By: Steph Dlugon
Some of the words and phrases used by developers to describe Apple’s iTunes App Store policies have been: draconian, big brother, frustrating, the mysterious black box of approval, the ambiguous minefield and even Hell. Google has spent a good chunk of change on a marketing campaign touting the superiority of its open platform that allows developers to place their apps in the Android Market without a formal review process. But yesterday word got out that a rogue phishing app managed to make a brief appearance in the Android Market.
The app posted by “Droid09” posed as a legitimate banking application allegedly put out by First Tech Credit Union. The goal was simply to trick users into providing their login information. The problem is that First Tech Credit Union doesn’t even offer an app for Android.
The incident occurred on December 22nd but the app was quickly identified and removed. News of potential breach didn’t go public until yesterday when it showed up in the fraud section of First Tech Credit Union’s Web site.
While the attack didn’t compromise any accounts, it will undoubtedly cause a PR headache for First Tech, and perhaps make Android customers a little leery (which might not be such a bad thing). It also raises some interesting questions. How was Droid09’s rogue app detected in the first place? Is it a matter of time before a malicious app makes it into the Android Market and does some serious damage? Will Google make a formal announcement, or just try to sweep this incident under the rug? And of course, does this mean that a review and approval process for Android developers is inevitable?
