Google suffered a black eye with the malware that targeted dozens of Android Market apps last week. But even as users clean out their phones, now comes this: the Android Market Security Tool released by Google has been copied to third-party alternative Android markets and it is itself embedded with malware.
The latest incident shows that it’s not that easy to keep a multifaceted mobile app ecosystem free of malware.
On March 6, Google published the app “Android Market Security Tool” to undo the effects of Android.Rootcager, a trojan horse that steals information from Android devices. The app was pushed to devices of users who had downloaded and installed infected apps.
But Symantec said it has identified suspicious code within a repackaged version of the tool. Typically, Android Market apps are illegally copied from the Android Market and uploaded (often with different code embedded in them) to alternative Android markets in China and elsewhere. Symantec said the malware’s code is actually hosted on Google Code under an Apache license.
Google says it encourages Android users only to install apps from sources they trust. The contaminated security app could raise eyebrows if it is installed on a phone and it prompts users to approve whatever the app wants to execute.