By now most everyone knows that Google has addressed the Droid Dream malware mess in the Android Market, used the kill switch and issued a fix, and is in process of rolling out said fix to all affected users. But since Android users in general are an impatient lot, some folks have been on the lookout for the files to manually install the fix instead of waiting.
Don't do it.
The folks at F-Secure have found that at least one of the so-called security patch files floating around is really just another trojan. This is social engineering at it's finest -- use the promise of security to really make things worse. You can read the gory details of the BgServ.A trojan found in the fake patch at the source link, but the important thing is that you need to wait for Google to push you the fix if you downloaded one of the infected files. Like every other patch for the OS, whether it's an updated version of Android or something less glamorous like a security fix, only install files from Google's servers.
If you were affected by the malware, you should have received an email from big G, or will soon. We have the full text of that message after the break, be sure to check that the sender is really Google, and sit tight. They will get you all patched up. [F-Secure] Thanks Mike and Steven!
You are receiving this message to inform you of a critical issue affecting
your Android Market account.
We recently discovered applications on Android Market that were designed to
harm devices. These malicious applications ("malware") have been removed from
Android Market, and the corresponding developer accounts have been closed.
According to our records, you have downloaded one or more of these
applications. This malware was designed to allow an unauthorized third-party
to access your device without your knowledge. As far as we can determine, the
only information obtained was device-specific (IMEI/IMSI, unique codes which
are used to identify mobile devices, and the version of Android running on
However, this malware could leave your device and personal information at
risk, so we are pushing an Android Market security update to your device to
remove this malware. You will soon be receiving a notification on your device
that says "Android Market Security Tool March 2011" has been installed. You
are not required to take any action from there, the update will automatically
run. You may also receive notification(s) on your device that an application
has been removed. Within 24 hours of receiving the update, you will receive a
second email confirming its success.
To ensure this update is run quickly, please make sure that your device is
turned on and has a strong network connection.
For more details, please visit the Android Market Help Center at
The Android Market Team
©2011 Google, Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
Email preferences: You are receiving this email to notify you of a critical
issue affecting your Android Market account.
We may earn a commission for purchases using our links. Learn more.
Got a Pixel 5? Here are 10 tips you should know
The Google Pixel 5 is one of the smartest Android phones of the year. Here are 10 tips to get the absolute most out of it!
Here's why Google probably won't release a 'true flagship Pixel' next March
Google is really bad at keeping secrets and one this big is no exception. Sorry, but you're going to be waiting until next October for any new "flagship" Pixel phone.
These are the very best Android TVs you can buy in 2020
Android TV is a sleek and powerful smart TV operating system, and these TVs ship with it built right in. Here are the best Android TVs you should consider and why they're so great!
The Xperia 1 II is our favorite phone for shooting video
If video recording is your thing, then look no further than the Sony Xperia 1 II — it offers a large screen, three great cameras, and extremely robust manual video controls.