早前看到很多关于“大量木马病毒入侵Android Market”,没想到我也是受害者之一。
我的手机使用android 2.1.x,一向都比较谨慎。
回忆感觉都没有乱装点什么APP,一直就怀疑安装了一个“弹弹球“游戏。
今天早上我绑定的Gmail邮箱收到一封来自“android-market-support@google.com”以“A Security Message from Android Market” 为标题的邮件。
- 内容:
You are receiving this message to inform you of a critical issue affecting your Android Market account.
Hello,
We recently discovered applications on Android Market that were designed to harm devices. These malicious applications ("malware") have been removed from Android Market, and the corresponding developer accounts have been closed.
According to our records, you have downloaded one or more of these applications. This malware was designed to allow an unauthorized third-party to access your device without your knowledge. As far as we can determine, the only information obtained was device-specific (IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device).
However, this malware could leave your device and personal information at risk, so we are pushing an Android Market security update to your device to remove this malware. You will soon be receiving a notification on your device that says "Android Market Security Tool March 2011" has been installed. You are not required to take any action from there, the update will automatically run. You may also receive notification(s) on your device that an application has been removed. Within 24 hours of receiving the update, you will receive a second email confirming its success.
To ensure this update is run quickly, please make sure that your device is turned on and has a strong network connection.
For more details, please visit the Android Market Help Center at
http://market.android.com/support/bin/answer.py?answer= 1207928
Regards,
The Android Market Team
©2011 Google, Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043
Email preferences: You are receiving this email to notify you of a critical issue affecting your Android Market account.
邮件大概意思就是我的机器曾经安装过木马程序的,需要安装补丁进行清除,全个过程无需人工操作,谷歌为我自动完成。
- 国内安装
可能由于我这里使用国内网络,对Google审核的紧要,一直没有收到自动安装“Android Market Security Tool”提示
- 于是决定自己进行安装修复,Android Market Security Tool 下载地址 https://market.android.com/details?id=com.android.vending.sectool.v1
- 也可以在手机上Android Market 操作搜索 "Android Market Security Tool"进行安装。
- 安装完成后
进行以上几部安装后,大约隔2-5小时我绑定邮箱再次收到一封"A Security Notification from Android Market"关于修复完成的邮件。
全过程就完成,很简单。本来是自动完成的,可能是因为国内的“网络环境”不是很好所以需要自己去手动安装。
图为绑定的Gmail邮件
- 对手机影响
至于被入侵的手机,官方表示木马程序运行时只可盗取有限的手机内容,包括IMEI/ IMSI 编码、手机的独有号码以及使用中的Android版本等,其他资料则没可能会被提取,所以大家也不用过份担心。
- 木马程序名单
大家可参考一下附有木马程序名单
只是由Myournet 发布的程式才有问题,其他不用理会:
Falling Down
Super Guitar Solo
Super History Eraser
Photo Editor
Super Ringtone Maker
Super Sex Positions
Hot Sexy Videos
Chess
下坠滚球_Falldown
Hilton Sex Sound
Screaming Sexy Japanese Girls
Falling Ball Dodge
Scientific Calculator
Dice Roller
躲避弹球
Advanced Currency Converter
App Uninstaller
几何战机_PewPew
Funny Paint
Spider Man
蜘蛛侠
只是由Kingmall2010 发布的程式才有问题,其他不用理会。
Bowling Time
Advanced Barcode Scanner
Supre Bluetooth Transfer
Task Killer Pro
Music Box
Sexy Girls: Japanese
Sexy Legs
Advanced File Manager
Magic Strobe Light
致命绝色美腿
墨水坦克Panzer Panic
裸奔先生Mr. Runner
软件强力卸载
Advanced App to SD
Super Stopwatch & Timer
Advanced Compass Leveler
Best password safe
掷骰子<-----我应该是装了这个家伙
多彩绘画
只是we20090202 发布的程式才有问题,其他不用理会。
Finger Race
Piano
Bubble Shoot
Advanced Sound Manager
Magic Hypnotic Spiral
Funny Face
Color Blindness Test
Tie a Tie
Quick Notes
Basketball Shot Now
Quick Delete Contacts
Omok Five in a Row
Super Sexy Ringtones
大家来找茬
桌上曲棍球
投篮高手