Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Malicious apps found in Google’s Android online store

Rogue applications developed to steal banking credentials from users were discovered late last month in Google's Android Market online software store.

The malicious programs were disguised as a legitimate mobile banking apps and were designed to steal users' online banking credentials, according to Oregon-based First Tech Credit Union, which posted a fraud alert about the threat on Dec. 22.

The malicious apps were developed by a user with the alias Driod09, according to the financial institution.

“Droid09 launched this phishing attack from the Android Market and it's since been removed,” First Tech Credit Union said in its alert.

Users who have downloaded an app from Droid09 are being advised to immediately remove it and bring their phone to their mobile provider to ensure the program has been fully removed.

A source close to Google confirmed to SCMagazineUS.com on Monday that several applications using the names of banks, without permission, were removed from the Android Market.

The applications were investigated and Google "didn't find any malicious activity such as attempts to collect user information or passwords,” the source said. 

Google launched the Android cell phone operating system in September. At the time, Google began touting that its app store was open, making it and easier for developers to distribute their apps for Android-powered devices.

“Android Market is open to all Android application developers,” Google says on its Android Market Publisher Site login page. “Once registered, developers have complete control over when and how they make their applications available to users.”

That runs in contrast to Apple, which personally vets every application, it says, to guard customer privacy and shield users from inappropriate content. 

A Google spokeswoman told SCMagazineUS.com in an email Monday that applications on Android Market that identify themselves with third-party marks [such as bank names] without permission are not allowed.

"If an application violates the content policy, we will remove it from Android Market, and developer accounts will be terminated for repeated violations," a Google spokeswoman said.

[An earlier version of this story was corrected Tuesday, January 12, 2010 at 3:20 p.m. EST. The earlier story reported that First Tech Credit Union and Travis Credit Union customers were targeted by the rogue application. They were not.]


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.