Android Market Struggles to Clean Itself of RuFraud, Other Trojans

Google's open door policy for Android apps is proving ill-advised, with numerous applications being removed from the Android Market service as the company plays whack-a-mole with spammers and other ne'er-do-wells.

Security experts have alerted the company to numerous companies - possibly fronts for the same organisation - who have uploaded seemingly free applications to the Android Market that quietly subscribe the user to a premium-rate SMS service costing as much as €4.50 a message in the background.

One such company, dubbed 'RuFraud' by security company Lookout, has had more than twenty applications removed from the Android Market as users complained of premium-rate subscriptions. Since then, another thirteen have been uploaded.

According to an analysis of the Trojan apps by F-Secure, the apps target eighteen countries including the UK, Germany, France, and Poland, with the US not affected by the downloads.

Many of the apps purport to be free versions of premium games and applications, including Angry Birds and Cut The Rope. As Google takes down the malware, however, the companies responsible just upload more - signing up for new accounts using likely false identities to do so.

Google needs to address the malware problem on Android, and fast: Apple, while occasionally suffering from its own outbreak, has a more locked-down platform and refuses to list apps without having approved them first, while Microsoft is taking advantage of the complaints by offering selected victims of Android Trojans a free Windows Phone handset.