Android Market

Someone contacted Android Police with a list of applications that contain malicious code to root your device, and this has resulted in Google using the kill-switch and  pulling 21 applications from the Market (and users phones).  Here's the list of affected applications according to Android Police:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • 下坠滚球_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • 躲避弹球
  • Advanced Currency Converter
  • App Uninstaller
  • 几何战机_PewPew
  • Funny Paint
  • Spider Man
  • 蜘蛛侠

All the apps were published by Myournet to the Android Market.  The apps use the rageagainstthecage exploit to root your phone (or tablet), which opens the door for the app to do anything with your data -- like send it to a remote server.  Of course with root it can do much worse as well. 

If you installed any of these applications, they should have been pulled off your phone, but that's not enough.  You need to do a full system wipe and reset your phone completely, the data wipe and reset from settings may not be enough.  This means ODIN, RUU's, .sbf files or a trip to your carrier store if this is beyond your capabilities.  The call to our forum moderators and advisers is out, and we're going to try and help as much as we can.

Perhaps the worst part of the whole situation is that this exploit has been patched by Google.  Starting with 2.2.2, AOSP has been fixed to halt this exploit, and with Gingerbread it no longer works at all.  This puts the need for quick carrier updates in an entirely new perspective, as potentially 50,000 users are affected because they are still running old versions of the OS.  I'm all for an open Market, but something has to be done, and it will have to start at the top in Mountain View. [Android Police]

 

Reader comments

Google pulls Market apps with root exploit -- one patched in AOSP, but you probably didn't get it

61 Comments

i have absolutely no use for any of those listed apps... why doesnt Android/Google monitor this more? i hate installing apps on my phone because of this... i only have THREE apps on my phone because of the things certain apps want access to.. the only acceptable access is whether i share my location or not... smh

I think Google should regulate the Android Market someway. Not like Apple's way. But they should a least test each app for malicious code.

I would never DL any of those apps... They all sound a little too generic to me... It sounds like all these 'exploits' are aimed at attracting people who will download anything without a thought and need their mommy to hold their hand while they use the scary internet...

What about games like Slice and Homerun Battle 3D? They request root and the devs have never explained why in the app description.

Also, go away spam filter.

Yeah, I got the same game and was wondering the same thing. I think we are ok since this is a different Dev. But, would appreciate any confirmation from someone that knew for sure. :)

Y'all are good. Pew Pew is OK, it was the knock-off that was dirty. Add smearing the good name of real devs to the list of crapola this Myournet has done.

Thanks for clearing that up. I saw a video about that game on phandroid today and decided to try it out. I guess making a cheap copy of a good game was the only way Myournet thought they could get people to download they're malicious crap.

so does anyone know what these apps did? i mean crap this is kinda creepy i bet Myournet works for apple...

I would think more then 50,000 Android users are affected by lazy carriers not releasing OTA updates quick enough.

kinda hard on folks arent ya son ? of course i bet you was born with all the high tech in yer head already, what a waste that you'd post here with newbies.

no question is to stupid or lame, one never knows unless they ask. the dumb stupid folks must be the ones like yerself who feel its a crime to instruct new comers. Are you trying to be the only one with answers.
i dont know about you but i wasnt raised with a silver spoon in my mouth so that i could hack and blow up electronical devices and no problem ,, just go buy another.
it must be nice to be able to push folks aside making you a dumb person who cant answer a question without feeling you are so high n mighty.. your day will come when you need help and the person there will act as if you are stupid.
wake up..you will miss the bus with that smartass attitude..

I see it as people downloaded apps without even paying attention to what they was approving and most likely didn't even read comments or description. Do you have any idea how many times I have seen apps that CLEARLY says it is for a specific phone or it's a theme for another program and then there is like a hundred comments of morons who obviously didn't read and posted "doesn't work".. I know it always pisses me off.. Bottom line is patch all you want because you can't fix or protect stupid.. If you lack common sense get a dumb phone or Iphone..

It's a scary day to be an Android user, that's for sure. I have no use for any of the listed apps and thus would never download them, but the very fact that these malicious apps made it into the market to begin with is frightening. Yes we as users need to be smart and pay attention to what we're downloading, but we can't have an official channel like the Android Market plagued by malware like this. The open source nature of Android is one of the reasons I love it but it also leaves the door open for this kind of exploit and I hope Google does more to keep this kind of thing from ever happening again.

Ahhhh! I downloaded Spider Man a while back on my EVO. If I've always been on version 2.2 should I still be worried?!

Whew! I'm somewhat relieved that I downloaded the Droidhen version n not the other one. Guess it looks like I'm safe? ^ thanks for pointing out the two versions!

Who's minding the app store? How did this many bad apps get in from a Chinese vendor without anyone noticing? Apple is probably laughing at this, as this is the day they are announcing something...

It's all well and good that a risk was averted, but should I be sending my phone bill to Google?. It seems they act like it's their phone. So shouldn't they be paying ?

I like how you guys are down playing this, but if Google continues its hands off approach to both applications and OS upgrades, the future of Android is in jeopardy. No one is going to want to use a device, especially with electronic purchases which seem to be in the future of mobile phones, that is a malware magnet.

The Market is not a mmalware magnet. Let's not over react.
First off who discovered the malware, was it not Google? That proves they are watching over things. (Also the last 3 or more versions of android already have this exploit patched)
Second this is the price you pay for freedom, there will always be this security war.

This is among the fundemental differences between Apple, MS, Linux, and now Android.
Apple belives that you can't handle this so they impose their order and rules upon your device. Android is open so it's anything goes. But, in the end it's also why Android advances farther and faster than Apple.

Eric Schmidt was saying this very thing, its about open verses closed and the pluses and minuses of both.

Google did not find this malware. I think it was people from Android Police who found it. Google did remove the apps quickly when notified but time these things go unnotice is enough to cause impact and concern.

I wish Google could find a balance between the draconian Apple app store and the wild west of the Google app store. It would seem to me that there could be an optional process to have your apps certified by Google and even let those apps be featured above the rest of the apps in the store with some kind of a "Google Certified" logo. That way, you could have a selection of premium apps that you know are good just like you get from Apple and still have all the options of the open platform inside or outside the market.

Thank you for saying what I have been thinking for a while. Allow devs to ask to have their apps inspected and certified by Google, and give it a seal of approval for security and stability. This way you don't have to ban any apps like the draconian crApple, but still give people the option of knowing an app has gone through certification.

Great, someone ruined the ratc for all of us, everything to root your phone used this exploit almost, unrevoked, z4root, simple 1-click root. Luckily they will all still work until carriers push out new updates containing the fix, which will likely be never.

god engadget has become antroll central...it was a record 15 troll posts before i saw even 1 useful post. but being related to the topic...whenever i see stuff like this it makes me sad inside. I mean i love open source...but google NEEDS to fix this i think they should partner up with a anti-virus company to check all the android apps before they are put on the market.

The only app I could see as potentially DLing is the calc.. I'm in school for BioMedical Engineering. But I luckily DL'd the RealCalc instead. phewwwww.

THIS IS WHY THIS IS THE BEST SITE EVER FOR AN ANDROID USER... THEY GET THE NEWS TO US and also give a crap and want to help us... U guys rock!!!!

I had a chess game on my phone awhile back, but didn't use it much so when I did a factory reset before, I didn't reinstall it. How do I know if it was that chess game? Since I did the factory reset, does this mean I am safe?

I guess this is another example of why there should only be one official current Android OS,Vanilla Android,at one time.If this were the case Google would have just released the patch and everyone would be covered instead of having to wait on the "middlemen"(carriers).As much as we like to bash Apple we should stand back and see if they do have the right ideas about some things. I also agree that AC is THE place for info in the Android World happenings. Thanks!

Yes it would be nice for Google to analyze all the various hardware configurations and come out with an optional clean Android OS for any user that wanted to download and update it. Unfortunately, I think there's way too many configurations for even a company like Google to keep up with.

This should hopefully light at least a bit of a fire under the manufacturers and carriers to start updating a bit more though. I mean security issues should take priority over just ignoring your hardware and saving the main updates for your new hardware right?

LMFAO??!!!

Seriously? I don't know what is funnier the article or the posts. Either I am reading a completely different article from everyone else or people are just ranting about something they do not fully understand.

It's like people read 2 or 3 words from the actual article. You have google on your phone, use it.

I did have a couple of their apps installed..

Any idea how I do a restore on my T-Mobile MyTouch 4G ? I did a factory restore from under settings, but looks like that's not enough

The chess one was the one I had, but never used. Could you please give some further basic info on what would happen if you had downloaded that app, or the others? What info from your phone may have been sent to that server? Anything to look for on your phone to see if something else is wrong?

Would the carriers replace your phone if you asked about this issue? Sprint EVO? Would this only be for a device insurance account payer?

Is it safe to transfer your photos and videos for example off your phone to your laptop (with security software running) before this factory reset? Or before trying to return the phone for a replacement?

Thanks.

My unused BlackBerry is looking mighty tempting to go back to after reading this. I knew to stay away from external sites, so I assumed I was OK in the official Android Market. I guess not. I was recently searching the market for a scientific Calculator and photo editor app.
Good thing I held off.

This is extremely upsetting! Android is becoming the PC Windows of the mobile world. It was OK, I guess, when users got the malware by visiting warez sites and downloading content from there. BUT IN THE OFFICIAL ANDROID MARKET?!?!? The Market is supposed to be a place not only to download apps you know about, but to discover new apps too!

I think I'm jumping ship back to BlackBerry (unless Apple manages to release an iPhone with built-in hardware QWERTY keyboard this year). I'm already putting with enough crap (aka security software) on my desktop and laptop PC's and I'm definitely not going to put up with that on my phone.

I hear you. I think I'm getting to the point where I will go back to getting and using a phone simply to make calls, send email and text, and use as my calendar/contacts. The idea of using apps to make your phone/PDA into a toy or entertainment device using 3rd party downloads is not going to end well in the long run given this example. There is simply too much personal info on a modern smartphone now to risk this type of data exploitation without better security.

you don't know what you are saying seriously. google rooting your phone. this is not malware.

maybe should should do the android world a favor and jump ship and not post about things you don't know what you are talking about

Maybe you should learn what rooting is and what risks it comes with. If you know the risks and decide to root the phone yourself, that's OK. If you don't know about rooting, or if you know what root is and have chosen not to root your phone but then some app in the Android Market roots your phone without your consent, they can do anything they want with your phone without you even know it.

It was one "developer" but it wasn't just one malicious app. 21 malicious apps in the market that is supposed to be the users' main go-to source to discover new apps and developers, this is definitely serious. Should we all avoid new developers now and prevent genuine newcomers from gaining exposure and users for their work? Should we all avoid Chinese developers?

There IS reason to panic and demand Google does something ASAP to prevent this from happening again.

And please provide a link to the forum discussion of what to do about this if you had one of these apps. I can't find a thread.

Thanks.

I was wondering where these security apps were when this whole thing hit. I haven't seen them popping up with warnings to alert the public.

Good job on bringing this to users attention AC. Too bad so many people hit the panic button so quickly.

I would not have touched any of those apps with a ten foot pole. I agree with some comments, if you are not ready for Android, don't get an Android. Carriers need to start providing customers with better information at POS. That's the problem though, allot of the time the info they give is incorrect and only intended to make a sale.

Before you start posting about this article please at least know what rooting is! I purposely did it to my phone for reasons everyone else here does not understand.

This is not really malicious software. It provides administrative access to your phone allowing it to be more open and configurabl

You rooting your own phone is irrelevant. Malicious code doing so without your knowledge and then using your data or further access is the issue. Read before you post again...

From Mashable (also reposted on CNN Tech page, so it's making mainstream news):
(Mashable) -- Google has just pulled 21 popular free apps from the Android Market. According to the company, the apps are malware aimed at getting root access to the user's device, gathering a wide range of available data, and downloading more code to it without the user's knowledge.

Actually it sounds like you may not know what rooting means. It does mean gaining administrative access to the underlying OS. That means if one of these apps gains root access to your phone it is able to do almost anything it wants without you even knowing. Rooting your phone yourself is one thing. An app rooting your phone without you knowing is something entirely different.

If you rooted your own phone and have Superuser installed, this cannot affect you because superuser asks you to allow root permissions, so as long as you said no, then this could not do anything.

However if you did NOT root your own phone and this did it for you, it did NOT install superuser so ANYTHING on your system could be done without any checks.

Not panickin or anything but I had the droidhen version of spider man and that one was also removed from market..why?

I think I've installed Spider man on my HD2, so should I go into clockwork recovery and wipe everything and reinstall rom? Is it save to use titanium backup and ADW to recover settings?

UGH, this is the news I dread to hear. Though I don't cream my jeans with fanboy excitement for owning my Droid X, I am a lot happier and less smug than my iFanboy friends who become offended each time I make a joke about the bizarre short comings of an iProduct.

Now I'm gonna have to deal with the fact that Google really dropped it on this one.

Upside, Even though I do frequent the Android Market, I was smart enough to make one of my first downloads a well scored antivirus program that passed a malware test I gave it. I also didn't downloaded any of those malicious programs.

Oh well, I can only hope they live & learn on this one.