Google Removes Android Flaw Reveal App and Fixes
The Android application which was created to reveal a flaw in the Android mobile network which enabled apps to be installed with the knowledge of the user has now been pulled from the Android Market and released a fix for the issue.
According to an article over on Cnet, the chief security officer of Scio Security, Jon Oberheide came up with the proof of concept application which was camouflaged as an expansion for the Android Angry Birds mobile game, and once the app was downloaded a further 3 apps were installed without the consent or knowledge of the user and performed malicious activities although benign.
Senior consultant for Interpidus Group, Zach Lanier, along with Oberheide were due to present their findings on Android vulnerability but before doing so Google removed the application from the Market and started to push out a fix for the problem that apparently applied to all Android devices.
Furthermore, Oberheide had another 2 “research” applications removed from the Android Market by Google back in June which was designed to test the probability of distributing and application which could later take control of a smartphone during an attack.