Android 4.1 (Jelly Bean) Open Sourced; New Android Trojan Buys Apps for You

Android 4.1 (Jelly Bean) announced at the Google I/O conference 2012, has now been released to the Android Open Source community.Google's head of the Android Open Source Project (AOSP), Jean-Baptiste Queru M. "JBQ" Query, announced the release of the Jelly Bean binaries on Monday to the open source community developers. The new release is tagged […]

Android 4.1 Jelly Bean Open Sourced

Android 4.1 (Jelly Bean) announced at the Google I/O conference 2012, has now been released to the Android Open Source community.

Google's head of the Android Open Source Project (AOSP), Jean-Baptiste Queru M. "JBQ" Query, announced the release of the Jelly Bean binaries on Monday to the open source community developers.

The new release is tagged as android-4.1.1_r1 and the development branch is named as jb-dev.

We're releasing Android 4.1 in AOSP today.

The name of the tagged release is android-4.1.1_r1.

The name of the development branch is jb-dev.

We recommend that you create new clients, even if you're working in the master branch. It'll make your clients smaller and faster to sync.

Proprietary binaries are available for Nexus 7 and Galaxy Nexus. Nexus S and Xoom will follow.

JBQ, on behalf of the entire Android team at Google.

The team behind Android's most popular custom firmware, CyanogenMod, announced it is going to speed up the process of CM10 to package out Jelly Beaninto ROM form as soon as possible. Noting, work on a Jelly Bean release will not affect the RC2 and Stable releases of the Ice Cream Sandwich-based CM9.

In other Android news, discovered by TrustGo, a mobile security company, trojan "MMarketPay.A," downloads paid apps and videos from Mobile Market (M-Market), China Mobile's official app store, without the user's knowledge, resulting in some pretty hefty bills.

The trojan is reported to have infected more than 100,000 smartphones in China.

The malware is picked up by downloading infected apps from one of nine app stores (nDuoa, GFan, AppChina, LIQU, ANFONE, Soft.3g.cn, TalkPhone, 159.com and AZ4SD) and once installed on a device, it bypasses M-Market's SMS security step, and begins placing orders and downloading content.

"The malicious apps takes advantage of the easily subverted Mobile Market's payment workflow. After having logged into the market's website, the Trojan can automatically place orders for paid apps and content. M-Market sends a verification code via SMS, which is then provided to M-Market for verification.

Once the verification is completed, the app is downloaded automatically, and China Mobile adds the order to the customer's phone bill.

The Trojan is able to intercept received SMS messages in order to collect the verification code sent by M-Market and, if a CAPTCHA image is invoked, it is also able to post it to a remote server in search for the correct answer," Net-security explains.

Update: Just embedded a video playlist of the Google I/O 12 - The Android Sessions list.