Bogus Android Security Patch Discovered by Symantec

Security firm Symantec reports today that it identified "suspicious code" in a repackaged version of Google's Android security patch that sends SMSes to a command-and-control server.

The bogus code was found on an unregulated, third-party Chinese marketplace, and is still being analyzed, according to a blog post by Symantec's Mario Ballano.

The application is called "Android Market Security Tool," and is a fake version of the authentic mobile security update by the same name that Google issued to remove the DroidDream malware from infected Android devices.

"What is shocking is that the threat's code seems to be based on a project hosted on Google Code and licensed under the Apache License," writes Ballano.

Android smartphone security at issue

Symantec's discovery comes on the heels of a malware attack on some 50 applications at the Android mobile app storefront Android Market. The malicious code, dubbed DroidDream, stole the identity numbers of handsets and SIM cards and sent it to a server based in Fremont, Calif. It also was capable of downloading code to smartphones.

In an unprecedented move, Google (NASDAQ: GOOG) pushed an over-the-air software update -- "Android Market Security Tool March 2011" -- to users' phones that would eliminate the malware, but only for devices running Android 2.2 and later. That move came under fire from critics who said that many users are still vulnerable because they have yet to receive the latest version of Android.

Currently, about 57.6 percent of Android devices are running version 2.2, followed by 2.1 at 31.4 percent. About 6.3 percent are still on Android 1.6, according to the Android Developers site.

The security issues dogging Android come at a time when the mobile Linux OS is experiencing huge growth, outpacing its rivals' market share in the hotly contested mobile sector.

Google-backed Android spiked 7.7 percent to 31.2 percent, while Research In Motion's (NASDAQ: RIMM) BlackBerry OS tanked by 5 percent to 30 percent, and Apple's iOS remained flat at 24 percent for the three-month reporting period ending in January, according to comScore's study of U.S. mobile market share.

Android apps are also cutting the distance from front-runner Apple in the tally of mobile app downloads. “Android smartphone quarterly shipments now exceed Apple’s. There is still a long way to go, but accumulated downloads from both Android Market and third-party platforms surpassed 1.9 billion by the end of 2010. Android Market currently features more than 130,000 apps in 48 countries, nearly half of iTunes App Store’s catalog," Fei Feng Seet, ABI Research associate, said in a statement.


security, Google, Android, Symantec, smartphone security