Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Malware Using Blog As C&C Server

Posted by samzenpus on from the command-and-comment dept.

wiredmikey writes "Security researchers have discovered a unique feature circulating in some Android-based malware. The malicious application is using a blog in China to act as a Command and Control (C&C) server. On Tuesday, Trend Micro discovered a malicious Android application out of China using the new trick to receive instructions, and appears to be the first time Android malware implemented this kind of technique to communicate with its server."

3 of 89 comments (clear)

  1. Another non-story. by Kenja · · Score: 4, Insightful

    You first have to install a the app from an untrusted site and ignore the page full of warnings the OS throws at you before this can do anything. Seriously, look at the screen shot in the FA. You have to agree that the app can make outgoing phone calls. If you click through that many warnings I would hardly call this malware. Its doing exactly what it says it will do.

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
    1. Re:Another non-story. by tycoex · · Score: 4, Informative

      You didn't actually look before replying did you...?

      I've installed about 100 apps on my phone and I have never seen a single app that had this many permissions.

      Okay, so you download your third-party Chinese app store (bad idea in the first place, from my experience Chinese web sites are terrible for malware).

      Next, you download an e-book reader. Now, off the top of my head I can think of a few permissions an e-book reader might need. Perhaps full internet access, modify SD contents, prevent phone from sleeping, and maybe a few more, but that's about it.

      Now look at some of the permissions for this e-book reader, they are very obviously not needed for an e-book reader:

      1) Edit, read, or receive SMS/MMS.
      2) Read and write contact data.
      3) Directly call phone numbers and send SMS messages.
      4) Read system log files
      5) Write access point name settings

      I can see a situation where something ambiguous that might actually be needed such as "full internet access" could be exploited, but this definitely isn't one of those situations.

    2. Re:Another non-story. by Charliemopps · · Score: 4, Insightful

      Ok, no put all those questions in front of your mom and... Malware!