The Mysterious Android App Called Karoges by Developer Cloudnine: Is It Dangerous?

People are concerned about a mysterious app showing up on their Android powered devices called "karoges" – This article should shed some light on what it is and what can be done about it.

Many people have gone into their Android applications in the Android Marketplace and found a mysterious app installed on their phones. The app, “karoges,” seems to serve absolutely no purpose. What has people upset is that the app mysteriously seems to install itself without the user’s permission and goes unnoticed for some time (some reported as early as January 1st 2012).

Many are wondering what this app is. Is it dangerous? Is it a virus? Is it malware or spyware or malicious in any way? The answer to all these questions so far is a resounding “no.”

According to this Google Products Forum thread, this app is really just a copy of the default video app that comes with Android. In fact, on that very thread there is a post from a user that claims to have been the one to upload the app. According to the user, they were testing the Android market upload feature by grabbing a random app and uploading it. The random app just happened to be a copy of the videoplayer.apk – it seems that Google attempted to update the videoplayer app and through some yet unnamed loophole, the karoges apk became the default app on many people’s phones since it was in fact a copy of the default video player app.

Of course, this falls under the category of security hole. Unfortunately, the person that claims to have started this whole thing says they have no idea how to undo it and Google has not answered any inquiries on the issue.

The good news is there is an easy way to remove it. The bad news is your phone must be rooted in order to do it. If your phone is not rooted, and you have no idea what a rooted phone is, then do a search for how to do it on your particular model of phone. Barring that, just leave it be. So far, no one has reported the karoges app as malicious in any way. It is just a copy of the videoplayer.apk – rooted users simply have to remove videoplayer.apk and that will automatically remove karoges.

The biggest concern here is that a security flaw has been discovered (accidentally or otherwise) in the Android Market. This may cause some to try to duplicate this error with foul intent. Until Google patches this loophole, users are in danger of having their Android operating systems hijacked by a rogue app pretending to be a normal system app.

Here are a few discussions on the issue:

If you know nothing about rooting an Android phone, Wikipedia’s article on the subject is a surprisingly good place to start: http://en.wikipedia.org/wiki/Rooting_%28Android_OS%29 be sure to check the “external links” at the bottom.

comments powered by Disqus
Loading