Android Malware Intercepts Text Messages, Forwards To Criminals

An anonymous reader writes "A new piece of Android malware has been discovered that can intercept your incoming text messages and forward them on to criminals. Once installed, the trojan can be used to steal sensitive messages for blackmailing purposes or more directly, codes which are used to confirm online banking transactions. The malware in question, detected as "Android.Pincer.2.origin" by Russian security firm Doctor Web, is the second iteration of the Android.Pincer family according to the company. Both threats spread as security certificates, meaning they must be deliberately installed onto an Android device by a careless user."

Re:Is this really news?

[peragrin]

Since the one of the main talking point about android is the ability to side install apps.

Of course how can you be sure any app you install is genuine? Unless you write, compile and install it yourself and even that isn't 100% trustworthy.

So define ignorance when the professional have a hard time and the average person isn't smart enough to know what compiling is let alone do it.

careless user

[EmperorOfCanada]

I thought the word careless was assumed to proceed user. I think that basically every slashdotter has been called to help some "careless" user who has 3 toolbars, 2 AV bloatwares, and countless other bits of crap that came along with all their downloads. Yet they will swear on a stack of bibles that "they never installed nothin' "

So any malware that depends on users being careless will be a huge success. The other key will be ease of use.

That being said, I generally stick with my brother's rule: "I wouldn't transmit it electronically if I wouldn't want it on the front page of a national newspaper." My niece texted me her password the other day; I pointed out the error of her ways.

I did just come up with an app for Google glasses. You send someone encrypted messages that are displayed on their screen as a QR code. Their glasses decrypt it temporarily while it is in view. The phone can't decrypt, the glasses don't store. Glasses can still get hacked though but at least you do not have a plaintext message store.

Re:This is why I hate Android

Kind of funny, isn't it...

Windows malware? Blame Microsoft.

Android malware? Blame the user.

Re:FUD. Must be a slow news day

[girlintraining]

In short, this malware threat isnÃ(TM)t one that you will likely be hit with, but it is an interesting example of how Android malware is evolving.

For suitably uninteresting values of 'you', perhaps. But standing at a bus stop and spotting someone sharply-dressed, I could ask to use their phone to make a quick call for [insert excuse here], and in a few seconds, install similar malware.

A few weeks later, all your bank accounts zero. Do you remember me?

Re:Is this really news?

[clonehappy]

Well it's not difficult to type "make" as a normal user then test and when fully satisfied that the application works properly type "make install" as the system admin. But this means using the "command line" or a developer GUI which basically allows the developer to develop and maintain the application. However the average person does not know what the "command line" or even what a development GUI is or if they do think their brains will explode if they attempt it :)

I don't know why people seem to think typing "make" and/or "make install" somehow protects them from malware. Unless you've examined the code, line by line, and actually have the skills to understand it, you're just as vulnerable as someone running a random binary on a Windows machine.

Then I guess I don't care

[Nethemas+the+Great]

A stupid user is a stupid user. Everyone is so quick to rush to the soapbox and preach how wonderful their platform of choice is and how awful the others are. I say rush to the box and preach how stupid people are. I say rush to the box and demand that basic computing security be taught to everyone just as proper hygiene and safe sex are. We do not need big brothers, we don't need walled gardens, we need people to know what the hell it is that they're doing with their electronics. Teach people to wash their damn hands, avoid disenfranchised Nigerians, stop opening random email attachments, and stop bloody installing apps that require access to your sensitive data.

Re:This is why I hate Android

[ducomputergeek]

The Apple App Store is not immune to malware, but does offer some level of protection and once a threat is spotted in the wild corrective action can be taken by the platform. I know a lot of people who went to droid and bragged about how "open" the platform was and not limited to any one store and that it was 1985 with Windows vs Mac again only this time with Android playing the Windows role. And I agreed with them. Android will become the windows of mobile devices. Complete with the viruses and malware windows users have come to know and love.

Re:Let me PARSE that for you

[SuperKendall]

It is outselling Apple's offerings 4:1

Yes, because it's installed on every cheap phone around - that are mostly being used as phones. I have an Android phone myself because it was an easy thing to pick up when I lived in Europe for a short while, but it was so slow and dysfunctional all I could really use it for was tethering data to my iPhone...

I mean it's pretty telling that even when you are supposedly outselling another platform by a factor of four, the platform being outsold manages to outUSE you in turn by a factor of four (or more)! Look at any mobile browser stats or money being made by app store developers; in any metric where phones are being used as smartphones the iPhone is still vastly ahead.

It is easy for people to install what they like on it... that's the attraction,

It's easier on the iPhone because there is more software people want. The real attraction of Android is being cheap, for someone that needs a dirt cheap phone and you don't even know what a smartphone really is about there it is. That is the reality of sales today, is a huge number of devices that you cannot seriously consider "Android" devices the way Slashdot users think of them. And the percentage of NEW devices shipping with 2.2 grimly illustrates this fact.

Android has both a large user base of generally satisfied customers and more freedom for those customers.

Sorry, but iOS users are more free, because they are free from worry about things like these viruses and trojans and negative effects from them. They have more freedom in choice of well built software. They have more freedom to sell old devices because an old iPhone is actually worth something. By any metric a non-technical user cares about, iPhone users have more freedom.

Apple has a tiny market share by comparison

And yet again, this thing with a tiny market share is totally blowing the socks of Android in terms of being used as a mobile computing device. If you really opened your eyes here that would tell you something needs fixing. But you'd rather not see that, would you?

It doesn't help to outsell something if you lose your purpose in life.