Google Issues Malware Security Update, Remotely Removes Malicious Apps

Bookmark and Share
Google hit a bit of a rough patch last week when it was learned that a malware infected apps were being sold by publisher Myornet on Android Market. The publisher and its products were quickly removed, but the damage had already been done: the 58 removed apps were downloaded roughly 260,000 times before they went away, TechCrunch Reports.

Other than the app removal, which happened within minutes of the news hitting the Internet, Google remained relatively quiet on the issue until last night. This was likely to give the internal development team time to engineer a fix, which they have. Android Security Lead Rich Canning laid out the details in an update on the Google Mobile Blog last night.

A Security Update will be (or likely already has been) pushed to all of those devices that downloaded one or more of the problem apps. Google is sending e-mails out to the security update recipients “over the next 72 hours” to inform them of the mandatory update, which requires no action on the user side. At the same time, Google is also enacting one of its security controls to remotely remove all of the malicious apps from affected devices. If you’ve got one of the problem apps and haven’t removed it yet, it’s going to automatically be done for you. Sometimes, having Big Brother always watching isn’t such a bad thing.

Canning also writes, “We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.”