Android Market pulls 50 apps containing DroidDream malware

More than 50 applications have been pulled from the Android Market over fears that they harbour malware.

Smartphone security company Lookout found DroidDream malware in a wide selection of applications from three authors: Kingmall2010, we20090202 and Myournet.

All have now been pulled from the marketplace, although Lookout said that Google has not yet deleted the applications remotely from handsets as they are still under investigation.

"A blogger at Android Police took a closer look at the malicious applications and verified that they contain exploit code that can root a user's device as well code that can send sensitive information (IMEI and IMSI) from the phone to a remote server," said the Lookout blog.

"Android Police also found another APK hidden inside the code, which can steal additional sensitive data."

The Android Police analysis calls the malware "the ultimate Android Trojan to date", and warned that it harvests information and has the ability to download new operating code, opening the potential for smartphone botnets. Over 50,000 copies of the applications had been downloaded

Google has not commented at the time of going to press.

The open nature of the Android Market may be counting against it in security terms, according to Philip Dall, mobile security expert at internet security company BullGuard.

"At the Android Market all applications can be self-signed by any developer operating within the guidelines," he told V3.co.uk. "A developer can have an application on the marketplace, add new code and then recertify it."

Other application markets have applications signed off by the store itself, whereas Android went for a freer approach. Dall stressed that Google's approach is valid, but requires more user caution.