Google has remotely removed two free apps from several hundred Android phones because the apps misrepresented their purpose and thus violated Android developer policies, according to a company spokesman.
This marks the first time Google has used the Remote Application Removal Feature that allows the company to delete apps for security reasons that have been installed through Android Market.
The apps were proof-of-concept programs designed to test the feasibility of distributing a program that could later be used to take control of the device in an attack, according to Jon Oberheide, the developer who wrote and distributed them.
The one app--called RootStrap--executed code that merely printed a message on the phone that says "Hello World," while the second app did the exact same thing but was disguised as a preview of the "Twilight Saga: Eclipse" movie, he said in an interview with CNET on Friday. There were about 50 downloads of the RootStrap app and 250 to 350 of the Twilight app, though some people later uninstalled them, he said.
Oberheide has developed a program that could be used to bootstrap a rootkit, effectively allowing someone to remotely take control of a phone by having an app already installed on it phone home to fetch code that could exploit a vulnerability on the device, he said.