A mobile security expert has used the high-profile mobile game Angry Birds to demonstrate some gaping security holes in the Android Market. Even though the game had nothing to do with the actual Angry Birds game and was filled with a trojan virus, he had no trouble getting it onto the digital app store.
Luckily, though, no Androids were harmed in the making of this hacked Angry Birds level. It was in fact only a demo created by the chieft technical officer of security company Scio Security, Jon Oberheide.
Because the Android Market is an open platform an extremely easy to get accepted into, Oberheide was able to put up an app that disguised itself as being an official Angry Birds app.
The app, a trojan, was able to bypass security procedures on Android to gain access to all sorts of data on any phone it would have been installed on. But because it was just an app to prove a point, Google pulled it from the Market after a few hours.
It’s certainly not the first time Android’s security has come into question. Reports on the subject have found numerous apps, downloaded thousands of times, that hide their intentions and grab personal data on the phone without the phone owner even knowing.
However, this is the first time someone has used a high-profile mobile game to demonstrate the platform’s security holes. It makes it a bit more relevant to users who may not appreciate huge reports that talk about “remote execution” or “bypassed security protocols.”
The main issue to take away from the Angry Birds incident is the failed acceptance procedure in the Android Market. Because of its manipulative code and deceptive description, it should never have even made it live on the digital storefront.
So, before you start downloading a bunch of cool game add-ons that sound too good to be true, you might wanna do some research first. Hopefully this Oberheide guy didn’t give any bored hackers some crazy ideas.