"Virus" attack on the Android Market was a mistake Symantec
Many users of mobile systems criticize the app store from Google for the fact that, unlike the AppStore, there is no moderation of the hosted apps. In addition to the self-evident freedom of developers who can very quickly publish their programs, an attacker can just as easily place malicious code on the Android Market and only after obvious scandals can Google remove it.
This week, a publication was published on Habré, the meaning of which was that Symantec experts discovered that the Trojan was being downloaded by Android Market users, with up to 5 million people being victims of malicious code. The role of the lure was played by games with names like “Sexy puzzle”, which requested access to almost all communication and location capabilities of the phone, although they were released by a fairly well-known publisher. Then Symantec described this attack as “the largest”, while curiously, Google didn’t follow a special reaction - the company refused to delete the applications (for example, the game from the “Black list” of Wild Man from Ogre Games is quite available in the Market, although that of the users and left a comment that in the "virus program").
Today, Symantec officially acknowledged that they were wrong. Experts misjudged the application code, recognizing that, although it does some “arbitrariness” by creating and changing bookmarks in the browser and setting the home page, however, there is no real danger for the user, because only the URL data and can be sent by a “malicious” application. The “suspect” turned out to be a certain advertising module built into the games, which its authors have already promised to rework to avoid such annoying misunderstandings in the future.
Open Source Project Manager at Google: mobile antivirus software is useless
')
[Source - Symantec ]
This week, a publication was published on Habré, the meaning of which was that Symantec experts discovered that the Trojan was being downloaded by Android Market users, with up to 5 million people being victims of malicious code. The role of the lure was played by games with names like “Sexy puzzle”, which requested access to almost all communication and location capabilities of the phone, although they were released by a fairly well-known publisher. Then Symantec described this attack as “the largest”, while curiously, Google didn’t follow a special reaction - the company refused to delete the applications (for example, the game from the “Black list” of Wild Man from Ogre Games is quite available in the Market, although that of the users and left a comment that in the "virus program").
Today, Symantec officially acknowledged that they were wrong. Experts misjudged the application code, recognizing that, although it does some “arbitrariness” by creating and changing bookmarks in the browser and setting the home page, however, there is no real danger for the user, because only the URL data and can be sent by a “malicious” application. The “suspect” turned out to be a certain advertising module built into the games, which its authors have already promised to rework to avoid such annoying misunderstandings in the future.
Open Source Project Manager at Google: mobile antivirus software is useless
')
[Source - Symantec ]
Source: https://habr.com/ru/post/137502/
All Articles