Incidents

The dark side of the new Android Market

A new version of the Android Market has just been launched, making it possible for every device owner to look for applications, buy or even remotely install apps to an Android device directly from the browser on a desktop computer. Wait, remotely install? Have we misheard something?

No, it’s an official feature of the brand new market. If you use an Android device, it means that you have a GMail account associated with your device, and now you can remotely install any application from the Android store. You just need to:

  • log in to the market with your GMail account associated with your smartphone;
  • choose any application you would like to install;
  • click to the ‘Install’ link;
  • carefully read all the permissions required by the application;
  • click on the ‘Install’ link again.

If your smartphone is connected to the Internet, you will immediately notice that on the device’s screen an install is already taking place. Why is this problem? When installing apps via the market on your phone, you must agree to all the permissions being requested before the app will actually install on your phone. With this new incarnation of the Android Market, those permission are only displayed on the app page within the web interface of the Android Market. After agreeing to these permissions the app is installed without any notifications on your mobile device.

So what? Isn’t that convenient? Yes, for you and for anyone who may gain unauthorized access to your Gmail account. This would allow the attacker the ability to purchase and install any app available within the Android Market.

Apps within the Android Market feature a lot of options, many of which could be used maliciously by an unauthorized third party.

This is just one more reason to create strong passwords, and be ever vigilant about access to your accounts and devices.

We have reached out to Google to discuss this security risk.

We can’t seem to find a way to disable these remote installs from the browser. At the minimum, it’s important that Android users have the ability to turn off this feature.

The dark side of the new Android Market

Your email address will not be published. Required fields are marked *

 

Reports

BlindEagle flying high in Latin America

Kaspersky shares insights into the activity and TTPs of the BlindEagle APT, which targets organizations and individuals in Colombia, Ecuador, Chile, Panama and other Latin American countries.

APT trends report Q2 2024

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity.

Subscribe to our weekly e-mails

The hottest research right in your inbox