Just yesterday, we reported Symantec’s recommendation that Android apps should only be downloaded directly from the Android Market, and not from third party sources.
Alas, according to security people Lookout, even that precaution doesn’t seem to be enough. More than 50 Android Market apps have been identified with a new infection called DroidDream.
Lookout’s blog details how Lompolo, a user from news aggregation site Reddit, first noticed pirated versions of legitimate apps posted on the Android Market, under the developer name Myournet. Lompolo inspected the apps and discovered that they contained malicious code.
A blogger with Android Police dissected further, and confirmed that the code can root a user’s device, and send sensitive information such as the IMEI to a remote server.
Lookout themselves identified a number of additional apps that were infected with DroidDream. They’ve deployed an over-the-air update that protects Lookout users from the DroidDream code. Of course, for some users, the damage has already been done.
As serious as the threat is, the list of affected apps does make for amusing reading. Among the 50+ apps are:
- Super Sex Positions
- Hot Sexy Videos
- Hilton Sex Sound
- Sexy Legs
And, my personal favourite, Screaming Sexy Japanese Girls. Brilliant.