Slashdot Mirror
FBI Issues Android Virus Warning
Dupple writes "The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user's address book and the infected device's phone number."
Clearly, Android isn't fragmented enough yet. The industry needs to work to further fragment the platform until this type of attack isn't viable.
Places and things people should not be clicking on in the first place.
No information about attack vectors (such as compromised apps), how to tell if you're infected, what to do if you think you're infected, etc. Par for the course.
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
10 years of smartphone generations for the government to realize there's the potential for viruses, spyware, and malware on these things as they are in all sense of the word a computer. I'm willing to bet google is now going to regulate the android market a little better, it still depends heavily on the user as to the risk posed to the device, just like with PCs.
I've also got to respectfully disagree with the article on rooting your device, it opens up the potential to load some pretty nifty security tools that help keep you safe in the first place.
http://www.slashgear.com/apple-quietly-turns-on-ios-6-iphone-advert-tracking-12251611/
In a closed environment, how are students supposed to learn to program?
Which version(s) of Android are vulnerable and which browsers? How does the attack work? Do I need to download and run a file? Just click on the file? Just visit the web page?
Is this even a real threat? It sounds like a vague alert that anti-virus companies send out to get you to buy their product.
Yeah, removing user/customer freedoms to increase safety is totally the way to go.
Didn't some famous guy say something about that?
Mod me down, my New Earth Global Warmingist friends!
And considering how much the government is fucking you? I think Apple is still a damn sight better. If you're that up in arms about Apple you must go absolutely apeshit over the one party system.
Not sure what your link is meant to say. There is no personal identification info in the IFA system, and it can be turned off if you particularly object to customised advertisements. You will still get advertisements, but now they'll be random.
Windows is completely free of viruses. Oh wait.
Android is secure enough as it is. My HTC will check with me and double check before it installs any apk. As long as there are people who can be suckered into installing unknown software, we will always have viruses.
That's awesome bro
Mod me down, my New Earth Global Warmingist friends!
That's a fallacious argument. The "famous guy's" saying isn't comparable to protecting the average consumer's expectation of having a consumer device that won't leak all of his private info by clicking an "update" or link that is actually a phishing lure. I don't even own or like Android or iOS devices, but I have kids and a wife who do and it's irritating to know that they are vulnerable and it's why I am moving them to iOS ASAP.
www.chihuahuarescue.com- Help to end dog abuse, abandonment and cruelty
This is not a virus.
Seven puppies were harmed during the making of this post.
Well there's a solid contribution to the conversation at hand..
I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
I was thinking [an operating system's job] was to facilitate the function of the device
For one thing, different people have different ideas of what "the function of the device" is. One "function of [a] device" is to allow the user to create additional "function[s] of the device". This is a function that Apple has tended to explicitly reject on an iPad or iPhone. (On the one hand, Codea, but on the other hand, C64 games that got pulled from the store because the user could reboot the virtual C64 to BASIC.)
for the consumer
Are you trying to imply something special by the word "consumer" as opposed to "user"?
So I have to click on a strange email and then follow an unknown link where I will be asked to download an .apk? Then I will have to go into settings and click on the option to allow me to install something that isn't in the Play Store, click through the warning that tells me that sideloading an app can lead to viruses and malware, and then install the .apk which then asks me if I'm cool with it accessing my contacts, internet and everything else?
If you do all that, you're pretty determined to have problems.
I imagine that those who know how to side load apps on their phone are smart enough to not randomly install apps from questionable sources. Or at least they should be smart enough to know that they have no one to blame but themselves if they fall for it.
I like how you don't bring up the jailbreakme website or acknowledge it exists.
-]Phreak Out[-
>One version is a work-at-home opportunity that promises a profitable payday just for sending out email.
How about a name and shame app showing idiots who fall for this?
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Apps leaking private info? Gee, good thing that would never happen in a curated Apple's appstore. Wait, what? Don't tell me they only cared about apps not crashing and being in line with Apple's policies on design and content.
Maybe you're too young to remember it but Apple was logging everybody's GPS coordinates for quite a while there. It took a massive outcry before they reversed their policy on unwanted silent tracking without consent. They argued the logs weren't personal info back then.
$
If you care about security, get a BlackBerry.
There is no other option,
Required reading for internet skeptics
Nobody Seems To Notice and Nobody Seems To Care - Government & Stealth Malware
In Response To Slashdot Article: Former Pentagon Analyst: China Has Backdoors To 80% of Telecoms 87
How many rootkits does the US[2] use officially or unofficially?
How much of the free but proprietary software in the US spies on you?
Which software would that be?
Visit any of the top freeware sites in the US, count the number of thousands or millions of downloads of free but proprietary software, much of it works, again on a proprietary Operating System, with files stored or in transit.
How many free but proprietary programs have you downloaded and scanned entire hard drives, flash drives, and other media? Do you realize you are giving these types of proprietary programs complete access to all of your computerâ(TM)s files on the basis of faith alone?
If you are an atheist, the comparison is that you believe in code you cannot see to detect and contain malware on the basis of faith! So you do believe in something invisible to you, donâ(TM)t you?
Iâ(TM)m now going to touch on a subject most anti-malware, commercial or free, developers will DELETE on most of their forums or mailing lists:
APT malware infecting and remaining in BIOS, on PCI and AGP devices, in firmware, your router (many routers are forced to place backdoors in their firmware for their government) your NIC, and many other devices.
Where are the commercial or free anti-malware organizations and individualâ(TM)s products which hash and compare in the cloud and scan for malware for these vectors? If you post on mailing lists or forums of most anti-malware organizations about this threat, one of the following actions will apply: your post will be deleted and/or moved to a hard to find or âdeleted/junk postsâ(TM) forum section, someone or a team of individuals will mock you in various forms âtin foil hatâ(TM), âconspiracy nutâ(TM), and my favorite, âwhere is the proof of these infections?â(TM) One only needs to search Google for these threats and they will open your malware world view to a much larger arena of malware on devices not scanned/supported by the scanners from these freeware sites. This point assumed youâ(TM)re using the proprietary Microsoft Windows OS. Now, letâ(TM)s move on to Linux.
The rootkit scanners for Linux are few and poor. If youâ(TM)re lucky, youâ(TM)ll know how to use chkrootkit (but you can use strings and other tools for analysis) and show the strings of binaries on your installation, but the results are dependent on your capability of deciphering the output and performing further analysis with various tools or in an environment such as Remnux Linux. None of these free scanners scan the earlier mentioned areas of your PC, either! Nor do they detect many of the hundreds of trojans and rootkits easily available on popular websites and the dark/deep web.
Compromised defenders of Linux will look down their nose at you (unless they are into reverse engineering malware/bad binaries, Google for this and Linux and begin a valuable education!) and respond with a similar tone, if they donâ(TM)t call you a noob or point to verifying/downloading packages in a signed repo/original/secure source or checking hashes, they will jump to conspiracy type labels, ignore you, lock and/or shuffle the thread, or otherwise lead you astray from learning how to examine bad binaries. The world of Linux is funny in this way, and Iâ(TM)ve been a part of it for many years. The majority of Linux users, like the Windows users, will go out of their way to lead you and say anything other than pointing you to information readily available on detailed binary file analysis.
Donâ(TM)t let them get you down, the information is plenty and out there, some from some well known publishers of Linux/Unix books. Search, learn, and share the information on detecting and picking through bad binaries. But this still will not touch
Get a good HOSTS file. Then you're golden.
Jesus was all right but his disciples were thick and ordinary. -John Lennon
FinFisher spyware made by U.K.-based Gamma Group can take control of a range of mobile devices, including Apple Inc. (AAPL)’s iPhone and Research in Motion Ltd. (RIM)’s BlackBerry, an analysis of presumed samples of the software shows...“When FinSpy Mobile is installed on a mobile phone it can be remotely controlled and monitored no matter where in the world the Target is located,” a FinSpy brochure published by WikiLeaks says. Systems that can be targeted include Microsoft Corp. (MSFT)’s Windows Mobile, the Apple iPhone’s iOS and BlackBerry and Google Inc. (GOOG)’s Android, according to the company’s literature. Today’s report says the malware can also infect phones running Symbian, an operating system made by Nokia Oyj (NOK1V), and that it appears the program targeting iOS will run on iPad tablets.
source
Malware isn't a virus and require the end user to download and run the malware ..
AccountKiller
I will install a normal application, like I have done many time before.
Loading application that are outside of the walled garden is one of the main reasons for using Android. A bunch of my technical friends advocated this as the main reason for buying this phone in the first place.
Sideloading an app, as my technical friends showed me, involves a few steps.
I'm going to get paid to email people, so the company will need to make sure that I'm actually doing it. In fact, the instructions that they provided actually specified that I'd need to do this.
Really? With RIM letting repressive governments (but not ours of course) get access to SMS and email? Blackberry would be my LAST option.
"Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
The problem with apple products is they just work.... until one day when they just don't.
And, when it stops working, you either have a VERY expensive repair to deal with, or a very frustrating time trying to google for helpful info.
"Prediction: within 10 years, Windows will be a Linux distribution." Me, 7-6-2016
Funny, there's no mention of the FBI in the article. Did someone get over-excited when they wrote the headline?
systemd is Roko's Basilisk.
Well, if you were even a little bit informed you'd know that that only affects some BIS users. It's *impossible* for RIM to "hand over the keys" for BES users because they don't have them.
That also ignores the fact that governments don't need special cooperation to spy on communications from Android and iOS users -- those don't even offer you the illusion of security.
So, yes, BlackBerry is the ONLY option if security is a concern. If they're your last option, I hope you're not responsible for making security related decisions!
But don't let facts stop you from continuing to spread misinformation, even though this particular bit of nonsense has been corrected multiple times in EVERY thread on the subject since the first article appeared on Slashdot.
Required reading for internet skeptics
So all I have to do to keep from getting it is to avoid tapping on ads or obviously fake "system update" texts? Wow, that sounds nigh impossible.
That's a fallacious argument. The "famous guy's" saying isn't comparable to protecting the average consumer's expectation of having a consumer device that won't leak all of his private info by clicking an "update" or link that is actually a phishing lure.
I don't even own or like Android or iOS devices, but I have kids and a wife who do and it's irritating to know that they are vulnerable and it's why I am moving them to iOS ASAP.
I will gladly offer you the service of taking all those buggy, insecure android devices off your hands and dispose of them properly, for a nominal $50 e-recycling fee. I know it sounds like a steal, but I just like knowing mobile users are secure in the big scary world out there. So go ahead and send me those phones, and don't forget to include the check for $50. I am sure you will forget all about them once your new iOS devices arrive. Oh, and you're welcome!
Further, they weren't actually YOUR coordinates, but the coordinates of cell towers that your phone saw.
To further invalidate the argument Google's targeting in Android can also be disabled. There's no advantage or disadvantage between iOS and Android as far as ad targeting is concerned.
Also, your sig, I have that beautiful little piece of Bash printed out and posted in my cubicle. It provides some great entertainment when some poor soul actually decides to run it. It's also fantastic for weeding out poorly informed techs.
Come on.
Anyone who does that much work/effort to get malware on their device (as opposed to browser bugs, random click-throughs, etc) deserves to get pwn3d.
Android Virüs Program Açklama NQ Mobile Security & Antivirus ile telefonunuzu koruyunWest Coast Labs sertifikal NQ Mobile Security & Antivirus ile telefonunuzu koruyun - Malware, Spyware & Virüsler çkarn ve Telefon Hacking Stay Away from. imdi ÜCRETSZ indirin! Virüs, malware, spyware, trojan ve telefon hack NQ Mobile Security & Antivirus ile android telefon ve tablet koruyun. Telefon Koruma Download NQ Mobile Security, dahil olmak üzere özellikleri: antivirüs, anti-taciz, gizlilik koruma, telefon arama, veri yedekleme, Samsung Galaxy S III için güvenli tarama ve trafik izleme, Samsung Galaxy Nexus, HTC bir X, HTC Bir S, LG Optimus, Motorola Droid Razr Maxx, Huawei vb ÜCRETSZ Özellikler: YEN Malware Scanner Uygulama Denetim Uzaktan Geolocation ÜCRETL Özellikler, sadece $ 9.95/yllk: YEN Malware Scanner Uygulama Denetim Web Security Anti-Theft YEN - uzaktan, bulmak, kilitlemek veya aygt silin - etrafnda neler olup bittiini duyun - SMS yoluyla komutlarn gönderme - SIM deiiklii uyarlar - ifre korumal ayarlar Yeni Özellikler: 1. Arama & SMS Engelleyici (YEN ÖZELLK): Blok istenmeyen SMS ve taciz aramalar . - istenmeyen aramalar ve metinleri kar kendinizi koruyun . blacklisted numara (lar) veya kaytlarnza deil herkes filtrelemek için telefonunuzu blok liste ayarlayn - - aramalar ve Yakalayan metinler her blok tarihinin izlenebilir. - sadece beyaz listede kiilerden gelen aramalar ve metin almak için Seçenek. 2. Intruder Alert (YEN PREMIUM HIRSIZLIK ÖZELLK): davetsiz fotoraflarn çekin ve kaytl e-posta gönderebilirsiniz. - Intruder Alert Gizli bilgi ve özel veri ile eksik telefon bulmanza yardmc olur. Uzaktan kayp telefon kilitleme ile Anti-hrszlk özellii etkinletirebilirsiniz, ve otomatik olarak yanl bir parola ile telefonunuzun kilidini çallyor herkes bir fotoraf çekmek olacaktr. (Gerekli Ön bakan kamera.) -saldrgan fotorafn sonra NQ hesap için kaytl e-posta adresinize gönderilecektir. etiket: Ücretsiz Android Virüs Program, Ücretsiz Virüs Program, Bedava Android Virüs Program, Ücretsiz Android Virüs Programlar, Android Virüs Program, Android Virüs Programlar, Android Virüs Program Kurma, Android Virüs Program Nasl Kurulur, Android Virüs Program Ayarlar http://www.teknolojirehberi.org/Mobil-Ucretsiz-Android-Virus-Programi-398.html etiket: Ücretsiz Android Virüs Program, Ücretsiz Virüs Program, Bedava Android Virüs Program, Ücretsiz Android Virüs Programlar, Android Virüs Program, Android Virüs Programlar, Android Virüs Program Kurma, Android Virüs Program Nasl Kurulur, Android Virüs Program Ayarlar http://www.teknolojirehberi.org/Mobil
http://www.tr-teknoloji.com http://www.teknolojirehberi.org/