Recently, a new spyware named "DroidDream" causing privacy leakage was found on Google's Android Market. The spyware was embedded in repackaged legitimate applications and uploaded to the Android Market by the developers "Myournet", "Kingmall2010" and "we20090202". Mobile devices will be infected after download. Google has removed more than 50 infected applications from Android Market and remote deleted the infected apps downloaded to the users' devices to prevent further spreading of the malware. Even though Google has taken a series of control measures in the wake of the event, there seems to be a need for more to be done.
has been revealed, which might make users more wary of plugging smartphones into their computers to sync or recharge. The exploit, developed by Angelos Stavrou and Zhaohui Wang, infects an Android device so that it mounts as a regular HID (human interface device) keyboard and mouse on a PC, Mac or Linux machine. With that access, the malware author could then retrieve files, download other malware or even take control of the system altogether, depending on the nature of the exploit code. Versions of the exploit have been written for computers and for the Android kernel; an iOS version would also be possible, the researchers claim.
"Say your computer at home is compromised and you compromise your Android phone by connecting them. Then, whenever you connect the smartphone to another laptop or computing device I can take over that computer also, and then compromise other computers off that Android. It's a viral type of compromise using the USB cable" Angelos Stavrou
reports of e-mail accounts being spammed, adware installed, and SD cards being erased - all linked to the installation of this app. This has sparked several discussions about the appeal of the open source community when personal data is at stake. Traditionally a friendly, help-one-help-all environment, the open source community is under attack by many who have had their phone book, calendar, and SD cards erased by this rogue application. Another issue raised is the Android Market app approval process, of which we're not really sure there is one. Several commenters have expressed interest in Google taking more of an Apple AppStore approach, with stricter app requirements before allowing downloads by the masses. A link to the application was not provided for obvious reasons.