Google Play Gets Updated, Hacked Within Four-Day Period

Source: Thinkstock

Google’s (NASDAQ:GOOG) Play has had quite an exciting past few days. First, it goes the way of the App Store by requiring passwords for every download. Then it crashes twice, preventing developers from uploading new apps and updates to existing apps and users from downloading that content.

Google was served in a class action lawsuit last week from a New York woman, alleging that Google Play, formerly the Android Marketplace, allowed minors to make unauthorized purchases by having a 30-minute window where further downloads and purchases could be made without a password.

Google Play has responded by adding settings that allow users to have their devices mandate a password every single time a download or purchase is made, maintain the original half-hour window of password-free downloads, or even to opt out of the passwords totally. The new options were implemented in the form of an update to Google Play. No reports indicate how this will affect the pending lawsuit.

However, this was change soon became old news when a hacker brought down Google Play’s entire system, preventing any downloads, regardless of what password settings Android users added to their devices.

Turkish hacker Ibrahim Balic, who previously hacked an Apple Developer page last year, took responsibility for the software that took down Google Play twice. He wrote on his website that he wrote an app to test a security flaw he saw in the Android app database. When he uploaded it to Google Play on Sunday, it affected the entire system.

“I really didn’t want to cause any damage but I couldn’t stop my feelings and I wanted to test it on Google’s Android Bouncer by uploading the malformed APK to Google Play. Then I realized that it caused Denial of Service on Google Play!”

Balic did not stop after the first attempt. He uploaded it again. This caused a second crash to confirm it was his work that brought down the system again on Monday. He said he reported the issue to Google, but has received no reply so far. On Reddit, he explained his reasoning behind the second upload attempt. “I know but I had to be sure,” he wrote in response to a user who asked him why. Another Reddit user advised Balic to get a lawyer.

Developers experienced the denial of service when they became unable to upload or update content on Google Play. They saw their ability to make these changes return only to lose them again after the second upload. Customers could not download new apps or update the ones they already had when the system was down. As of late Monday/Tuesday depending on the time zone, Google Play was up and running normally again.

Changes to Google Play affect many smartphone and tablet users. CNNMoney reports that Android software makes up about 80 percent of the smartphone market. The most popular apps on this platform are largely games like Candy Crush Saga and social media apps like Facebook, Twitter, and Instagram.

More From Wall St. Cheat Sheet: