Malicious apps found in Google's Android online store

Share this article:

Rogue applications developed to steal banking credentials from users were discovered late last month in Google's Android Market online software store.

The malicious programs were disguised as a legitimate mobile banking apps and were designed to steal users' online banking credentials, according to Oregon-based First Tech Credit Union, which posted a fraud alert about the threat on Dec. 22.

The malicious apps were developed by a user with the alias Driod09, according to the financial institution.

“Droid09 launched this phishing attack from the Android Market and it's since been removed,” First Tech Credit Union said in its alert.

Users who have downloaded an app from Droid09 are being advised to immediately remove it and bring their phone to their mobile provider to ensure the program has been fully removed.

A source close to Google confirmed to SCMagazineUS.com on Monday that several applications using the names of banks, without permission, were removed from the Android Market.

The applications were investigated and Google "didn't find any malicious activity such as attempts to collect user information or passwords,” the source said. 

Google launched the Android cell phone operating system in September. At the time, Google began touting that its app store was open, making it and easier for developers to distribute their apps for Android-powered devices.

“Android Market is open to all Android application developers,” Google says on its Android Market Publisher Site login page. “Once registered, developers have complete control over when and how they make their applications available to users.”

That runs in contrast to Apple, which personally vets every application, it says, to guard customer privacy and shield users from inappropriate content. 

A Google spokeswoman told SCMagazineUS.com in an email Monday that applications on Android Market that identify themselves with third-party marks [such as bank names] without permission are not allowed.

"If an application violates the content policy, we will remove it from Android Market, and developer accounts will be terminated for repeated violations," a Google spokeswoman said.

[An earlier version of this story was corrected Tuesday, January 12, 2010 at 3:20 p.m. EST. The earlier story reported that First Tech Credit Union and Travis Credit Union customers were targeted by the rogue application. They were not.]


Share this article:

Sign up to our newsletters

More in News

Medical transcription provider settles data security charges

GMR Transcription Services in California agreed to settle FTC charges related to its security practices.

Researcher hacks network connected devices in own home

Researcher hacks network connected devices in own home

In his own home, a researcher was able to hack various network connected devices that are not computers and mobile phones.

Study: Most higher ed malware infections attributed to 'Flashback'

Study: Most higher ed malware infections attributed to ...

Flashback caused a stir in 2012 when some 650,000 Macs were infected with the malware.