[FYI] Do NOT Dowload Android Market Security Tool - Fake Versions Found with Viruses

[dgstorm]

Here's an update on some of the malware infection problems going on right now in Android-land. Google recently released the "Android Market Security Tool 2011" to fix the DroidDream infection, but users are advised NOT to download it. The tool is already being pushed out automatically by Google to eliminate the DroidDream malicious software.

The other reason not to download the "Android Market Security Tool" is because there is a fake version on the secondary Android markets. The version on the Google Android Market is clean, but the fake version on the alternate markets is infected with viruses itself.

It's important to note that the fix does not eliminate the vulnerability exploit that allowed the DroidDream to infect Android phones. All it does is remove the infection. Only Android version 2.2.2 or above, fixes the vulnerability. So, it is up to the phone manufacturers and carriers to get their phones ready for that update. These leaves many of us with older smartphones 'out in the cold' regarding our vulnerabilities to potential future exploits.

I just wanted to give everyone a heads-up about this one, since the 'bad guys' are really getting insidious and crafty. Most of you guys are smart and cautious enough not to fall for these tricks, but we need to spread the word on this kind of stuff to protect each other. As always, do research and check permissions on any app you download.

Source: Android.net via Phandroid and PC World

 

[obxsalvo]

Thanks for letting us know

 

[aaf709]

Just to be clear; I don't install the app at https://market.android.com/details?id=com.android.vending.sectool.v1 as this will be sent out OTA?

 

[ilikemoneygreen]

Wow, this has some sarcasm in it. Smart aleky hackers.

 

[dfuser312553]

Good thing I'm on 2.3.3

 

[dgstorm]

Just to be clear; I don't install the app at https://market.android.com/details?id=com.android.vending.sectool.v1 as this will be sent out OTA?

Correct. Do NOT download it. you can even see in the description of the SW on the link in your post that it specifically says, "There is no need to download and install this application on your own. " Google will push it on their own... no need for any interaction from you.

 

[DroidMastar2]

most droid users probably don't have any idea that their smartphone is susceptible to these attacks.

 

[redbert31]

Thank you for taking the time to let us know..especially about the fake app that is tainted with viruses...and for generally looking out for the rest of us!

Sent from my DROIDX using DroidForums App

 

[georgek]

Does anyone know if Lookout or any other virus/malware programs would pick it up?

Sent from my Droid using DroidForums App

 

[mjforte]

Sorry to say but this is becoming just like Windows with the popups that say: "you are now infected, click here to scan" and then that "scan installs a virus. I love the open nature of Android but something has to be done.

 

[redbert31]

Wow that pop up thing would really stink..but we all click on stuff out of curiosity .... hopefully that won't happen here..how would we prevent that from happening without getting paranoid?

 

[ilikemoneygreen]

Does anyone know if Lookout or any other virus/malware programs would pick it up?

Sent from my Droid using DroidForums App

Download the virus and tell us. I want to know. Not enough to test it though.

 

[ScottH123]

Will there be an update for the DInc to upgrade to 2.2.2?