Maybe Apple’s App Review Process Isn’t So Heinous – 21 Android Apps Turn Out To Be Malware

Mar 2nd, 2011 | By | Category: Apple iPad, iPhone

Android MalwareApple’s iOS app review process has long been the source of criticism: It’s too slow, it’s too arbitrary or it’s biased.

Unfortunate news about the Android platform, though, suggests that maybe Apple’s app review process may not be so heinous after all.

Android Police reports that 21 popular free apps for Android phones, apps that have been downloaded 50-200k times in the last 4 days, are actually malware that will root your phone, steal your private data and open a backdoor to your system.

Android Police’s Aaron Gingrich notes:

It does indeed root the user’s device via rageagainstthecage or exploid.

But that’s just the tip of the iceberg: it does more than just yank IMEI and IMSI. There’s another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID.

But that’s all child’s play; the true pièce de résistance is that it has the ability to download more code. In other words, there’s no way to know what the app does after it’s installed, and the possibilities are nearly endless.

The fact that over 50,000 users got their phones rooted is horrible; the fact that this was predictable and the tip of the iceberg if nothing changes, even worse.

If you’ve downloaded one of the malware apps, the recommended solution is to stop using your phone and to ask your carrier to exchange it for a new device.

Does this incident make you reconsider the pros and cons of Apple’s app review process?

Tags: , ,

5 Responses to “Maybe Apple’s App Review Process Isn’t So Heinous – 21 Android Apps Turn Out To Be Malware”

  1. Relwal says:

    Does Apple actually systematically screen apps for malware?

  2. Eduardo Cruz says:

    I agreed with Apple vetted program. Look at the Android market with just one very important example. They are allowing the official Wells Fargo app, but also somebody else’s Wells Fargo app that as far as anybody knows will steal customers information. There have been many message left for Google to take it down and has been reported as malware, and the app is still there for many months.
    So boys, what do you prefer, freedom to get scam and taken to the cleaners or allow someone to vet every app to be clean? I go for clean!

    • James Lewin says:

      Eduardo –

      There’s a place for both approaches – but this sort of incident does validate Apple’s reasoning for its approach.

  3. Cesar says:

    Theres an easy way to know if its malware… but apple is just becoming a boutique

Leave a Reply