Want CNET to notify you of price drops and the latest stories?
CNET logo Why You Can Trust CNET

Our expert, award-winning staff selects the products we cover and rigorously researches and tests our top picks. If you buy through our links, we may get a commission. Reviews ethics statement

Google whacks 'malicious' Android apps by hitting its remote kill switch

Google is purging malware from Android handsets remotely -- dozens of dodgy apps were discovered on the Android Market last week, with potentially nasty exploits to access personal data.

2 min read
Advertiser Disclosure
Advertiser Disclosure
This advertising widget is powered by Navi and contains advertisements that Navi may be paid for in different ways. You will not be charged for engaging with this advertisement. While we strive to provide a wide range of offers, this advertising widget does not include information about every product or service that may be available to you. We make reasonable efforts to ensure that information in the featured advertisements is up to date, each advertiser featured in this widget is responsible for the accuracy and availability of its offer details. It is possible that your actual offer terms from an advertiser may be different than the offer terms in this advertising widget and the advertised offers may be subject to additional terms and conditions of the advertiser which will be presented to you prior to making a purchase. All information is presented without any warranty or guarantee to you.

Google has moved fast to protect Android users from dozens of malware apps discovered on its Android Market store last week. The apps, which used exploits to access the personal data of anyone who installed them, have been removed from the store, and are being remotely uninstalled from people's handsets.

Google outlined its actions in a blog post on Saturday, saying that "within minutes" of being alerted to the dodgy apps last Tuesday, it identified and removed them. The company takes pains to reassure users that any problems caused will have affected a minority of users.

"The applications took advantage of known vulnerabilities which don't affect Android versions 2.2.2 or higher," writes Android security lead Rich Cannings.

"For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device). But given the nature of the exploits, the attacker(s) could access other data, which is why we've taken a number of steps to protect those who downloaded a malicious application."

That includes suspending the developers and calling the cops on them, but also using Android's remote application removal feature to delete them from users' devices automatically. Google is also pushing out an Android Market security update to all affected devices to undo the exploits used by the apps, so no more data can be accessed. Those affected users are being emailed by Google with details of the fix.

"We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues," writes Cannings, while reminding Android users to always check the list of permissions when installing a new app.

It's comforting to see Google acting swiftly in cases like this, although it also raises questions about the company's hands-off approvals policy for Android Market. Would the dodgy apps have been spotted if Google had a tougher submissions policy -- but would that be too high a price to pay for reducing Android Market's openness? Let us know your thoughts by posting a comment.