Feeds

Google's whack-a-mole Marketplace cleans house again

Rovio Mobile, not Rovio MobiIe

Internet Security Threat Report 2014

Google's reactive policy over content on the Android Marketplace saw dozens of applications popping up overnight with names close enough to the real thing to reel in a mark or two.

The worst offender has to be "Rovio MobiIe", which simply replaced the "L" with a capital "I" to make its products indistinguishable from those emanating from the Angry Birds developer. That enabled the company to push out more than a dozen malware-laden apps, spotted by Android Police and removed by Google three hours later:

Applications uploaded to the Android Marketplace under a false name

They've all disappeared now – Google moves fast enough once alerted

How many people downloaded the apps – and compromised their handsets – in the intervening time we don't know.

Google's approach to Android Apps, YouTube videos and just about everything else is reactive; nothing is done until a complaint is received. That sounds reasonable, but means that someone has to suffer enough to complain every time something is uploaded.

In this instance the chaps at Android Police lodged the complaint, but other apps the site considers malware-masquerading-as-games are still listed in the store, and require run-at-boot permissions when installed.

Much of the malware now requires users to submit a five-star rating before it will run. But most users just click "OK" like they usually do, so star rating can't be considered an easy guide: users should be reading the reviews, and the permissions, before installing anything.

Sadly not many users can be bothered to do that, as has been shown time and time again, but the only alternative would seem to be Apple's draconian level of control, or perhaps going back to phones which just make phone calls. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
Yes, Virginia, there IS a W3C HTML5 standard – as of now, that is
You asked for it! You begged for it! Then you gave up! And now it's HERE!
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.