Android Phones Blindsided By Tainted Apps

Security experts have warned for months that the growing number of smartphones in use is attracting scammers and hackers, who see these devices as virgin territory - and mostly unprotected, at that.

This week's revelation that some of the Apps in the Android Market harbored dangerous malware simply amplifies the point. At least 51 apps have been removed by Google so far this week.

Bad dream

Apps released under the developer names "Kingmall2010?, "we20090202?, and  "Myournet" contain DroidDream, the suspected virus, and have been suspended from the official Android Market.

One app you might want to download, however, is Lookout, which is free in the Android Market. Lookout runs in the background and notifies you immediately if anything you start to download contains a virus. It's provided by Lookout Mobile Security.

50,000 users affected

Google reported that at least 50,000 Android users downloaded the malware-laden apps and took action this week. Though disguised as ring tones or games, these apps are really programs designed to obtain root access to mobile devices and available data, such as mobile provider and user Ids.

AndroidPolice.com, an  Android watchdog site, says the apps also  make it possible to download more malware without being aware of it.

"In the DroidDream samples we have analyzed, the malware cannot start automatically: it requires the user to manually run the infected application," Lookout security experts write on the company's blog.  "When the host application-Bowling Time, in this case-is launched by a user, DroidDream will start by sending sensitive data to a command and control server."

Apparently there is no easy fix for this problem, at least not at the moment. One tech site held out little hope of a fix, suggesting affected Android users try to get a new phone from their carrier.