Google hit a bit of a rough patch last week when it was learned that a large number of malware-infected apps were being sold by publisher Myournet on Android Market. The publisher and its products were quickly removed, but the damage had already been done: the 58 removed apps were downloaded roughly 260,000 times before they went away, TechCrunch reports.
Other than the app removal, which happened within minutes of the news hitting the Internet, Google remained relatively quiet on the issue until last night. This was likely to give the internal development team time to engineer a fix, which they have. Android Security Lead Rich Canning laid out the details in an update on the Google Mobile Blog last night.
A security update will be (or likely already has been) pushed to all of those devices that downloaded one or more of the problem apps. Google is sending e-mails out to the security update recipients “over the next 72 hours” to inform them of the mandatory update, which requires no action on the user side. At the same time, Google is also enacting one of its security controls to remotely remove all of the malicious apps from affected devices. If you’ve got one of the problem apps and haven’t removed it yet, it’s going to automatically be done for you. Sometimes, having Big Brother always watching isn’t such a bad thing.
Canning also writes, “We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues,” though exactly what those measures are isn’t detailed.
The malware is believed to have only gathered device-specific information, though it contained code that could have allowed for the download of more potentially harmful data without a user’s knowledge. Devices with Android version 2.2.2 or higher were also not affected, as the malicious software takes advantage of exploits that were only present in earlier versions. That said, if you’re running a “safe” version and do somehow happen to still have one of the affected apps… it might be a good idea to remove it.