 14, 2011 | 7:54 PM EST reply Recommend Flag actions
You’re right. The average user assumes that if the application is coming from software store “in” their phone, it’s probably safe. Also, not everyone checks permissions. Permissions need to be in the main description, not in a separate tab or via a list item.
Posted on Dec 14, 2011 | 4:57 PM EST reply Recommend (1) Flag actions
If you want to install an app the confirmation screen has the permission. Again though, an average consumer doesn’t care to read about that stuff.
Posted on Dec 14, 2011 | 5:21 PM EST reply Recommend (2) Flag actions
Exactly. And, if it ever comes to court on this sort of thing, I suspect it will be judged that the consumer should not be expected to have the knowledge to make that decision.
The consumer should have an expectation that the goods or services they buy from a reputable vendor are fit for purpose. They shouldn’t have to check its permissions and more than they should have to check for dogshit
Posted on Dec 14, 2011 | 5:55 PM EST reply Recommend (1) Flag actions
Legally I would disagree. The name of the permission is “Services that cost you money. Directly call phone numbers, send SMS messages”. And the description says that a malicious or defective software can result in charges on your bill.
In addition, no single court in Europe has reversed the initial charges of those services. The monthly services that those trick you into have been tough.
Posted on Dec 14, 2011 | 7:33 PM EST reply Recommend Flag actions
I can afford some SMS charges. Any day now, I’m getting millions from my uncle who passed away in Nigeria. I just sent a check out to pay for lawyers to expedite the will.
Posted on Dec 14, 2011 | 4:24 PM EST reply Recommend (13) Flag actions
Stop the malicious software! Eh nevermind, it can’t be stopped
Posted on Dec 14, 2011 | 4:27 PM EST reply Recommend Flag actions
IOS > Android > WP7
u mad bro?
…just saying
Posted on Dec 14, 2011 | 4:30 PM EST via mobile reply Recommend (2) Flag actions
Symbian > Everything.
I can use greater than signs too! Doesn’t mean it’s right though.
Posted on Dec 14, 2011 | 6:17 PM EST reply Recommend (2) Flag actions
:D
Posted on Dec 14, 2011 | 7:50 PM EST via mobile reply Recommend Flag actions
Sadly this is the price you pay for an “open platform”. now before you fanboys throw some fire at me, I own an android phone. I love the platform, just not the whole app store.
Posted on Dec 14, 2011 | 4:35 PM EST reply Recommend (1) Flag actions
Me too. I wish the market wasn’t open. 14,000 people is a lot..
Let’s have a guess and say it cost each user £10 (could be 50+ for all I know), that’s £140,000! God knows how much it actually cost people, maybe it ran their bills into the hundreds, and can you get the money back? Probably not :/
Malware is a serious problem with Android, that’s a fact.
Posted on Dec 14, 2011 | 4:40 PM EST reply Recommend (3) Flag actions
It is and I’m one of the few android users who can admit to that and not be afraid of it.
Posted on Dec 14, 2011 | 4:41 PM EST reply Recommend (2) Flag actions
Does anyone check the code when apps are submitted to the Android market? I know WP7 apps are checked (because I’m a student developer and I’ve submitted apps to the WP7 Marketplace) and it only takes a day or two. I know iOS takes a while, because I’ve read tweets and blog posts from developers commenting on how long it was taking to get their app approved.
So, what is Google doing to check apps? I’m sincerely asking… so, hopefully a developer will respond.
Posted on Dec 14, 2011 | 4:36 PM EST reply Recommend (1) Flag actions
I’m not a developer but I think there is supposed to be some form of automated screening process that goes into it.
Posted on Dec 14, 2011 | 4:37 PM EST reply Recommend (2) Flag actions
There is. This is a very different type of “attack”, it can’t be screened by any automated process.
iOS avoids this by not having direct SMS API.
Posted on Dec 14, 2011 | 7:37 PM EST reply Recommend (1) Flag actions
…and by having human beings review its apps.
Posted on Dec 14, 2011 | 7:57 PM EST reply Recommend (1) Flag actions
Yes, they sometimes blindly approve applications and pull them when the press mentions a problem.
Posted on Dec 15, 2011 | 2:50 AM EST reply Recommend (1) Flag actions
To be honest most of it is automated but, yes, they do have humans checking as well
Posted on Dec 15, 2011 | 4:43 AM EST reply Recommend (1) Flag actions
It is automatically screened for malware and spyware, and you also can read the permissions the app has when you download it
Posted on Dec 14, 2011 | 4:39 PM EST reply Recommend (1) Flag actions
even then, those can lie.
Posted on Dec 14, 2011 | 4:40 PM EST reply Recommend Flag actions
I’m not sure if the permissions can lie, because if the program calls the dialer, I would imagine the algorithm Google uses would find the line of code which calls the dialer. But, from that point, does a real person investigate the application’s purpose of calling the dialer? I mean, these malicious apps seem to imply otherwise.
Posted on Dec 14, 2011 | 4:53 PM EST reply Recommend Flag actions
It’s actually much simpler. Each application contains a manifest file, which contains each and every permission that app want’s to have. And developers have to add the permission, without it trying to run the code that requires permission in manifest will only throw a runtime error (force close).
Posted on Dec 14, 2011 | 6:30 PM EST reply Recommend (2) Flag actions
I see. Thanks for clearing it up.
Posted on Dec 14, 2011 | 10:59 PM EST reply Recommend Flag actions
Google needs to get control over its marketplace!
Posted on Dec 14, 2011 | 4:45 PM EST reply Recommend (2) Flag actions
Reactions I expect to see on this thread..
Android user: “This is a cause for concern and Google should do more to curb this.”
Android fanboy: “Well, if users don’t check and scrutinize app permissions, they deserve to get malware! It’s called common sense, people!”
Apple user: “Thank god for a curated app store.”
Apple fanboy: “So much for openness! Oh and we don’t worry about malware on the Apple Appstore™”
WP7 user: “It’s a problem I’m glad I don’t have”
WP7 fanboy: “WP7 > iOS > Android”
Posted on Dec 14, 2011 | 4:46 PM EST reply Recommend (17) Flag actions
pretty much. Though the “users” are true “fan boys” while the “fan boys” are just kids looking to impress people,
Posted on Dec 14, 2011 | 4:48 PM EST reply Recommend Flag actions
That just won the thread.
Posted on Dec 14, 2011 | 4:48 PM EST reply Recommend (2) Flag actions
Nice one. :p
Posted on Dec 14, 2011 | 5:33 PM EST reply Recommend Flag actions
I don’t know why I even bothered to scroll through the comments.
Posted on Dec 14, 2011 | 5:21 PM EST reply Recommend (1) Flag actions
me nether
Posted on Dec 14, 2011 | 6:58 PM EST reply Recommend Flag actions
I don’t understand why google removes theses apps? Competition is good for consumers. I thought android was open source at least I can can side load these.
Posted on Dec 14, 2011 | 8:17 PM EST reply Recommend Flag actions
Did you read the article?
Posted on Dec 15, 2011 | 8:58 AM EST reply Recommend Flag actions
Android Market is kind of like Torrents. Only silly people get malware from them.
Posted on Dec 15, 2011 | 4:51 AM EST reply Recommend Flag actions
Something to say? Choose one of these options to log in.