Exploits Propagated Via Social Media Increase

Orome1 writes "Infection via email, traditionally the most popular vector for spreading malware, has declined in favor of greater use of social media. These include clickjacking attacks using the Facebook 'Like' button, fake Web pages positioned on search engines (BlackHat SEO), and zero-day vulnerability exploits. The rise in popularity of smart phones powered by Google's Android operating system for smart phones has been accompanied by an increase in attacks targeting these devices. A number of different threats have appeared, primarily aimed at racking up phone bills or using the geolocalization function to transmit a user's position to a third party."

Android default permissions

As I said in the last Android article, all apps have access to your sdcard, and to your identity (esn/imei/meid/phone number). Once you give an app permission to access the internet, your identity and sdcard contents are public. Go in to the Market and search for pub:"Adao Team" and look at the permissions on their app called "File Manager". It only asks for internet acces, install shortcuts, and kill background processes. I bet it can access the sdcard even though it doesn't ask for it. It would be useless if it couldn't access the sd card.