Original URL: https://www.theregister.com/2012/02/07/marketplace_malware/
Google's whack-a-mole Marketplace cleans house again
Rovio Mobile, not Rovio MobiIe
Posted in Software, 7th February 2012 16:44 GMT
Google's reactive policy over content on the Android Marketplace saw dozens of applications popping up overnight with names close enough to the real thing to reel in a mark or two.
The worst offender has to be "Rovio MobiIe", which simply replaced the "L" with a capital "I" to make its products indistinguishable from those emanating from the Angry Birds developer. That enabled the company to push out more than a dozen malware-laden apps, spotted by Android Police and removed by Google three hours later:
They've all disappeared now – Google moves fast enough once alerted
How many people downloaded the apps – and compromised their handsets – in the intervening time we don't know.
Google's approach to Android Apps, YouTube videos and just about everything else is reactive; nothing is done until a complaint is received. That sounds reasonable, but means that someone has to suffer enough to complain every time something is uploaded.
In this instance the chaps at Android Police lodged the complaint, but other apps the site considers malware-masquerading-as-games are still listed in the store, and require run-at-boot permissions when installed.
Much of the malware now requires users to submit a five-star rating before it will run. But most users just click "OK" like they usually do, so star rating can't be considered an easy guide: users should be reading the reviews, and the permissions, before installing anything.
Sadly not many users can be bothered to do that, as has been shown time and time again, but the only alternative would seem to be Apple's draconian level of control, or perhaps going back to phones which just make phone calls. ®