Google Android App Attack: Tracking Clues

Computer security researchers trying to crack the recent major software attack on Google’s Android Market for wireless applications are examining digital fingerprints to try to figure out how and why the attack was perpetrated.

Google has said 58 malicious apps were uploaded to Android Market and then downloaded to around 260,000 devices before Google removed the affected apps last Tuesday evening. It isn’t clear how many users activated the applications, a Google spokesman said. But users who did activate the apps, which included Super Guitar Solo, Advanced Barcode Scanner, Bubble Shoot and many others, ran the risk of having their personal data stolen from their phone and sent to a remote computer server.

One potential clue lies in the server used to help carry out the attack. John Hering, CEO of mobile security provider Lookout, said that as part of his company’s investigation of the incident it found that the attack’s “command and control” server, which received the stolen data from the smartphones, traced back to Hurricane Electric, an Internet service provider based in Fremont, Calif. Mr. Hering said his company contacted Hurricane Electric on the morning of March 2 soon after it discovered the server’s role in the attack, and asked the company to shut it down.

Read the rest of this post on the original site


Must-Reads from other Websites

Panos Mourdoukoutas

Why Apple Should Buy China’s Xiaomi

Paul Graham

What I Didn’t Say

Benjamin Bratton

We Need to Talk About TED

Mat Honan

I, Glasshole: My Year With Google Glass

Chris Ware

All Together Now

Corey S. Powell and Laurie Gwen Shapiro

The Sculpture on the Moon

About Voices

Along with original content and posts from across the Dow Jones network, this section of AllThingsD includes Must-Reads From Other Websites — pieces we’ve read, discussions we’ve followed, stuff we like. Six posts from external sites are included here each weekday, but we only run the headlines. We link to the original sites for the rest. These posts are explicitly labeled, so it’s clear that the content comes from other websites, and for clarity’s sake, all outside posts run against a pink background.

We also solicit original full-length posts and accept some unsolicited submissions.

Read more »