Not long ago Google found and cleaned 21 apps from the Android Market that had been hijacked and turned into malware. Minutes after being made aware of the problem Google identified and removed the offending apps. Additionally, Google used their “remote uninstall” feature to remove the apps from the phones of those who inadvertently downloaded them.
Google didn’t stop there. Over the past few days Google has been pushing a security update to the Android Market to everyone that installed one of the infected apps. This security update essentially “undoes” the exploits the malware installed into the device and will “prevent the attacker(s) from accessing any more information from affected devices”.
If your smartphone or tablet was affected, Google should have sent you an email from firstname.lastname@example.org. Additionally, you will be receiving a notification that the Android Market Security Tool March 2011 has been installed.
Also, you might get another notification for each app that is removed as a part of this process. After all of that is done, you’re all set. Within a day following the exploit having been undone, you’ll get a second email confirming the process is complete.
All of this, while laudable, doesn’t change the fact that it has all been a reactionary process rather than a preventative one. To help with prevention, Google will be adding “a number of measures to help prevent additional malicious applications using similar exploits from being distributed through Android Market”.
The exploit took advantage of a hole has been patched with Android 2.2.2 and above, but other versions are still at risk. To remedy that situation, Google is working with their partners to “provide the fix for the underlying security issues”. Unfortunately, these patches must come from hardware vendors (HTC, Samsung, Motorola, etc.), and go through carrier (Sprint, AT&T, T-Mobile, Verizon, etc.) testing and screening before they will be pushed to end users.
Source: Google Mobile Blog