Earlier in the year, Google pulled a number of infected Android applications from the Android market storefront in an effort to better protect customer’s using the Android platform. This action was a positive step by Google but it also shows criminals are actively targeting and seeking to compromise mobile devices to gain unauthorized control over them. Since then malware such as DroidDream has been detected in the wild and this malware targets root access on Android based devices in an attempt to gain total control over them. Once an attacker has root control over your Android device anything you do on the device is no longer secure and any system passwords you utilize could be disclosed. If you perform online banking or other business related activities on your Android devices this is a risk that should not be taken lately.
Serious application layer vulnerabilities in mobile devices is one of the unspoken dirty secrets and major downsides that threaten the usability of the devices. You may love the functionality a new application provides but what kind of security is under the hood? The recent disclosure of an Android Skype vulnerability shows that even larger well funded software providers have significant data security issues related to their Android applications. What kind of serious issues might even smaller fly by night vendors have and would they even make their presence public? Just a powerful reminder that you need to be extremely careful when deciding which applications to install on your mobile device and that you must perform your application updates promptly when new updates are issued.
Be sure to read our detailed article on Android Security to learn how to secure your device and minimize your risk of becoming infected.