Slashdot Mirror
New Android Malware Uses Google Play Icon To Trick Users
An anonymous reader writes "A new trojan for Android has been discovered that can help carry out Distributed Denial of Service (DDoS) attacks. The malware is also capable of receiving commands from criminals as well as sending text messages for spamming purposes. The threat, detected as "Android.DDoS.1.origin" by Russian security firm Doctor Web, likely spreads via social engineering tricks. The malware disguises itself as a legitimate app from Google, according to the firm."
Because people will download and run apps from that store.
And there's little/no AV protection.
nice disguise
If people are fooled into thinking it's a legitimate app, then it has successfully disguised itself as a legitimate app, I'd say--your failed attempt at pedantry notwithstanding.
Il n'y a pas de Planet B.
How do you figure? The app takes on the icon/text of the play store app and launches itself and the legitimate play app when activated. Where have you been confused?
Linux has EXCELLENT intrusion detection as long as you're running the SELinux tools. That thing is so paranoid out of the box that an application making a file in /tmp will throw a warning. You can set it up so that an application doing anything remotely suspicious is just killed immediately and a notification sent to the admin. If you don't trust SELinux there's more proprietary tools such as AppArmor that can do the same job and are a bit friendlier to configure.
To offset political mods, replace Flamebait with Insightful.
I know your trying to defend Apples "lets gouge our customers policy" by limiting customer choice (and competition) to Apple on its (not your) phone...but to do do so I think you need to understand that on Android you have to actually go into the settings and *enable* his voluntary, and have to agree to a warning screen...Apple users are do desperate to have this functionality they "Jailbreak" Apples phone, even though Apple have attacked their customers for doing so.
nice disguise
I thought the opposite. The first think someone is going to do when they see a two stores on their phone...is look up why? It even has a different name, they would have been better hiding it behind a simple RSS feed or torch app
HIGH
06 x Cruise Missile Launcher I
01 x SMALL TRACTOR BEAM 1
01 x SALVAGER I
MEDIUM
04 x LARGE SHIELD EXTENDERS
01 x 'HYPHNOS' ECM
01 x MEDIUM SHIELD BOOSTER
LOW
01 x EMERGENCY DAMAGE CONTROL
01 x ARMOR KINETIC HARDENER I
01 x ARMOR THREMIC HARDENER I
02 x WARP CORE STABILIZER I
DRONES
02 x WARRIOR I DRONES
03 x HAMMERHEAD I DRONES
UPGRADES
01 x ROCKET FUEL CACHE PARTINTION I
01 x BAY LOADING ACCELERATOR I
But but but I thought the zealots assured us the Linux was immune to exploits? Or did they LIE????
This is about Android...and Ya its pretty secure :) Linux is pretty good too. I'm not sure calling people zealots(maybe you don't know what one is) because they have chosen platforms with better balance of security/flexibility than your own (clearly your upset), makes your own secure. In fact its a really strange comment to make at all, about either OS, as what is true about both is they put an inordinate amount of effort into ensuring their platforms are secure. That is why both have incredibly good track records.
Users SPREAD the app. The app itself does not spread. It's an important distinction.
If I wanted a hobby phone I could kick around I would get an Android. I want a phone that works and apps without ads. I went Apple after finding out the not-so-stellar truth about Android.
LOL the irony of your post is one of the reason the iPhone is so unsuccessful is its price, and please don't pretend that Apple do not make money from Advertising, they famously made siri useless with advertising. The sad fact is your post is not only off topic but irrelevant...Android outsells Apple 6:1 and sells 1.5million a day...its doing something right, and what Apple is doing wrong, and nothing you or I is going to change that. Personally I would love Apple to create a competitive product.
are there any good tutorials about setting this up? i think my friends need to stay using this in production and i might need to help em out.
NEVER NEVER NEVER NEVER NEVER NEVER NEVER NEVER GIVE UP! "No limitations, no boundaries, there is no reason for them."
The iPhone is unsuccessful? Apple has 53.3% of the smartphone market:
LOL in the US...worldwide it had dropped from 23% to 14.9%. This is original report for your figures http://www.kantarworldpanel.com/global/News/Apple-achieves-its-highest-ever-Smartphone-share-in-US they are on in a pdf but include figures like in Brazil Apple dropping from 3.2% to 1.6% while Android moves from 28.9% to 60.7% of the market.
Android outsells Apple 6:1 in the "I use a smartphone like a featurephone and don't know what apps are, oh and this phone is only $79 on prepaid" area.
Absolutely not. In China for example the Average price of a smartphone is $250. Lets look at the best selling phones are on Amazon China http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&eotf=1&u=www.amazon.cn. The top phone is Lenovo with a dual core processor, 2000mAh, Android 4.0, 2nd Phone is and 3rd Phone are both Huawei is both dual and quad cores with larger screens than your beloved iPhone :) (and includes a dual sim interestingly ), The third Phone comes with 2GB of RAM!! ....I hate to say it but these phones seem to have better specifications (and arguably software) than your beloved Apple iPhone, its not surprising really as Apple overcharge their customers so much.
Yes, it has really got to the point where I can read the first line of one his posts, cut straight to "Dear APK, Please die in a fire," and move on.
Il n'y a pas de Planet B.
Android is just as much Linux as Debian, Ubuntu and Redhat. Its just another distribution. Its just the only one that happens to be popular, and as such ... guess what ... just like Windows its becoming a malware target. and just like Windows you don't have to 'hack' the OS, just the user.
I understand the argument...and have even made it myself "in context" except this attack won't work on "Debian, Ubuntu and Redhat"...and no its nothing like windows :).
Sucks for you that Ohio Arts isn't a supported platform, I guess.
Il n'y a pas de Planet B.
Apple makes 80% of all mobile phone profits.
It doesn't and it hasn't for a long time [and never did :)], and there is no such thing as % of profits. It does produce a phone which it sells at a vastly overinflated price to small market share of customers, that strategy has been so successful it had made the largest company by market cap in the world...but that was three months ago, Apple have now lost 30% of its market cap, and its whole strategy is looking weak for the company...it always looked shitty for their customers [its kind of sad you point it as an advantage in absence of better hardware/software/price], Its no wonder their small market share continues to shrink. Perhaps if they had had a long term strategy things would look different now.
I see their success or failure determined by 'dumb users' who WILL download what is available and get pwned, complain, and eventually give up and buy the damn iphone
I guess the proof is the the pudding with Android hitting 710Million users(last quarter) with activations of 1.5Million daily, and is set to become the primary computing platform, taking the crown away from Microsoft Next year. I think when the platform that has the better hardware/software/value unsurprisingly gets the most users by a massive...calling them dumb(sic) might be somewhat inappropriate.
Any machine anywhere can get a rootkit, or worse
Rootkits aren't the problem, you don't need root privileges to do DDOS-attacks, to spy on users, to delete their files and so on -- it all can be done as a regular user just fine. Often you don't even have to hide the malware package in any way or form, just fool the user into thinking it's useful! That said, in general I agree with you: there is no OS that can protect against gullible users, not even Linux can do that. There are ways of increasing security by leaps and bounds, but those ways would really require a whole new OS.
Fuckle Assdroid is continually proving to be the M$ Windoze of the mobile world.This is just the icing on the cake when it comes to why Fuckle Assdoid cannot be trusted. Glad I went with iOS rather than the steaming pile of shit called Fuckle Assdroid.
I always admire the enthusiasm of Apple Users, and another well thought out post that was. You raise several important points. I can't help questioning your point that Android is the new Microsoft Windows. It isn't and never will be...that privilege is Windows Phone which is currently 6th most popular OS; Popularity alone is not a measure of similarity. The reality is right now Microsoft is pushing for an "ecosystem" read its Desktop monopoly on your phone...and nobody is buying what they are selling [Literally of Figuratively], but undeniably there is a move towards a unification of Mobile/Tablet/Desktop OS's through a shared store/look and feel/API, what is most interesting is Google who make no money directly from Android is pretty OS Agnostic, but has unified services...even on the iPhone, and as yet had not made Chrome a desirable!? platform.
Ya, China's probably not the best market to compare to.
In North America and Europe similarly spec'd phones run in the same price range, which means everyone loves making a healthy profit off their customers.
Does it make you happy you're so strange?
I have yet to read an article on an Android virus that isn't a trojan. No drive by's, API or OS exploits.
Trojan's will always exist. They are wolves in sheep's clothing.
*yawn*
Il n'y a pas de Planet B.
Dude, if this is supposed to be some sort of a contest... you're the only one competing.
Il n'y a pas de Planet B.
Despair.com is thataway ->
Il n'y a pas de Planet B.
Granular permissions allow a user to know exactly what an app wants to do before they even install it
No they do not.
They know what RESOURCES an app would like to have beforehand. But having never run the app they have NO idea when and for what reason they are required.
On iOS you also have granular access. But the key is, you are asked at the time that resource is required. So for example, you are asked if the application can access your contacts only when you've hit the "send to a friend" button or whatever.
A big list of permissions that non-technical users hardly understand helps almost no-one. It allows a technical user to avoid some traps, but it screws over the large majority of users.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
A big list of permissions that non-technical users hardly understand helps almost no-one. It allows a technical user to avoid some traps, but it screws over the large majority of users.
If a user is not technical enough to understand "This app requires access to your contacts" and "This app requires dialing phone numbers", they probably should donate their phone for their own good.
The more difficult thing is to judge if those permissions are reasonable for that app they want to install. But as they're the only one who know what for they're installing it, no one can take that burden from them.
bickerdyke
Though the function was different, the point is the same. Malware was installed by users using a trusted source (in this case the apple app store) and it did things the user were not aware of or gave permission for it to do. That the functions were different is not relevant. It was a compromise of the device and its contents by use of malware which is the relevant similarity.
And should Apple's app store let another one slip through, this process can and will repeat itself.
Where did you get this strange notion that this trojan horse program was also a virus in that it will infect other devices? I didn't read that anywhere. The point of infection is when the user voluntarily installs the malware to their device. It is a trojan because it pretends to be something safe.
In your belief and desire to defend Apple, I think you forgot to check facts long enough to know what you are talking about. But I have to ask. Why are you so defensive about Apple? They are a business like all the others. They serve their interests first and foremost. Customer satisfaction is primarily based on customer acceptance of Apple's terms and conditions because Apple does not make exceptions for its customers. Apple also has a history of blaming its customers before it blames itself for anything. ("You're holding it wrong" is not the only example of this.)
I totally understand the human aspects of this behavior. We do it all the time with sports, religion and politics. We care about things which do not return the affection. But as this phenomenon is extended into consumerism, it presents some very interesting psychology indeed. Your affection for Apple things does not make you who you are. It does not make you a better person. If you draw a sense of happiness from the notion that owning (excuse me, I mean licensing) some hardware and software makes you a member of some club, then I might invite you to read or watch Dr. Seuss' "Star-Bellied Sneetches" as it is a lesson for all of us everywhere. (Interestingly if it available here: http://www.youtube.com/watch?v=v3yJomUhs0g )
Mate, nothing you said has anything to do with my comment, and I definitely am NOT going to start downloading some random files you recommend or trust you.
Legitimate apps come from the Google Market/Play. So this app in no way "disguises itself as a legitimate app". Not that I'm for such a closed environment, but it exists for this reason.
This isn't Apple. With Android, it's perfectly possible to have a legitimate app that is on another store from Google Play, or no store at all.
== Jez ==
Do you miss Firefox? Try Pale Moon.
http://bgr.com/2012/08/06/apple-mobile-industry-profit-share-q2-2012/
Eat it. Then put your foot in your mouth.
To repeat myself :) and no, a posting a 6month old guesswork is not going to change my statement.
It doesn't and it hasn't for a long time [and never did :)], and there is no such thing as % of profits. It does produce a phone which it sells at a vastly overinflated price to small market share of customers, that strategy has been so successful it had made the largest company by market cap in the world...but that was three months ago, Apple have now lost 30% of its market cap, and its whole strategy is looking weak for the company...it always looked shitty for their customers [its kind of sad you point it as an advantage in absence of better hardware/software/price], Its no wonder their small market share continues to shrink. Perhaps if they had had a long term strategy things would look different now.
And only a Linux fanboy would argue that distort incompatibility is a feature.
Quite the reverse its not its just a simple fact. The reality is going forward I would love to be able to run my android apps on my ARM touchscreen chromebook running Debian...but right now the whole Userland is simply different to "Debian, Ubuntu and Redhat" and you know that. The benefits come from the massive shared development work going into Linux(the kernel) from Google and other companies now interested in Linux(the kernel) because its part of Android, which users of "Debian, Ubuntu and Redhat" benefit from :)
They are simply IDC's latest figures, although all major players figures match, but then you know that. Android Activate 1.5Million phones daily. Its a phenomena.
Yes http://mobile.slashdot.org/comments.pl?sid=3344205&cid=42407663 and yes http://mobile.slashdot.org/comments.pl?sid=3344205&cid=42407763
APK
P.S.=> Take a read - be VERY "enlightened" on many fronts...
... apk
More like being owned by pointless and gratuitous use of bold tags. I thought using too many exclamation marks was bad enough but those posts both take the biscuit.
Maybe if you concentrated on posting stuff that wasn't so annoying to read people might not down mod you so much and you would be fine having an account like the rest of us. As it is your posts look like the demented ramblings of someone overly obsessed with markup.
I dont read
That'd just be one "front", namely your whiny gibberish which is telling indeed... you seem to be in a constant state of hurt, and also having issues with penguins. Awww.
Most US carriers use CDMA2000.
I have always believed AT&T and T-Mobile are GSM carriers and that Sprint and Verizon are CDMA carriers.
I was under the impression that more well-known mobile virtual network operators (MVNOs) in the United States were on Sprint than on AT&T or T-Mobile.
the point is the same. Malware was installed by users using a trusted source
That's an incredibly stupid and ill-informed view because it masks the relative seriousness of two situations.
Having someone else get some of your contacts is nowhere near the same league as having an app that is contacting others and sending them apps. It is insane to claim that it has the same impact on users, and is doing them a HUGE disservice to hide the danger Android users are in compared to iOS users.
Not to mention, perhaps you missed the fact that more than 80% of iOS users are now protected against that malware attack and no Android user is? But user vulnerability means nothing to you so I guess that doesn't matter after all.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If a user is not technical enough to understand "This app requires access to your contacts" and "This app requires dialing phone numbers", they probably should donate their phone for their own good.
That's odd, I would like to live in a world where even such people can make use of technology. The world I want to live it allows EVERYONE to benefit from technical advances, not a high-tech priesthood that snickers at the LUsers.
You can stay up in that ivory tower if you like but I'm trying to make the world better, not just the corner I inhabit.
Blame the users all you like, in the end they will abandon you when you treat them roughly.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
If a user is not technical enough to understand "This app requires access to your contacts" and "This app requires dialing phone numbers", they probably should donate their phone for their own good.
Ah, the old "blame the user" tactic of the fanboy. Well, these are mobile phones. And mobile phones are meant for ordinary people. If they're not suitable for ordinary people, then that's the fault of the hardware/software, not the user.
The fact is that there's a better way to do it, and iOS shows the way. Ask the user for permissions for a resource whilst the app is running, the first time the app wants access to that resource. That way the user can better assess the app, and whether it is a reasonable request.
That said, in general I agree with you: there is no OS that can protect against gullible users, not even Linux can do that.
That's why it's a good idea to have a walled garden store, where apps are vetted before appearing. And where the few items of malware that get past the vetting can be removed from distribution once identified, thus preventing them affecting any more users.
That said, in general I agree with you: there is no OS that can protect against gullible users, not even Linux can do that.
That's why it's a good idea to have a walled garden store, where apps are vetted before appearing. And where the few items of malware that get past the vetting can be removed from distribution once identified, thus preventing them affecting any more users.
I agree, and it's something I've been saying for a good while now: the Average Joe - user isn't knowledgeable enough to spot malicious software and generally doesn't even want to be knowledgeable -- ignorance is much easier on the brains -- and therefore curated app stores/repositories/whatnot are good. I just advocate that it should be easy enough to turn off the walled garden, too, for those users who do need more than what the garden offers. Currently Apple's walled garden is too strict, it cannot be turned off without jailbreaking the whole thing, and Google's approach is otherwise good enough, but Google isn't actually curating their garden's content! Too bad neither of them can be coerced to see the light.
(if you are a Windows user)
Indeed. The discussion was about Linux.
If a user is not technical enough to understand "This app requires access to your contacts" and "This app requires dialing phone numbers", they probably should donate their phone for their own good.
Ah, the old "blame the user" tactic of the fanboy.
No objection to that.
Well, these are mobile phones. And mobile phones are meant for ordinary people. If they're not suitable for ordinary people, then that's the fault of the hardware/software, not the user.
Cars are meant for ordinary people too. And that's why we don't let anyone drive but require driving licences. Not because we want to keep it some special privilege, but because it is potentially dangerous. And storing private data in a connected device is not without dangers, too. And with that, there are some responsibilities.
Like servicing your brakes. And if cars are for everyone, not everyone can do that. But the solution is not to do it, but to pay someone to do it. And in exactly the same way, someone has to check an apps data requests against the purpose of it. Either you can do it yourself, or you let someone else do it. Not doing it is a bad idea.
The fact is that there's a better way to do it, and iOS shows the way. Ask the user for permissions for a resource whilst the app is running, the first time the app wants access to that resource. That way the user can better assess the app, and whether it is a reasonable request.
No, definitly no. A user who can't assess OS privileges at install time can't do it at runtime either. We learned that from those personal firewalls that teached users to allow everything because something got blocked every few minutes.
It may come as a surprise to you, but even I think that overall safety is better on iOS. But that's not due to WHEN an app asks for privileges. It's the stricter checks before something goes into the store. It's as simple as with the brakes. You either check those permissions or you let apple do it. The costs here are a loss of flexibility and variety (alternate browser in iOS that is not merely a skin for the built in browser?)
Definitly reduces the malware risks, but not for me, thank you. But I know that this means more responsibility. That is no more elitist than any other kind of DIY.
bickerdyke
They are simply IDC's latest figures
If they were you'd have a link.
Doing a simple google search for iOS IDC marketshare shows a much higher overall percentage for iOS.
https://www.idc.com/getdoc.jsp?containerId=prUS23771812#.UN4DmtE49yA seriously is google that hard :)
Android market-share 75% iOS 14.9%
Fuckle Assdroid is horrible compared to iOS and always will be. While you Assdroid lUsers feel the walled garden is a negative it is in all sense a positive. Apple products Just Work and the work unless there is a manufacturing defect. All iOS products get updates to where none of the Fuckle Assdroid products are ever updated.
Another well thought out, point by point discussion. I see you have all the propaganda "Just Work" "Walled Garden Good" "Manufacturing Defect" "Updates". The sad fact is All phones just work, Its just that some have working maps, and pretty much all phones have solid hardware, if they don't have battery problems/antenna problems/purple lens flare like Apple have :) bless them if only Steve were still here. As for Apple restricting competition on their not your platform, i'm sorry your choice is limited to just one store (one browser etc etc)...its not like Apple charge massive mark-ups they look after their customers...oh wait that is their whole business model to screw their customers...we used to call that lock-in back before marketing bullshit. Anyway back to my Nexus Tablet running Jelly Bean :)
The sad fact is you haven't got Unique hardware features, Products at every price point, Cutting edge hardware...or even software. ios is the has been platform. No wonder their market share is dropping through the floor. Nobody wants their(again not your) product
'I clicked an ad using the Windows 2000 theme that alerted me to major potential threats in my "regisetery"'.
AccountKiller
I think that overall safety is better on iOS. But that's not due to WHEN an app asks for privileges. It's the stricter checks before something goes into the store.
It's both.
I totally understand the human aspects of this behavior.
You understand it because you are engaging in it yourself in your condemnation of Apple. It's absurd to claim that Apple's app ecosystem isn't more secure than Android's. Everyone knows this, even the most ardent Android fanatic does.
You think that *one* piece of malware, that got through Apple's testing, which was caught and removed, which can't even automatically affect people on iOS 6, and stands out as an exception which is nowhere nearly as common as malware on Android, is exactly the same as malware on Android?
Of course not.
So, please, take your own advice and quit being so foolish. iOS is vastly more secure than Android. Android is vastly more open. Both are that way by design. Anyone who denies either of those two facts are engaging in exactly what you seem to think SuperKendall is guilty of, or is just simply ignorant, and you don't appear ignorant, just biased.
That one slip proves it is possible. And knowing it's possible, if I were to plan a massive hit, I would make sure the timing on activation was such that my trojan app would have the widest possible distribution before it became active.
I did not say anything in support of any particular platform as I mentioned them all in a neutral manner. But perhaps I should have said something about the notion of "giving up freedom for [the illusion of] security" has been a false notion for hundreds and hundreds of years.
That one slip proves it is possible. And knowing it's possible, if I were to plan a massive hit, I would make sure the timing on activation was such that my trojan app would have the widest possible distribution before it became active.
Possible, but not likely, and not easy either. Definitely not as possible nor as easy as it is on Android.
You're acting like this "possible" thing is just as bad as the actual thing that happens on Android at least a few times per year. They aren't equal.
I did not say anything in support of any particular platform as I mentioned them all in a neutral manner.
No, you distorted facts to an absurd level to make two disparate app ecosystems appear equally flawed.
Apple's is more restricted, but safer. Google's is more open, but more dangerous. They *are* different. By claiming equality between the two, you are tinting reality, in this case against Apple and for Google.
Then you went further and claimed that the person trying to say that they aren't the same is delusional and biased, and mocked and belittled him for it. You seem to think you aren't biased because you didn't use charged words. That's only one form of bias.
Now, I won't insult or belittle you. I do think you are smart enough to see the difference between iOS and Android here. It'd just be nice to see that reflected in your comments.
The difference is that you think because big brother Apple has locked things down in some way that you are safe. That just isn't the case. If Apple is in control, then you are not. Who does Apple serve?
In any case, Apple iOS is equally vulnerable. As another commenter pointed out, for this malware to get onto an Android, the user would have to enable other sources to install. Though it's not a simple check box, it's fairly easy to enable other sources on iOS at which point malware can be installed by the user.
Once in, each platform is comprimised. There is no difference.
The difference is that you think because big brother Apple has locked things down in some way that you are safe.
No, just safer.
That just isn't the case. If Apple is in control, then you are not. Who does Apple serve?
Me, the customer. Though that's a bit of misdirection on your part, since it doesn't have anything to do with whether the App Store is more secure or not.
In any case, Apple iOS is equally vulnerable.
Except it's not. This is proven out by the fact that Android malware is a regular occurrence, while iOS malware is all but non-existent.
As another commenter pointed out, for this malware to get onto an Android, the user would have to enable other sources to install. Though it's not a simple check box, it's fairly easy to enable other sources on iOS at which point malware can be installed by the user.
Again, misdirection. The Play Store has had more malware than the App Store. And, yet again, you are creating a false equivalency when you make it sound like jailbreaking an iPhone is in the same realm of difficulty as allowing outside sources an Android phone. It's not even *close*, and that, again, causes a difference between the two.
Once in, each platform is comprimised. There is no difference.
Are you saying that once both devices are infected, they are both infected? Well, even though it's a tautology, at least it's correct!
But also a misdirection. How is it you can't accept that iOS is safer than Android? Why the dishonesty? iOS is safer. That's proven by the rates of malware on the two systems. You can argue whether it's a worthwhile trade off, you can argue whether Google needs to do more, less, or is doing things just right, but you can't change reality.
That's the bias you are suffering from. Cut it out, you'll be better off for it.