Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Android Malware Uses Google Play Icon To Trick Users

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes "A new trojan for Android has been discovered that can help carry out Distributed Denial of Service (DDoS) attacks. The malware is also capable of receiving commands from criminals as well as sending text messages for spamming purposes. The threat, detected as "Android.DDoS.1.origin" by Russian security firm Doctor Web, likely spreads via social engineering tricks. The malware disguises itself as a legitimate app from Google, according to the firm."

7 of 223 comments (clear)

  1. Re:This is why you want a walled-off app store by masternerdguy · · Score: 4, Interesting

    Actually the android sandbox is quite sophisticated. Jellybean will randomize the location of an application's memory region in order to make buffer overflow attacks harder. Granular permissions allow a user to know exactly what an app wants to do before they even install it (it's written into the API that the app must ask for these permissions). Also Google does automated malware testing on their store in order to weed out undesirables. This thing is spread by installing an APK off of a warez site and ignoring all the scary warnings.

    --
    To offset political mods, replace Flamebait with Insightful.
  2. Re:This is why you want a walled-off app store by Anonymous Coward · · Score: 4, Interesting

    Not to mention that by default you aren't allowed to install an APK from a source besides the play store, you have to manually disable that restriction.

  3. I'm not sure you understand. by tuppe666 · · Score: 4, Insightful

    I know your trying to defend Apples "lets gouge our customers policy" by limiting customer choice (and competition) to Apple on its (not your) phone...but to do do so I think you need to understand that on Android you have to actually go into the settings and *enable* his voluntary, and have to agree to a warning screen...Apple users are do desperate to have this functionality they "Jailbreak" Apples phone, even though Apple have attacked their customers for doing so.

    1. Re:I'm not sure you understand. by LurkerXXX · · Score: 5, Funny

      I want a phone I can hold any way I want, thanks.

  4. Re:This is why you want a walled-off app store by alostpacket · · Score: 4, Insightful

    Yes but this uses an official ICON. Clearly no way to forge that. I've never seen anyone think to use logos or icons for nefarious purposes before. Luckily I am protected here on my Windows 7 machine. I clicked an ad using the Windows 2000 theme that alerted me to major potential threats in my "regisetery"... Had a similar experience on my Macbook Air. Thank goodness for the altruism of all those interwebs ads and sites.

    In all seriousness though, this could be a problem for people who root/ROM and install their Google apps from sources other than Google. Granted, when you root/ROM you should be aware of the risks, but it still presents a small danger.

    Many Google apps however request permissions that need the app be signed with the same key as the ROM and/or the system key.

    See: http://developer.android.com/guide/topics/manifest/permission-element.html#plevel

    "signature"
    A permission that the system grants only if the requesting application is signed with the same certificate as the application that declared the permission. If the certificates match, the system automatically grants the permission without notifying the user or asking for the user's explicit approval.

    "signatureOrSystem"
    A permission that the system grants only to applications that are in the Android system image or that are signed with the same certificate as the application that declared the permission. Please avoid using this option, as the signature protection level should be sufficient for most needs and works regardless of exactly where applications are installed. The "signatureOrSystem" permission is used for certain special situations where multiple vendors have applications built into a system image and need to share specific features explicitly because they are being built together.

    --
    PocketPermissions Android Permission Guide
  5. Re:This is why you want a walled-off app store by rjr162 · · Score: 4, Informative

    ....
    My Samsung galaxy s3 (gt-i9000) received the 4.1.1 update about 3 or so months ago (from samsung). My neighbors Motorola atrix 2 or whatever received the 4.1.2 update about 2 months or so ago (He has verizon). The Motorola xoom I got my grand father also has received 4.1.1 iirc when I set it up for him after I received it from eBay about 3 weeks ago

  6. Apple has only 1.6% Market share. by tuppe666 · · Score: 4, Insightful

    The iPhone is unsuccessful? Apple has 53.3% of the smartphone market:

    LOL in the US...worldwide it had dropped from 23% to 14.9%. This is original report for your figures http://www.kantarworldpanel.com/global/News/Apple-achieves-its-highest-ever-Smartphone-share-in-US they are on in a pdf but include figures like in Brazil Apple dropping from 3.2% to 1.6% while Android moves from 28.9% to 60.7% of the market.