Google Starts Remotely Removing and Fixing Malicious Malware from Affected Devices

We may earn a commission when you click links to retailers and purchase goods. More info.

There was a lot of talk last week about security on the Android platform after the DroidDream malware scare, but to help ease all of your minds, Google has released a statement detailing all of the steps they are actively taking to make our mobile world a safer place.  We should point out that anyone running anything less than Android 2.2.2 was susceptible, so please read the 4 steps below carefully to see what you need to be on the look for.

  1. We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
  2. We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications.
  3. We are pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices. If your device has been affected, you will receive an email from [email protected] over the next 72 hours. You will also receive a notification on your device that “Android Market Security Tool March 2011” has been installed. You may also receive notification(s) on your device that an application has been removed. You are not required to take any action from there; the update will automatically undo the exploit. Within 24 hours of the exploit being undone, you will receive a second email.
  4. We are adding a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market and are working with our partners to provide the fix for the underlying security issues.

And as you can see from our picture above, there is an app in the market that will help remove garbage from affected devices.  You don’t need to download it though; it’s just there so that Google can remotely push it onto devices in need.  More info can be found here.

Via:  Google Mobile Blog



Collapse Show Comments