Questionable Applications Removed From Android Marketplace

SANS has some interesting news today:

(January 11, 2010)
Suspected phishing applications were found and removed from the Android
Marketplace.  The appearance of the suspicious applications raises the
question of whether Google should vet applications offered in the
Android marketplace before they are made available.  Researchers have
not been able to prove that the applications in question were malicious.
Instead, there is some speculation that rather than having malicious
intent, the developer simply wanted to make a fast buck by charging
people for putting shortcuts on their Androids.  The applications
claimed to simplify users' access to various online banking sites.
Android users who have downloaded apps posted by Droid09 are encouraged
to remove those applications from their devices.
http://isc.sans.org/diary.html?storyid=7936
http://www.theregister.co.uk/2010/01/11/android_phishing_app/
http://www.h-online.com/security/news/item/Android-app-steals-bank-login-details-901895.html
http://www.computerworld.com/s/article/9143830/Fishy_Android_apps_may_have_been_malware_says_researcher?source=rss_security
[Editor's Note (Pescatore): These closed "marketplaces" like on the
iPhone and Android phones have great potential to be a boon to security.
They are essentially whitelisting that users don't complain about -
because there are so many application choices, it doesn't feel like
lockdown to the users. However, the marketplaces do need to raise the
bar on application certification to include stronger security analysis.
But just the fact that an app can be quickly removed from the
marketplace is a huge advance over wide open operating systems like
Windows and Linux.]