Google last week removed 10 Angry-Birds-related applications from the Android Market after a computer science professor reported they were infected with malware. Xuxian Jiang, a professor at North Carolina State, reported the apps on June 5 and Google removed them the same day.
The news highlights the increasing threat of mobile malware and the vulnerability of mobile OSes to malicious software. All 10 apps were disguised as add-ons or cheats for the incredibly popular Rovio game Angry Birds.
On his academic blog, Jiang said his team calls the new type of malware “Plankton” and that it does not attempt to root Android phones. Instead, the apps simply want to run in the background in order to send phone information to a remote server.
“Plankton is the first one that we are aware of that exploits Dalvik-class loading capability to stay stealthy and dynamically extend its own functionality,” Jiang wrote. “Our investigation indicates that there are at least 10 infected Android apps in the official Android Market from three different developers. Its stealthy design also explains why some earlier variants have been there for more than two months without being detected by current mobile anti-virus software.”
Google’s process for accepting applications is much more open than that of Apple and its App Store. But this openness has allowed some dangerous malware through the gates. Back in early March, Google removed dozens of apps from the Android Market because of malware.
I wonder if this latest breach in app security might cause Google to tighten the process of app approval ever so slightly.