Google, after removing at least 50 malicious apps from the Android Market, said it will now remove those apps from the devices as well by using remote application removal feature. According to media reports, the malicious apps have been downloaded to at least 250,000 devices.
We are remotely removing the malicious applications from affected devices. This remote application removal feature is one of many security controls the Android team can use to help protect users from malicious applications, Google said in a blog post.
Google had already used this remote kill feature in June 2010.
Google believes that the attacker(s) were able to gather only device-specific IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on a particular device. But,it said attackers could access other data.
Google, which said the malware attacks will not affect the Android versions 2.2.2 or higher, had removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.
California-based Google said it will push an Android Market security update to all affected devices to prevent the attacker(s) from accessing any further information from the affected devices.
If your device has been affected, you will receive an email from firstname.lastname@example.org over the next 72 hours. You will also receive a notification on your device that Android Market Security Tool March 2011 has been installed, the blog post said.
The affected user will receive a notification(s) on the device stating that an application has been removed. The user is not required to take any action as the update will automatically remove the malicious app.
Within 24 hours of the exploit being undone, the user will receive a second email, Google said.
However, experts pointed out that the kill switch may not solve the issue in its entirety as Android devices are still susceptible to prevailing security loopholes at the system level.
It is also unfortunate that several carriers are still sticking with older versions of Android and the recent malware attacks have affected devices using versions older than Android 2.2.2.