DroidDream Becomes Android Market Nightmare

For many Android fans, one of the most important elements of the OS is that it is open. Unlike the draconian rules for the Apple App Store, and the tightly-controlled user experience of iOS, Android is an open source platform with much more lenient access to the Android Market. That freedom can also be exploited, though, to slip malicious apps into the mainstream.

Mobile malware is on the rise in general. Why not? Smartphones and tablets are quickly becoming the primary computing devices for many users. The landscape for security tools is not as mature or sophisticated as it is for PCs, and many users aren’t even aware of the security risks with mobile devices–making them fairly easy targets in many cases.

It shouldn’t be too big of a surprise then to find out that there are Trojan apps out there targeting the Android OS. Mobile devices are hot targets, and Android’s less restrictive app culture opens the door for malicious app developers. With over 50 Trojan apps identified, though, the main concern is that these apps were not on some alternative third-party app store, but the Android Market itself.

Kevin Mahaffey, CTO of Lookout–a maker of security tools for mobile devices –explains the Android malware discovery. “DroidDream is packaged inside of seemingly legitimate applications posted to the Android Market in order to trick users into downloading it, a pattern we’ve seen in other instances of Android malware such as Geinimi and HongTouTou. Unlike previous instances of malware in the wild that were only available in geographically targeted alternative app markets, DroidDream was available in the official Android Market, indicating a growing need for mainstream consumers to be aware of the apps they download and to actively protect their smartphones.”

Dave Marcus, director of security research and communications from McAfee Labs, echoes the concern about malicious apps in the Android Market. “What makes this significant is these apps are in the official Android marketplace, not from a third party marketplace. Analysis has shown that these apps can break out of the typical sandbox that most apps reside in, to potentially gain control over the entire device and its data. In terms of attacks and malware, it doesn’t get any worse than root access, which this malware has.”

I am not suggesting that Android is just inherently insecure, or that everyone abandon Android to avoid malicious apps. Apple’s walled garden might make it more difficult to spread a malicious app to iOS users, but no mobile platform is completely safe.

I do, however, recommend increased caution and diligence. Don’t assume that just because an app can be downloaded from the official Android Market that it must be safe. Follow the tips outlined by my PCWorld peer Armando Rodriguez, and be warned–your mobile device is a hot target for malware.