Slashdot Mirror
Targeted Attack Campaign Uses Android Malware
Trailrunner7 writes "Android attacks have become all the rage in the last year or two, and targeted attacks against political activists in Tibet, Iran and other countries have been bubbling up to the surface more and more often. Now, those two trends have converged with the discovery of a targeted attack campaign that's going after Tibetan and Uyghur activists with a spear-phishing message containing a malicious APK file. Researchers say the attack appears to be coming from Chinese sources. The new campaign began a few days ago when unknown attackers were able to compromise the email account of a well-known Tibetan activist. The attackers then used that account to begin sending a series of spear-phishing messages to other activists in the victim's contact list. One of the messages referred to a human rights conference in Geneva in March, using the recipients' legitimate interest in the conference as bait to get them to open the attachment. The malicious attachment in the emails is named 'WUC's Conference.apk.'"
The Android App harvests information (contacts, SMS messages, location, SIM data) and reports it back only when ordered to by the reception of a SMS message command. The location is particularly troubling because they can just keep pinging the phone to track the individual in real-time, then who knows what could happen next.
Better known as 318230.
Any communication method you use can and will be compromised.
Cue the Fandroid apologists.
Phandroid checking in.
Shit can't be fixed if the vendor is shit. Get a Nexus device and always have a secure fucking awesome device.
Whatever happened to the folks who claimed in +5 insightful posts that Linux has better security because of the superior Unix architecture? And that Windows malware, spyware, viruses and etc. were because of the crappy Windows code and not just because of popularity?
As Macs grow more popular, so does the malware targeting it. And Android has a huge malware problem. Perhaps those posts were wrong?
This space for rent.
No apologies here. If someone is stupid enough to install a program they receive in email and they weren't expecting one? C'mon!
I'd still rather be able to choose what I want to install than to have the maker and/or seller of the device make those decisions for me.
Sure it can, you can take all of the users rights and abilities to choose what software they can install. Apparently some people need that and are willing to sacrifice truly owning their own hardware to get it. Strangely, most of them are proud of it too.
Non sequiturs are insightful? How would have running a Nexus device have stopped this?
Tuppe666 should be here shortly to meet your needs.
There is no concept of the worth of an individual. A person is only worth as much as he can be used by his rulers. Anyone who isn't enthusiastically supporting the rulers is considered subhuman to be disposed of like any other vermin.
I really hope the US has a doomsday satellite in orbit because better humanity be wiped out that be subject to chinese rule.
Can Nexus access/get updates from the Google store in SE Asia?
Because it can't in China. So you don't get a secure fucking awesome device.
Wrong APK :)
Do you even lift?
These aren't the 'roids you're looking for.
Then what's the solution when the median device owner has proven incompetent? Take away privilege from the general public and sell it back to interested adults for an annual fee? That's what Apple does on iOS.
I remember 1996 when the mossad used an exploding cell phone to attack a Hamas bomb maker. 'That you Yahya? Bubbye. Kaboom!'
Now I read about this Android "attack" I can't help but think that you nerds are just pathetic. Seriously pathetic!
Captcha reads : Pansies. How prescient of it.
I am all for Tibet becoming independent of China. However, for Xinxiang and any other Uyghur lands, I don't. The Tibetans would happily settle down in peace (sorta like Bhutan) if made independent and left alone. The Uyghurs would probably try and enable Jihad in the neighboring Soviet '-stans' with the goal of getting a greater Turkestan made up of the Soviet '-stans' and Xinxiang, and gang up with Turkey for bigger Jihads
It's called spear phishing. Where instead of blasting a million messages to everyone at random, you send a very plausible message to someone who ought to know the sender.
Basically, what happened here is someone hacked an activiist's email account, and used it to send a plausible looking message to their contacts, like say, something about an upcoming human rights conference. The recipient sees it's from someone they trust and the message is appropriate to their relationship (i.e., it came from a human rights activist and is about a human rights conference).
Yes, you probably should not be clicking links from anyone, even those of your trusted friends and relatives, but for most people, they believe it's authentic. Hell, the RSA hack happened the same way - a faked email coming from the hiriing company RSA uses went to the HR coordinator claiming to be a list of new hires.
lol => real APK is "longer" than fake APK. I guess we know how the "bitch" is!!
The whole point of Android is freedom, as in secure your own shit as much as you want freedom, if you can't handle it I believe they make iOS for those people. Till them most of android's security apps come from the community / vendors.
Then again, these guys installed APK files they got in their email, there is little to no hope there, most ppl don't know what an apk file is much less whether to click on it. Solution? Treat APKs as .exe , which email providers block for the very reason listed in this article, problem solved.
If you want, I can provide you some space on my web server so that you don't have to copy and paste your promotion of hosts files like that. Reply here if interested.
Tuppe666 should be here shortly to meet your needs.
I'd love to to I am just running through my daily ceremony of eating each of Androids codenames, which I do three times[On friday I fast to remind myself of less fortunate Operating Systems], followed by bathing and chanting the words "smarter mobile devices that are more aware of its owner's location and preferences". Then I do the holy "status bar emptying"....The daily cleansing of the internet doesn't start for hours.
"Android attacks have become all the rage"
Except a user tricked into downloading and installing malware from some third party location, in no way shape or form, relates to Android security !
AccountKiller
"Whatever happened to the folks who claimed in +5 insightful posts that Linux has better security because of the superior Unix architecture?
What has the actions of some user in installing malware got to do with the security of the architecture?
AccountKiller
The is a lot of misguided white noise post here, which misses the heart of the matter.
Tibet was invaded and occupied by China in 1949. China/CCP is still trying to convince the world that Tibet is part of China and politically is winning this battle. But "the resistance," ongoing. These attacks are aimed at the resistance.
@ erroneus (253617), your lack of trust of your own "friends," is sad. Other peeps trust theres. Upgrade time?
@ interkin3tic, Tibetans are regularly tortured or murdered, by the CCP, in occupied Tibet. Perhaps you could do something to reform the political situation you are in, instead of having a wee tanty at those who expose abuses of power? If it was good enough for Martin Luther King, Gandi and Nelson Mandela, perhaps you could try?
Technically, it is interesting to analyse how the CCP coded.
In Buddhist and political terms, Stand up for a Free Tibet, please? :-)
GreekGeek :-)
Yes, with the exception of Burma/Myanmar. Movies, Books, Music, and buying the device directly from Google Play are restricted to a small handful of Western countries, but Apps and Updates are available pretty much everywhere (except China and countries under embargo by US).
Nexus devices are available in Hongkong and in Taiwan
Muchas Gracias, Señor Edward Snowden !
Yeah but it sucks if the fucker I just emailed got pwned on his android and now the chinese govmt is all up in my business. fact: the android ecosystem is insecure. If an android phone touches your virtual sphere, it is a disease vector.
Let's click it. What is this, 1995?
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Phishing is not a flaw in the software - it's a flaw in the human that's using the software. PEBKAC, if you will (metaphorically of course).
Coming from a disillusioned Android user who's hoping to switch to FirefoxOS when possible.
I have left slashdot and am now on Soylent News. FUCK YOU DICE.
No....
I have left slashdot and am now on Soylent News. FUCK YOU DICE.
It's still no excuse. YOU DO NOT OPEN ATTACHMENTS THAT YOU ARE NOT EXPECTING. It doesn't matter who the source is. Anyone could get hacked. Even if the source is someone you trust, but the message seems out of the blue and not something you expect, you get back in touch with them and ask if they sent it. Just because the message seems authentic doesn't mean that it is. It's still your fault as the user for trusting something that you shouldn't.
I have left slashdot and am now on Soylent News. FUCK YOU DICE.
So when this is considered best practice on Windows its a horrible security problem, but when it's considered best practice on android it's no big deal?
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
How about take away the privilege by default, and require that the user enable the ability install potentially insecure apps?
That's what Android does (the "Unknown sources" checkbox) and what Mac OS X does (Gatekeeper choosing among App Store only, registered Mac developers only, or all executables). But you'll end up with the majority of users having enabled that ability and left it enabled because at some time in the past they wanted to see dancing bunnies.
that's fine, just don't text/email/call me from your android, so i can be sure I'm safe.
In case you failed to read my post somehow let me restate it for you: Android is as secure as you make it. Now go read some books or something.
that's the whole issue. Even if my android is secure, if somebody else's android is pwned then I can get screwed as well: Voice - the other android's voice call is being recoreded/processed, grabs my credit card #, SSN, or other info. Text: the other android is compromisded, sends me a text that appears to be from a friend. Email: same as text. In short, My security is at risk whenever I connect with somebody else using Android. My iPhone is really good at identifying which of my contacts has an iPhone vs. other, so this is a layer of added security for iOS.
so... when your friend sends you an apk file w/o prior notice... does that not strike you as the least bit odd?
And... do you realize in regards to phishing / spear phishing that both Android and iOS are equally vulnerable to it? Apple just likes to keep the blind fold on its customers while it collects their anatomical sizes.
No surprise at all. Some people actually WANT to replicate the cesspool of problems Windows had into the mobile future. Most people (almost nobody here) just wants it to work.