New SMS Trojan Found In Android Markets

Trailrunner7 writes "The Android platform seems to have become the playground of choice for attackers and malware authors looking to make a quick buck. The latest example is a premium-rate SMS Trojan that not only automatically sends costly SMS messages, but also prevents users' carriers from notifying them of the new charges. The new piece of malware, which is known as HippoSMS, has been found in unofficial Android app markets in China. This is just the latest in a series of similar incidents in which attackers and scammers have inserted either outright malicious apps or seemingly benign apps containing malware into app markets. Most of the attacks have targeted Android users, and several times Google has had to remove malicious apps from the official Android market."

Well on the bright side

[mr1911]

At least Android users can install whatever they want rather than playing in Apple's walled garden.

That doesn't sound like Apple bashing. Here come the troll mods.

Re:Well on the bright side

[djdanlib]

WHAT? You mean freedom also provides the opportunity to freely injure one's self?!?! You don't say!

Re:Well on the bright side

[cavreader]

There is a fairly large developer community that can't tell good software from bad so they just rely on the originating vendor to make their determination. MS - Bad, Apple - Good, OS - Excellent.

Re:Well on the bright side

[Ol+Olsoc]

Absolutely. If a product is defective and kills all the people that purchase it, the product will stop selling.

Semi sarcasm....

That's exactly why doctors should not be licensed. Not even educated, if they don't want to be. They put up their sign, and there you have it. If they kill people's children, then after a couple years, those people won't take their children to them any more.

Sarcasm off...

A hackable phone is not freedom. I want the damn thing to work, the concept of a walled garden is actually good in this case. I don't want other people messing with my car, (I'm talkin' to you Onstar) mt refrigerator, or my air conditioner. Oh yeah, or my phone, which is just another appliance.

Interestingly enough, the free market is going to take care of the phones that have the freedom to be hacked so badly. I'm not going to buy one for exactly that reason. Oh the paradox!

Re:Well on the bright side

[djdanlib]

I can agree that appliances should be restricted in their functionality. My current phone doesn't have "apps", it just handles calls and SMS, and I like it that way.

My deliciously ironic gripe is that people complain no matter what they have. Apparently an app store policing submissions = evil gestapo, while an app store failing to police submissions well enough = why didn't you protect meeee *whine*

Re:Well on the bright side

Like any troll, the first thing he mentions is about the other guy. Just like any political "argument". If you're a Republican and you hear about something your party does wrong, the first thing you hear is "well the Democrats do this other thing that's bad, don't forget about that".

Yes, Apple has a "walled garden". I'm surprised you didn't mention the "Reality Distortion Field" too. Oh and in case you didn't hear, there was a major Trojan found in the Android Marketplace.

Re:Well on the bright side

[rwven]

Meh. This isn't news. The app is available on some third party app markets (read: not google's market) which are used on the other side of the planet. There was a time when a malicious text message could damage or brick an iphone.

Re:Well on the bright side

[bberens]

Not that malware hasn't slipped into the Google store before, but the summary seems to indicate that this particular malware is circulating in 3rd party app stores. Something I would wager 99% of users don't even know exist.

Re:Well on the bright side

Yeah, I'd say about 7/10,000 is about right for the number of people in the world who can tell good software from bad.

Re:Well on the bright side

[djdanlib]

Well, that brings us neatly around to my original point: If you have the freedom to install apps from anywhere, you have the freedom to install malware. This freedom does not come with what should be the prerequisite dependencies of common sense nor investigative abilities. So in essence, you now have the freedom to hurt yourself, alongside the freedom to do anything you want. You can't have one without the other.

Re:Well on the bright side

[kelemvor4]

I'm pretty technically competent; but I'll be the first to admit I've not reverse engineered a single android app that I've installed to verify it doesn't contain malware like this.


I wonder if there's any scan on demand anti malware apps out there. If not, there soon will be I'm sure. There's definitely a market for it.

Re:Well on the bright side

[kelemvor4]

Not that malware hasn't slipped into the Google store before, but the summary seems to indicate that this particular malware is circulating in 3rd party app stores. Something I would wager 99% of users don't even know exist.

I'm one of the 1% that know they exist I guess. However, on android why would you bother with one? It's not like Apple where the iGestapo restrict things that get in the way of iProduct sales.

Re:Well on the bright side

[Politburo]

No there wasn't.

Re:Well on the bright side

[TheGratefulNet]

same here. I'm a good coder, but who has TIME to audit every damned thing?

we do need auditing services. it should be non-profit and community/trust based. ie, like most opensource things.

I don't like a VENDOR being in control. I want it to be 'we the people' so to speak. that way its not political and not under some profit (or even government) directive, one way or another.

Re:Well on the bright side

[MobileTatsu-NJG]

Heh.

"Malicious code on the Android platform is proof of how great it is!!"

Re:Well on the bright side

I write code and I can't tell the difference between good software and bad software (in terms of whether or not it contains code that would be considered malicious from the user's viewpoint), without an extensive and thorough code analysis. I know you are talking about "punch the monkey and win a free app" type software, but the really serious malware is not going to be that obvious.

Re:Well on the bright side

Yes, freedom means to allow yourself to screw up your own device if you were ignorant enough to download a "chinese bikini girls" app your your Android phone.

Freedom also means a consumer exercising his/her right to choose an entirely different platform that provided a walled-garden of countless apps that requires zero worries from the consumer that it could be infected.

You want the freedom to have your phone vulnerable to fuck-ups, go right ahead. Millions of other people decided they have better things to do with their time than to treat their phones like a crappy Windows PC.

Re:Well on the bright side

[SatanClauz]

eh... sort of... not permanent, anyway. I think there have been a few instances like this but this is the most recent I found http://www.theregister.co.uk/2010/12/30/rogue_sms_danger/

Re:Well on the bright side

It's up to consumers to do their own research. If they don't, too bad. Maybe, after enough $$$, they'll learn to be a responsible adult and accept the full consequences of their actions (or inactions). I mean, when someone goes around not putting oil in their car, does anyone feel sorry for them when it breaks down?

Re:Well on the bright side

Except most phones have the install software from unknown sources unchecked

Re:Well on the bright side

If y'all don't have the time to do a good job, just step away from the tool.

Re:Well on the bright side

[Riceballsan]

There's certainly legitimate uses for the 3rd party app stores still, such as google has to remove emulators and such to avoid getting their asses sued into oblivion. I do have to say though I am not even slightly concerned about the infected apps from obscure chinese marketplaces, but I do think there is legitimate concern about the ones that have slipped into the marketplace. I do think google needs to step up and add a few layers of QC to the official marketplace. The best of both worlds scenario would be a fairly well audited for quality of apps official market place, or even maybe a certain sticker of "Google approved" applications, something simply to confirm that things are absolutely safe, for the average non-techie user, just as long as there are no warantee voiding/risking hurdles added for fairly competent users to get the unverified apps that they may want.

Re:Well on the bright side

I got 7/100 total people. So the population only needs to grow by 700% before we get at least half a person to tell the rest of us.

Re:Well on the bright side

[Curate]

There is a fairly large developer community that can't tell good software from bad so they just rely on the originating vendor to make their determination. MS - Bad, Apple - Good, OS - Excellent.

This developer community would be... the open source developer community?

Re:Well on the bright side

"Malicious code on the PC is proof of how great it is!!"

Changes the scope of things a bit, no?

Re:Well on the bright side

[CharlyFoxtrot]

Meh. This isn't news. The app is available on some third party app markets (read: not google's market) which are used on the other side of the planet. There was a time when a malicious text message could damage or brick an iphone.

There was a proof of concept that could execute arbitrary code on iphone by sending about 500 SMS and which worked about 20% of the time, as explained by the hacker here. Of course serious bugs aren't really news on either platform. There was a time when Android would execute all text typed into the phone as root, then there was the Android bug that sent your messages to random contacts or the one where an SMS corrupts Androids SQLite database. People in glass houses should throw stones you know.

Re:Well on the bright side

[cgeys]

same here. I'm a good coder, but who has TIME to audit every damned thing?

we do need auditing services. it should be non-profit and community/trust based. ie, like most opensource things.

I don't like a VENDOR being in control. I want it to be 'we the people' so to speak. that way its not political and not under some profit (or even government) directive, one way or another.

Most open source software/distros are made by for-profit organizations.. Now I dont say that is a bad thing, it's great to have support. But YOU need to learn some things.

Re:Well on the bright side

same here. I'm a good coder, but who has TIME to audit every damned thing?

Suspicions confirmed. So much for OSS.

Re:Well on the bright side

[TheCRAIGGERS]

You ARE in control. If you look at an app and see it requests permissions that you don't like, or don't want them to have, you simply don't install it. Yes, that might mean you don't get to play strip poker or whatever.

For example, the only android developer that I trust with my personal information is Google... and that's only because they already have it all anyway.

The other option is the new CM7 roms have the ability to remove permissions from apps. It has opened up a whole new world for me, as I'm now able to use apps I never wanted to install before because of their permission requirements.

Re:Well on the bright side

[rwven]

http://www.forbes.com/2009/07/28/hackers-iphone-apple-technology-security-hackers.html

My point remains however. This isn't news. This is a non-google sanctioned market and they're responsible for what they post. Not google. Not android.

I'd much rather carefully pick my apps....and actually be able to carefully pick my apps, instead of being limited to only doing a small subset of the features my device would otherwise be capable of.

As you said, people in glass houses....

Re:Well on the bright side

[LDAPMAN]

Who are these "fairly competent users" and how are they distinguished? I think Apple thought about this and decided that there was no manageable way to deal with such a concept. As a result they have just two groups, ordinary users and developers.

Re:Well on the bright side

[kelemvor4]

I think that would be people who:
1) Want to use an unverified app or app store
and
2) Know how to do it.

That's one of the problems with Apple. They treat all their customers like idiots when it's possible that some of their customers may not be.

Re:Well on the bright side

[LDAPMAN]

Your missing the point. The only way to to qualify that a person "Knows how to do it" and to only allow signed code is to require that you be a developer and have access to certs for signing the code. It's not acceptable under any conditions to have unsigned code on a device.

Re:Well on the bright side

[kelemvor4]

I guess we'll have to agree to disagree. Code signing in it's current form is merely a revenue vehicle for the signing authority and does not mean the slightest thing in relation to quality. In the end it may have the opposite effect since it lulls users into a false sense of security.

Information, please!

[Chonnawonga]

Why don't these articles ever tell you WHICH markets and apps are affected? Oh, that's right, they're too busy trying to generate page hits through scare-mongering to care about information.

(I'm not trying to say these aren't legitimate threats: quite the opposite. But, good reporting would help mitigate these threats by publicly shaming and informing.)

Re:Information, please!

It did?

The new piece of malware, which is known as HippoSMS, has been found in unofficial Android app markets in China.

Re:Information, please!

[Chonnawonga]

No, that's the name of the malware, not the apps. FTFA:

"The malware is embedded in a seemingly legitimate application in the market, and once users download and install that app, the fun begins."

It goes on to talk about "the host app" which the malware "piggybacks". Which app? They don't tell you. They'd rather tell you that "The Apple iPhone may still be the gold standard when it comes to smartphones".

Re:Information, please!

[Computershack]

It did?

The new piece of malware, which is known as HippoSMS, has been found in unofficial Android app markets in China.

No it didn't dumbass. All it tells you is the name of the malware that has been found in the app, not the name of the app or apps themselves.

Re:Information, please!

[molnarcs]

Why don't these articles ever tell you WHICH markets and apps are affected? Oh, that's right, they're too busy trying to generate page hits through scare-mongering to care about information.

(I'm not trying to say these aren't legitimate threats: quite the opposite. But, good reporting would help mitigate these threats by publicly shaming and informing.)

Exactly. Also, chances are, that there are HUNDREDS of malware in unofficial Chinese markets - will we get a new slashdot post for each and every one of them? Editors: wtf?

Re:Information, please!

[MobileTatsu-NJG]

Why don't these articles ever tell you WHICH markets and apps are affected? Oh, that's right, they're too busy trying to generate page hits through scare-mongering to care about information.

Slashdot generates lots of ad revenue when we argue about walled gardens and malicious apps. We keep falling for it.

Unofficial

[Aladrin]

I'm having trouble worrying about people who install apps onto their phone without knowing that the market creator is paying attention for that sort of thing. Google and Amazon are alert and watching. Random markets in China? I feel less confident in them.

I feel exactly the same compassion for them that I feel for people who download things from any random website they find.

Re:Unofficial

[Night64]

Slashdot should change the headline to "New SMS Trojan Found In Application Stores/Markets". That would call even more readers. Because that IS the point, isn't?

Price you pay..

[AngryDeuce]

If you want the freedom to install whatever you want from wherever you want, you have to accept that some of those things may not be good for you or your devices. To me, it's worth the trade off.

In the end, the best protection will always be common sense. To those that do not feel they possess enough knowledge to make their own decisions in this regard, there is always Apple who will gladly make the decision for you. To each their own.

Re:Price you pay..

[Kamiza+Ikioi]

Yeah, and "from wherever" for me NEVER includes apps from China.

Re:Price you pay..

Yeah, and "from wherever" for me NEVER includes apps from China.

As it does to most other people with at least half a brain. For the rest, there's iOS.

Re:Price you pay..

[Trufagus]

Why?

First off, let's note that this /. article is about a Trojan that is not in the Android market. Publishing an article about that is just stupid scare-mongering. There could be millions of viruses/trojans outside the market and I wouldn't care. What matters is when they get into the market.

Now, back to your trade-off.

Google can and should make the Android market 99.99% free of trojans/viruses. Free enough that I can recommend the Android market to my proverbial mom or uncle and know they will be safe. (Some would argue that they already have - the number of downloads of malware from the market probably represent close to 0.0000% of market downloads.)

And they can do this while still keeping the market 'free'. Because, as in most countries, freedom and free speech don't mean you can do/say anything. There are limits, but the limits are (supposed to be) clearly articulated and implemented, and should have widespread support.

So, if Google eliminates all malware and anything else that breaks the laws of my country or your country (this part is not resolved yet), and if they are transparent about this, then I would argue that we still have a free market/platform and we didn't have to make any trade-off that we don't already make in living in a democracy, free, society.

Re:Price you pay..

If you want the freedom to install whatever you want from wherever you want, you have to accept that some of those things may not be good for you or your devices. To me, it's worth the trade off.

It's only a trade off 'cause google does not want a permission control system like cyanogen nightly has it.

Re:Price you pay..

[gmon750]

You are assuming most users of smartphones have common sense to begin with in order to stay away from red-light-district App stores. That is simply not true. Most users (regardless of platform) are simply not savvy enough to know better.

Sure, you can label them as "ignorant", or "stupid". I've read countless of postings from tech-brats preaching that if a user doesn't know any better, they should not even buy a smartphone. If that were the case, then Android would have had a much more difficult time getting any market penetration.

Users don't know (and should not have to know) that going to a Chinese App market is akin to rolling dice. They don't look at their smartphone as a desktop-computer per se, and it's really naive to think that they should have to. Google's open-to-all approach is fundamentally broken. So much so that even fandroid folks here are hinting that Apple's walled-garden approach actually is something that should be considered. Who knew that Hell would freeze over so fast!

Best protection is not common sense. We're beyond that now. People should not have to babysit their phones. It should be treated as an appliance, not a PC. Google needs to address this or it will be their downfall. This is one area where Apple really has their act together.

Re:Price you pay..

[AngryDeuce]

Google already makes the Android market secure. They've yanked malware off the official market many times. Outside of technical issues such as things locking up, your mom or uncle is perfectly safe downloading from the official market, and most issues like that are easily discerned in reading the reviews of an app. Chances are, if it's got less than a 3 star rating, it's probably not worth the download, and even the most non-technical person should be able to read those reviews and make an intelligent decision.

However, the trade-off I was referring to is the ability to install apps from outside of the store. There is an option right there, Options/Settings/Applications "Unkown Sources: Allow installation of non-market applications". Mom and uncle leave that box unchecked, all is well. Nothing is forcing anyone to install apps from out in the wild. I would rather that functionality be there than to have it removed to "protect" the people that do not have the ability to protect themselves. It's not Google's responsibility to make sure everyone is being smart with their devices...

Re:Price you pay..

[AngryDeuce]

Users don't know (and should not have to know)...

I absolutely disagree, I think that those of us that do know the dangers of the internet should be beating it into the heads of every person we know that doesn't. People need to learn that the internet is not a fantasy land with unicorns and funny images. People get taken advantage of due to their ignorance all day long. It's never going to stop. There are no internet police. For every shady app or program or attachment or virus you eradicate in the wild another one is going to pop up.

Imagine how many problems could be avoided in the world if everyone finally got it through their head that you do not open attachments from unknown sources, ever? Imagine how many people less a year would get their online accounts hacked if everyone just miraculously understood that your password should not be a dictionary word or "123456"? How many less cases of identity theft would there be a year if people just realized that you never, ever give your personal information out over the telephone or internet?

What you're saying is the equivalent of saying "people should not have to know that if they don't lock their doors when they go out they might get burglarized." I'd be willing to bet that the vast majority of malware and viruses spread not because the people that created them were so smart or the programs or hacks used were that advanced, but because the people did not have the common sense to see either the danger in their lax security practices or lack of them completely.

Personally, I'll make my own decisions. I don't need Google or Apple to decide what is good or not for me, and frankly, I don't feel I should have to live at the same level as those that do, especially when what is at stake is my electronic devices. If 95% of people out there can't handle installing and using custom firmware, for instance, I don't think the option should be taken away to use it.

Re:Price you pay..

To be fair, there could be better controls and finer granularity over what permissions a user has to grant to a piece of software that they install on their phone. The problems with (carrier endorsed iterations of) Android as a platform don't simply come down to users making poor choices regarding software downloads.

Re:Price you pay..

[robsku]

Best protection is not common sense. We're beyond that now. People should not have to babysit their phones. It should be treated as an appliance, not a PC. Google needs to address this or it will be their downfall. This is one area where Apple really has their act together.

Well, some of us want a smartphone that IS mare like PC, not restricted appliance - and google is giving us that. Too bad if they fail, I'm glad that someone is trying... and I disagree with you on that *everyone* should have some basic understanding of things they use - if they can learn how to install and use software and browse internet they should learn basic safety also, if they don't... well, boo-hoo, no sympathy for them.

Re:Price you pay..

People should not have to babysit their phones

In Soviet Apple, your phone babysits YOU!

and the open apps don't have 30% cut + $99 year

[Joe+The+Dragon]

and the open apps don't have 30% cut + $99 year

Re:and the open apps don't have 30% cut + $99 year

[grub]

No, but the ones that do have a lot of developers making a lot of money...

This only affects chinese 3rd party markets...

Unofficial Markets. So in other words, Google has nothing to do with this. If you want security on Android, just stick to the standard market. Obviously Third party markets are bad news bears.

this fails the grandparent test

if a stranger emails you an attachment, do you open it?

Re:this fails the grandparent test

[geoffrobinson]

I don't know. Are they giving me candy or a trip to Disneyland?

Re:iPhone has this problem as well

[Duradin]

Not goatse but damn close, don't click the link.

For a new Android user

[0racle]

As someone who is about to get their first Android device, is there a good resource for practices for protecting it?

Reading the summary, it seems this is a 3rd party market that was infeted. Obviously the first thing is not to install everything you see, followed by don't use 3rd party markets. However there seem to be several 3rd party markets that do have worthwhile software. Is there a suggested list of marketplaces that are reliable?

There also appear to be several Android firewall apps. Is there a site where they are reviewed and compared?

Re:For a new Android user

Number 1 Tip: Sell it and buy an iPad/iPhone.

Re:For a new Android user

[tlhIngan]

Obviously the first thing is not to install everything you see, followed by don't use 3rd party markets.

Can't help you with Android security, but there are probably a few million people willing ot sell you Android AntiVirus 2011 XP Premium Edition and the like as well, plus a few legit antivirus/antispyware and other stuff, and roots to install DroidWall and such.

The thing is it's a 3rd party market. They exist in China mostly because Android allows quick and easy pirating, and China being China, well, it's obvious. Install a third party market if you want paid apps for free.

After all, didn't the iPad get dinged because there was no easy way to install pirated apps on it? (Easy as in "allowed by default" even though it's really just a jailbreak away).

That, and Chinese phones often run AOSP, so if you want apps, the only way is often third party markets because they can't get on the Marketplace (which Google licenses only to OHA members and not available via AOSP).

And anyone who claims Android's permission based model is perfect - I can point you to the Dancing Pigs problem. If people want to pirate, no amount of technical hurdles is going to stop them. Throwing up more dialogs and popups and such just means one more thing people will ignore.

Re:For a new Android user

[alanebro]

A good practice is to find an app in which you are interested, then review the permissions to verify they make sense.

For instance, if you're downloading a new phonebook and the app asks for permission to your contacts, you can assume that it really needs it.
If you're downloading a new tic-tac-toe game that asks for full permission to read your ingoing and outgoing calls, you should really question why it needs that.

This isn't foolproof, but it is a really good place to start.

Re:For a new Android user

[Is0m0rph]

Pay attention to what the app wants access to when you install it. You have to OK it before it will install. If it's a live wallpaper there should never be a reason it needs to access anything on your phone for example.

Re:For a new Android user

[hypergreatthing]

roll a few sheets of tin foil on the top part of the device, slowly have it encircle itself near the top.

Your device is now protected from mind control rays and other nefarious parts of the EM spectrum.

Re:For a new Android user

[TheGratefulNet]

I'm pretty technical but I find the permissions too vague. they are still mostly 'opaque' and I have little actual idea what's going on.

maybe if they showed some of the data they GET, as an illustration? maybe they cache some of the 'captured' data the app 'takes' and show you that, on demand? that way I can say 'oh, you mean you're grabbing THAT from me! fuck you! delete.'

if there's no examples of the data they take, conceptual permissions just don't work for users. works for programmers who have the code. this is NOT the users, though! not even tech ones. no one has time to audit every program in your phone.

Re:For a new Android user

[brim4brim]

Install Lookout security suite, scans every application you install for malware. Don't know if it would have worked in this case but if you stick to Android market then you won't have many issues anyway. Best bet is to stick to apps with good reviews and let those that can tell, flag the crap.

Re:For a new Android user

[Soft]

As someone who is about to get their first Android device, is there a good resource for practices for protecting it?

You may want to read this earlier Slashdot story, from which the suggestion that made the most sense to me was to install DroidWall and just not let applications access the network. Of course, they might not work then, and it can be difficult to single out a single app among, say, Google Services.

Re:For a new Android user

[WankersRevenge]

Uggh ... terrible moderation here. This is flamebait, not insightful. As an ios developer, I recommend that you buy the device that best caters to your needs and if you do get off the beaten path with that device -- educate yourself on possible dangers. If you install 3rd apps on your android device, check its requested permissions. If you root your ios device, change the freakin' root password. The issue isn't the device, but the person using it.

Seriously ... I'm tired of this android / ios pissing match on Slashdot -- and that includes mods. I know it generate hits but it's make for terrible conversations. Believe it or not, they can co-exist.

Re:For a new Android user

[Reapman]

The biggest thing is check the permissions the app needs (it tells you) and don't install if you question why it needs that. A lot of free apps have Ad's so they require a network connection. If your installing some standard game and it asks for SMS sending capabilities - you probably shouldn't install it.

Re:For a new Android user

[trunicated]

Don't tick the "Unknown Sources" box in Settings > Applications.

Re:For a new Android user

[gmon750]

He is right on a fundamental level. Android is more geared towards tech-heads, geeks and nerds. Nothing wrong with that. iOS is geared towards eliminating the technicalities from the user. Again, nothing wrong with that.

I don't like the pissing-contest folks either. To each their own. However, I have noticed a distinct pattern that most of my non-tech-savvy friends hate their Android phones and end up going the iOS route simply because what makes it popular for the tech-community is exactly the reason it is hated by the joe-consumer. They purchased their Android phone simply because it was a "free" phone, or came in at a lower price, etc.

It's hard to educate a user about this when phone salesmen are so biased to one system or another. Buying a phone should not have to e like buying a car.

Re:For a new Android user

[Inda]

You have a low user ID; you'll be fine.

Do what everyone does. Don't install brand new apps for a month. Google the name at a later date and see if any other suckers have fallen for it first.

Re:For a new Android user

Just stick to the google and amazon markets and you'll be fine.

Re:For a new Android user

[robsku]

Mod parent up!

The real WTF...

[RoverDaddy]

After that, it registers one ContentObserver to monitor incoming SMS messages. Inside the ContentObserver, it will delete any SMS message if it starts with the number "10." Note that the numbers such as 10086/10010 represent legitimate mobile phone service providers in China and are typically used to notify users about the services they are ordering and the information of users' current balance of their mobile phone accounts.

.. is why is there an API that allows an app to delete incoming SMS messages ???

Re:The real WTF...

[BitZtream]

One reason would be to write an app that ignored/deleted known SMS spammers?

I'd actually love one for my phone that would delete all the obnoxious AT&T spam text messages about new services and crap.

Re:The real WTF...

[imunfair]

App to block/sort/filter spam or unwanted senders? I'm sure there are more creative uses but that's just the most obvious one

Re:The real WTF...

Suppose you were making a spam-filtering app...

Re:The real WTF...

[AndrewNeo]

So you can replace the default SMS application?

Re:The real WTF...

[brim4brim]

Yes I use GoSMS. Has way more features than Stock. Great app.

Re:The real WTF...

[i.r.id10t]

Having just got my first smart phone and being on AT&T, the *very first* message AT&T sent had "reply with stop to end automatic messages" at the end of it ... as have the other 3 I've gotten since (haven't told them to stop, so I'm good with that part).

Re:The real WTF...

[Chris+Mattern]

why is there an API that allows an app to delete incoming SMS messages ???

Anti-spam SMS app. Or an app for managing SMS messages in general.

Re:The real WTF...

[brim4brim]

Oh to explain the blocking of incoming SMS. One such use is what GoSMS does. If your device is out of space which is common on budget Android devices that don't have app 2 sd functionality as they an be running old versions of Android, with the stock SMS app, it notifies you that it failed to receive an SMS but has already sent an acknowledgement of receiving it to the network so the message is lost. In GoSMS, it doesn't tell the network it received it until it is saved to disk so if you run out of space you can free up more and the message is saved when the network attempts to resend it to your phone. At least that is what I think is going on in the background. All I know is stock loses text message when out of space and GoSMS doesn't. The rest is assumptions on my part :)

Non-story...China...enough said.

Non-story. "The new piece of malware, which is known as HippoSMS, has been found in unofficial Android app markets in China." If you load apps from China directly you are asking for this sort of thing. It's nearly the equivalent of going to a "Warez" site for Windows programs.

Can I subscribe to "no premium SMS"?

[davidwr]

How about if carriers offer a free service which simply blocks "premium" SMS calls altogether?

Sure, I won't be able to donate $10 to the Red Cross the next time there is an earthquake in a 3rd world country, but at least I'll be legally immune from paying for any that do get through.

Think of it as 976/900-block for SMS.

Re:Can I subscribe to "no premium SMS"?

How about if carriers offer a free service which simply blocks "premium" SMS calls altogether?

Sure, I won't be able to donate $10 to the Red Cross the next time there is an earthquake in a 3rd world country, but at least I'll be legally immune from paying for any that do get through.

Think of it as 976/900-block for SMS.

You can opt out for free. Just call customer support, or talk to your local store. When I signed up for Verizon I asked about that and they blocked them right there.

I forego SMS altogether

I had AT&T completely disabled SMS on all my accounts; too many dirt bag bottom feeders sending me spams that is costing me money.

Re:I forego SMS altogether

Maybe you shouldn't be putting your phone number on so many bathroom walls.

Damn Apple's Walled Garden

[H0p313ss]

This is exactly the kind of innovative feature that the iPhone users of the world will miss out on.

Yeah, I know, flame bait....

Re:Damn Apple's Walled Garden

[mac84]

The only reason no one writes this malware for iPhones is that nobody uses iPhones. Oh wait....

Re:Damn Apple's Walled Garden

[Microlith]

I know, we should lock down ALL computers. No software from anywhere except the hardware or OS vendor's approved locations!

This includes other OSes. Those terrible, evil Linux installations... you never know where they've been!

Re:Damn Apple's Walled Garden

[brim4brim]

Yeah PDF exploits can't be found for the iOS :P

Re:Damn Apple's Walled Garden

[dzfoo]

Wow, really? The single vulnerability known at the moment, hum... we should run for the hills or install an antivirus!

          -dZ.

Re:iPhone has this problem as well

[N!k0N]

... don't click the link.

pretty sure that bit is the M.O. when browsing /. ;)

Re:iPhone has this problem as well

That is the typical behaviour of a Fuckle Assdroid user.

Most popular = most attacked

[frankxcid]

I was always of the belief that Microsoft desktop was the most attacked because it was the most popular. It's a good contrast to see how Android is affected by its own popularity

Re:Most popular = most attacked

The popularity has nothing to do with the quality of the code.
If the code is perfect and software is designed well, you dont get malware what use bugs.
If the software has one user it does not matter is the code perfect if the design is so flawed that user can do what ever wants.

I'm on a pay-as-you-go plan

[TheGratefulNet]

and SMS, if abuse, could drain my account!

a year or two ago, I was with t-mobile and their PAYG plan did not have the ability to turn off sms send or receive! my balance went to nothing and I gave up on that carrier. a few years later, I checked back and now, if you call CS, they can turn sms off even if you are monthly and non-contract.

sms is for kids. I'm a middle aged man. I have no need for this childish bullshit. I do email. if you want me, you call or you email me. email is more in my domain that I can control. sms is purely a carrier thing and I want no part of that. (at least until they remove the fee on RECEIVING texts!)

Re:I'm on a pay-as-you-go plan

[Archangel+Michael]

Texting is for people who don't have smartphones. Email, Pingchat, Y!, FB, Google+, Google Voice and many many others all use DATA, which costs much less per bit than Texting, especially if you're using WIFI (like I do).

Texting isn't for kids, it is for poor people, which has, as a subset, most kids in it.

BTW, I have a smartphone plan without text messaging included. It can be done, if you ask for it. They charge separately for it, they can remove the charge.

who would download something at market a in china

[JonySuede]

Those who downloaded some malware from china deserved every charge they got billed against them. Those who are crazy enough to trust the Chinese with software deserve to be hacked. Hopefully we can avoid Chinese software but sadly we can't avoid Chinese hardware....

Re:iPhone has this problem as well

Which is still magnitudes less annoying the iPhone users. Oh sorry, I forgot to call it something stupid like the Crapple iFuck to stay on your brilliantly clever intellectual level.

You know what would be really shocking?

You know what would be really shocking?

If they found a decent application in the Android market!

Wow.

[Chris+Mattern]

in unofficial Android app markets in China.

Just wow. And people are surprised it's a Trojan? Finding a *non*-Trojan app in a place like that, that'd be the trick!

Provider failure

[Anomalyst]

This a failure on the part of providers. I dont want a "notification" I dont want it at all. Part of signing up should be the ability to limit
#SMS/day
Block "premium" SMS messages with exception list.
Block calls to foreign countries with an exception list
Block toll (900) calls.
IOW give me back control on how and how much they can shaft me.

Re:Provider failure

I hate to say it but... Prepaid 15 Euros cards and only doing Internet stuff using public WiFi can certainly do wonder with regards to how much anyone can shaft you ; )

Too bad prepaid ain't existing everywhere :-/

You want to help make ANDROID safer?

Try this (loading a custom HOSTS file onto it that's updated vs. maliciously scripted sites, botnet C&C Servers, KNOWN malware makers sites/servers/hosts-domains, & even bogus DNS servers too + anything you wish to add to it for security (and yes, even speed, by hardcoding your fav. sites into it also, which is a LOT faster IP address resolution than calling out to any DNS server by far)):

DO THE FOLLOWING STEPS BELOW: (after obtaining a good reputable solid HOSTS file, like mvps' -> http://www.mvps.org/winhelp2002/hosts.htm , which isn't "MEGA HUGE" either & kept VERY up to date (soon to be updated again this month too))

---

1.) Get ahold of the "Android Debugging Bridge" (ADB) & install it

2.) Mount your system mountpoint as READ + WRITE (as powerful of priveleges as you need is this)

3.) Using the PULL command, copy the file over from your PC (or even on your ANDROID if its there already) using PULL & overwrite the etc. folder's copy of HOSTS

---

DONE!

* Yes, it's THAT simple... &, it works to help make ANDROID phones more secure than they are by default!

APK

P.S.=> Of course, your HOSTS file will need to have the domain/hosts name of the servers this thing "talks to" & what not as well as where it comes from (if you choose to do that of course) to blockout, & that you have to obtain for this to work vs. this threat & others like it...

Anyhow/anyways - Enjoy, it works to help make ANDROID phones a bit more secure!

... apk

Possibly part of the ZEUS botnet

So, this is how/why HOSTS files help you in this case: http://nakedsecurity.sophos.com/2011/07/09/android-malware-spies-sms-messages-zeus-family/

PERTINENT QUOTE/EXCERPT:

---

Android malware spies on your SMS messages - but is it part of the Zeus family?

"The Symbian, Windows Mobile and Blackberry modules of the notorious Zeus malware toolkit (also known as ZBot) have been known about for some months, and it has been clear that Zeus gang was interested in developing malware for mobile platforms.

However, until now we have not seen any evidence of Zeus targeting users who own Android or iOS (iPhone/iPad) devices.

This fact was quite surprising to us, considering the popularity of the Android and iOS platforms and the growing prevalence of malware being written for the Google Android operating system in particular.

In the last couple of days, however, there has been quite a lot of discussion on the mobile malware analysis mailing lists about a version of a an Android version of Zeus.

We eventually concluded that this was a malicious application that Sophos products have been detecting as Andr/SMSRep-B since 31st May 2011.

The malicious application pretends to be an Android version of Trusteer Rapport banking security tool, and was served to devices running the Google Android OS by a web server which was set up to deliver Zbot malware to multiple platforms.

After the fact, it was not difficult to connect the Android application with Zeus toolkit, although we could not conclude 100% that there was a connection.

The installed application uses a stolen Rapport icon and displays a simple screen when launched on affected device.

The fake Rapport application registers a Broadcast receiver which intercepts all received SMS messages and forwards the messages to a malicious web server using HTTP POST requests. The stolen SMS messages are encoded using a JSON encoding scheme, often used by various web services.

Although the application is clearly designed to steal the content of SMS messages, its not very sophisticated.

That's why we cannot be 100% sure that this is indeed a part of the Zeus kit. The URL of the command and control server is hard-coded into the source code, for example, which makes the application quite inflexible for installation on an alternative server.

Nevertheless, this malicious Android application is interesting as it combines spyware functionality with the concept of fake security software. As we've seen recently in the Mac OS X world, fake anti-virus software is one of the most common themes adopted by malicious hackers in their attacks.

Eventually, the doubt whether this is really part of the Zeus family or not remains. I suppose only the developers of Zeus kit know for certain.

Unfortunately I have no means of contacting them, and even if I did I doubt they would be prepared to confirm or deny this theory." - by Vanja Svajcer on July 9, 2011

---

FROM -> http://nakedsecurity.sophos.com/2011/07/09/android-malware-spies-sms-messages-zeus-family/

* For YEARS now, I've been adding ZEUS botnet's hosts-domain names to my HOSTS file & IP addresses it uses (by far the minor one in IP Addys vs. host names) to my router firewalls & software firewall (Windows 7's native one) here, from this source for that data (which YOU may find useful too - especially in THIS case, vs. this particular ANDROID malware):

https://zeustracker.abuse.ch/monitor.php?filter=online

(Enjoy & I hope this is helpful to you ANDROID users out there...)

APK

P.S.=> ANDROID's unfortunatley just showing you all that Linux (which has more unpatch

"ZITMO" on ANDROID = ZEUS

Zitmo/ZEUS hits Android:

http://blog.fortinet.com/zitmo-hits-android/

---

"Lately, there's been an active discussion on technical forums regarding ZeuS targetting Android users. We finally managed to get our hands on the mobile sample the ZeuS PC trojans are propagating. Actually, it is not a new sample and has been detected under several names (Android.Trojan.SmsSpy.B, Trojan-Spy.AndroidOS.Smser.a, Andr/SMSRep-B), but it is far more scary when propagated by the ZeuS gang... In the background, it listens to all incoming SMS messages and forwards them to a remote web server. It's simple, but just enough for the ZeuS gang to grab your banking mTANs...

---

* "Read ALL about it...", hot off the presses!

APK

P.S.=> Further proof that once an OS of ANY KIND (yes, kids - INCLUDING LINUX) gets high marketshare on a given platform, it absolutely WILL get exploited by the malware-maker/hacker-cracker... and YES, even Linux variants like ANDROID!

... apk