Android Malware "Obad" Called Most Sophisticated Yet

chicksdaddy writes "A new malicious program that runs on Android mobile devices exploits vulnerabilities in Google's mobile operating system to extend the application's permissions on the infected device, and to block attempts to remove the malicious application, The Security Ledger reports. The malware, dubbed Backdoor.AndroidOS.Obad.a, is described as a 'multi function Trojan.' Like most profit-oriented mobile malware, Obad is primarily an SMS Trojan, which surreptitiously sends short message service (SMS) messages to premium numbers. However, it is capable of downloading additional modules and of spreading via Bluetooth connections. Writing on the Securelist blog, malware researcher Roman Unuchek called the newly discovered Trojan the 'most sophisticated' malicious program yet for Android phones. He cited the Trojan's advanced features, including complex code obfuscation techniques that complicated analysis of the code, and the use of a previously unknown vulnerability in Android that allows Obad to elevate its privileges on infected devices and block removal."

So who lied?

[bogaboga]

Didn't they tell us that Android, being Linux based is very very safe compared to anything we'd ever seen?

Question is: Were we lied to or those who were talking about ths subject just didn't know what they were talking about?

2 decades of Windows being pwned and Google learns

[gcerullo]

...nothing!

What Happened?

Was it the fact that Android was built on Linux so they became complacent with the OS’s security policies?

Was it that they were so focused on taking the opposite approach to Apple’s curated store and seeming over-arching control that they went too far the other way?

Where did Google go so wrong? Have they gone wrong?

What will it take for them to finally do something about it because, up until now, they've barely paid lip service to the problem with their platform.

No one can say that iOS doesn’t have this problem because of a "security through obscurity" excuse as used for Mac OS when compared to Windows. iOS as a platform is just as large as Android when you count iPads and iPod touches along with iPhones.

Will Google finally break down and lock down their OS so that only curated apps can be installed? Can they after all this time?

Will they correct their broken permissions system that puts application permissions in the hands of the app developer rather than in the hands of the user where it belongs.

The Doom Of Android

[SuperKendall]

It seems as though the app just asks for it and waits for the user to say yes.

Did I miss something or does this look like every other non-event Android malware

The frightening thing is that you actually believe this to be a non-event.

You sit in your high tower built atop the bones of those unfortunate enough not to understand if they should say yes or not. But hey the system lets you change wall paper really easily, so fuck the 100 million people or whatever that must perish so you can have full flexibility.

This kind of attitude is what will really kill Android, the thought that people who are too "stupid" to know when to say yes deserve what they get. Why will people stick around on a platform that continuously punishes them - by design?