Google last week removed malicious applications that had been listed in the Android market.
The Android team was made aware of a number of malicious applications published to Android Market on Tuesday evening, Google said. The malicious applications were identified and removed.
The applications took advantage of known vulnerabilities which don?t affect Android versions 2.2.2 or higher. For affected devices, Google believes that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on users' device). However, given the nature of the exploits, the attacker(s) could access other data.
In order to protect those who downloaded a malicious application, Google removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
Google is also remotely removing the malicious applications from affected devices and is pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices.
Users with affected devices will receive an email from email@example.com over the next 72 hours, the company said. They will also receive a notification on their device that "Android Market Security Tool March 2011" has been installed, or receive notification(s) on their device that an application has been removed.
"We always encourage you to check the list of permissions when installing an application from Android Market. Security is a priority for the Android team, and we?re committed to building new safeguards to help prevent these kinds of attacks from happening in the future, " Rich Cannings, Android Security Lead posted in a blog.
With the adoption of so many new mobile platforms, combined with the lack of security awareness and mobile safeguards, security experts expect cybercriminals to target mobile devices.