GET THE APP:  CURRENTLY HOT:   Android Fire TV Fire TV Forums HTC One M8 Moto 360

Google Play Now on the Google Toolbar; Play Store Erroneously Installing Russian Email App on Samsung Phones

We’ve got a couple of pieces of Google Play-related stories for you today. First of all, some of you should begin to notice a new addition to the Google toolbar (not the extension for browsers, but the persistent black strip you see at the top of all their sites). It’s a link to the Google Play Store. It’s simple, yet effective. Modest, yet bold. It’s there if you need it.

Secondly, there seems to be a weird bug plaguing handsets of the Samsung variety. It seems a Russian company by the name of OJSC Mobile Telesystems has a  mail app that is automatically appearing on some Samsung handsets.

The name of the app is “MTC Мобильная Почта” and many are puzzled as to how it got there. It seems there’s a plausible explanation for it, and it doesn’t seem to be malicious nor intentional.

The company seems to have given the app the same package name that Samsung gives their email app. As the Play Store uses these package names to identify apps, and since the Play Store can automatically update those apps, the device, by mistake, is downloading an update which replaces the app it shares its package name with. As it is being mistaken for a system app, users are finding it impossible to remove without the use of root.

It’s understandable that users are cautious and assuming, what with all the stories about mobile malware lately. But signs are pointing to this being a simple, honest mistake. XDA developers examined the APK and first signs show that there is nothing malicious inside the app.

This presents an interesting new problem for Google. This is a very, very bad security vulnerability which can be used by malware developers to infect devices who have automatic updates installed. The Google Play Store couldn’t detect a duplicate package name because Samsung’s email app was not in the Play Store – it never has been.

Seven, the company who provides these apps for OEMs and carriers to use, must also reconsider their practice. They’re giving partners apps with the same package name because it’s not intended to be used on the Google Play Store. Simply providing their partners with unique package names for each distribution of the email app would do the trick to ensure nothing like this happens.

We’re not sure what Seven’s policy is on their OEM-tailored clients being uploaded to the Android market, but we want to guess that they’re not quite fond of that. That’s just a guess, though. And, for what it’s worth, OJSC has removed the application from the Google Store, but that still doesn’t help users without root who have no other way to remove the app from their phones. Some phones do have an “uninstall updates” option for apps so be sure to try that if you’re affected by this problem. [via The Verge]




  • http://twitter.com/gamercore Chris Chavez

    Lol That’s kinda funny. I would totally think my phone was infected by some kind of malicious app if I saw that pop up on there. Good lookin’ out, Q. =)

  • mortenmhp

    Your comment on the security is flawed since apps will not be able to update unless they also carry the same signature, so this app was actually signed by the original author eliminating any security concerns…

    It is however a problem that seven chooses to use the same package names not to mention the same signature when they deploy apps to oems especially if those are put in the store.

  • Marc Selwan

    This is kind of funny, I just got my girlfriend a white skyrocket, and as we were updating a few apps, we noticed that the app mentioned above failed to update….I think we got lucky because the original samsung email app was being updated at the same time. Would not have been a good first start for my girlfriends first android phone after using an iPhone for 4 years….

  • Mike Reid

    Yeah, I thought this was kind of funny when I saw some joker post the Motorola FM app. It was re-signed though.

    Google doesn’t care if you use com.big_company_name.whatever it seems. LOL.

    “Ways to hijack system apps for fun and profit…”