30 Percent of Mobile Malware Made By 10 Russian Firms

← Back to Stories (view on slashdot.org)

30 Percent of Mobile Malware Made By 10 Russian Firms

Posted by samzenpus on Sunday August 4, 2013 @05:44AM from the bad-apples dept.

An anonymous reader writes "Almost a third of all mobile malware is made by 10 Russian organizations, according to Lookout Mobile Security. It made that claim after looking at its detections for this year, and after an investigation that uncovered the malware HQs' operations, which saw thousands of affiliates working alongside the factories to dupe users into downloading rogue apps. Those apps are fairly crude, sending SMS messages to premium rate numbers in the background, whilst users think they have downloaded a legitimate application. Lookout isn't revealing the names of the malware factories, however, nor is it divulging how far law enforcement are involved in cracking down on the Russian organizations. It is presenting its full findings at the DEF CON 21 conference."

50 comments

Min score:

Reason:

Sort:

Pharming by AmiMoJo · 2013-08-04 06:02 · Score: 2

Congrats to the Russians fir finding a way to farm stupidity.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
1. Re:Pharming by lightknight · 2013-08-04 06:12 · Score: 2, Funny
  
  And as an American, let me warn our Russian colleagues, that no way will the United States be outdone in this realm. We have consultants standing by, with suitcases filled with newly printed money, ready to get out there and spend, spend, spend to make us #1!
  
  --
  I am John Hurt.
2. Re:Pharming by Anonymous Coward · 2013-08-04 07:24 · Score: 1
  
  Ha...as for finding ways to rip off mobile users, we here in America are way ahead of the Russians. Every mobile device is designed to insure that easily pushed wrong buttons lead to over consumption of data. And just logging on through a carriers proxy server, redirects you to various "associated partner's" sites= more over charged data consumption. And how about all those obscure "fees" tacked onto our bills. The Russians are years behind the likes of ATT and Verzion in finding ways to steal money.
3. Re:Pharming by Opportunist · 2013-08-04 08:03 · Score: 1
  
  The content industry in a natural alliance with congress is already prepping the suits over prior art.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
4. Re:Pharming by Anonymous Coward · 2013-08-04 12:46 · Score: 0
  
  While I agree that virtually all cell services here are a huge rip-off, a few things you said just don't seem to make sense:
  
  Every mobile device is designed to insure that easily pushed wrong buttons lead to over consumption of data.
  Are you talking specifically about dumbphones...? I ask because I haven't seen any buttons in Android that can't be moved by the user and lead to something that uses data. If you did mean just the old dumbphones, then that's not "every mobile device" by a longshot...
  
  And just logging on through a carriers proxy server, redirects you to various "associated partner's" sites= more over charged data consumption.
  Is it a Verizon/AT&T thing, or something Sprint, T-Mo, or most MVNOs also do?
  I only got a data plan & smartphone for the first time in January when I signed up with the year-old Sprint MVNO Ting, and I haven't seen anything like you describe. Come to think of it, I don't think that I saw any proxies or similar when I watched my father look stuff up on the web with his, and I know he's with one of the big carriers like AT&T.
  
  And how about all those obscure "fees" tacked onto our bills.
  I haven't seen those, either -- the prepaid dumbphone services I used were a flat fee every x weeks, and Ting's setup isn't much more complex (add up the price tiers for # of devices, minutes, texts, and megs used, period). Or did you mean government fees of some sort that the carriers have no control over?
  I don't mean to sound like an advert, but as shitty as your carriers have been, you really should check Ting out. FWIW Sprint-network reception in my suburb is really weak, but to my way of thinking, the good aspects of Ting are more than worth whatever minor inconvenience it might cause as long as it works!
Open web, open appstores by Anonymous Coward · 2013-08-04 06:04 · Score: 1

I remember time when you have to pay Yahoo to get approved and listed on the web. Those glorious secure 90s.., the music was better too.
1. Re:Open web, open appstores by Anonymous Coward · 2013-08-04 07:37 · Score: 1
  
  I remember time when you have to pay Yahoo to get approved and listed on the web. Those glorious secure 90s.., the music was better too.
  What's your point? I remember when comercial interests weren't allowed on the internet and when Yahoo listings weren't considered to be "the web". You miss 90's music? That just means you were a teen in the 90's.
2. Re:Open web, open appstores by Anonymous Coward · 2013-08-04 09:40 · Score: 0
  
  Most "rock" stations (since they tend to be owned by just one company) at most play music that is 1995 or earlier, so in a way, the 90s are still with us.
  I miss the days before NSFNet was sold to a private company, because it could be grounds to have one's upstream pull connections if they did any commercial advertisement whatsoever. However after Canter & Siegel, the hurp-durp hucksters moved in, and never was the same afterwards.
3. Re:Open web, open appstores by Bananana · 2013-08-04 14:31 · Score: 1
  
  That's right. 60's music rocks!
4. Re:Open web, open appstores by mjwx · 2013-08-04 15:13 · Score: 1
  
  I remember time when you have to pay Yahoo to get approved and listed on the web. Those glorious secure 90s.., the music was better too.
  You miss 90's music? That just means you were a teen in the 90's.
  No, it means he can hear.
  
  --
  Calling someone a "hater" only means you can not rationally rebut their argument.
5. Re:Open web, open appstores by Notabadguy · 2013-08-05 05:21 · Score: 1
  
  What you call classical, I call contemporary. Git off mah lawn.
At least Android is safe by Billly+Gates · 2013-08-04 06:09 · Score: 0

According to other Slashdot it can't be hacked because it is based on Linux even if you install it! I can't believe they all only function on Windows Phone. Wow

--
http://saveie6.com/
1. Re:At least Android is safe by jkflying · 2013-08-04 06:15 · Score: 1
  
  Trololol
  
  --
  Help I am stuck in a signature factory!
2. Re:At least Android is safe by phantomfive · 2013-08-04 06:30 · Score: 2
  
  No one ever said that. They just said it's a lot more secure than Windows (and before Microsoft got on their security kick, Windows was basically an open door).
  
  Now the most insecure parts of either OS is not the OS itself, but software running on the OS......
  
  --
  "First they came for the slanderers and i said nothing."
3. Re:At least Android is safe by ColdWetDog · 2013-08-04 08:55 · Score: 1
  
  No, the insecure parts are the users.
  Always has been, always will be.
  Get rid of the humans and everything should be just peachy.
  
  --
  Faster! Faster! Faster would be better!
4. Re:At least Android is safe by phantomfive · 2013-08-05 03:18 · Score: 1
  
  You just don't remember how insecure Windows was. Look up the code red worm if you're interested in educating yourself.
  
  --
  "First they came for the slanderers and i said nothing."
Website in question by ELCouz · 2013-08-04 06:27 · Score: 1

http://smspirat.com/
30 Percent of Mobile Malware Made By 10 Russian Fi by phantomfive · 2013-08-04 06:28 · Score: 2

The rest courtesy of NSA Labs.

--
"First they came for the slanderers and i said nothing."
in soviet russia by Joe_Dragon · 2013-08-04 06:29 · Score: 1

We SMS you
1. Re:in soviet russia by Opportunist · 2013-08-04 08:05 · Score: 1
  
  C'mon, don't waste that gem. If there was ever an "in Soviet Russia" joke begging to be made:
  In Soviet Russia, mobile phone owns YOU!
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
lookout who? by superwiz · 2013-08-04 06:35 · Score: 1

Lookout mobile security? Never heard of them before. Sounds like an NSA front getting back at Russian businesses. If they really cared about consumer safety, they would name the specific firms which are creating the harmful apps.

--
Any guest worker system is indistinguishable from indentured servitude.
1. Re:lookout who? by Aryeh+Goretsky · 2013-08-04 06:45 · Score: 2
  
  Hello,
  From what I recall, Lookout Mobile Security was founded in San Francisco in 2008. They started as an iOS shop, but moved over to Android, and their security product is probably one of the most used on that platform. I do not recall having any contact with employees, but they publish some decent research on their blog at https://blog.lookout.com/.
  Regards,
  Aryeh Goretsky
  
  --
  Dexter is a good dog.
2. Re:lookout who? by superwiz · 2013-08-04 09:06 · Score: 1
  
  Oh, well, I am sure it's not NSA, then. NSA didn't exist in 2008. And even if it did, it wouldn't have a mobile security company as a front. lookout.com, btw was first registered in 2001 according to WhoIs records.
  
  --
  Any guest worker system is indistinguishable from indentured servitude.
And 99% of the wire-tapping by stanlyb · 2013-08-04 06:38 · Score: 1

Is done by NSA and british variant...
So, who is the winner? Who is the number one?
1. Re:And 99% of the wire-tapping by Opportunist · 2013-08-04 08:06 · Score: 1
  
  Considering how much the NSA costs the US taxpayer and how much revenue the Russian companies rake in, I'd guess it's clear.
  It's capitalism, baby. They learned well and fast.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
2. Re:And 99% of the wire-tapping by stanlyb · 2013-08-04 08:41 · Score: 1
  
  Yeee, we are the best, not like these amateurs, the Russians.
  As we say, go BIG or go HOME.
Borders induced problem? by icebike · 2013-08-04 06:45 · Score: 3, Insightful

I've heard it said that the reason people resort to untrusted sources is because official markets (Apple App store, or Google Play store, Amazon, etc) are not available in many countries, or the prices, designed for western economies, are simply not affordable in second and third world countries.
I don'k know a single person that installs apps from some random dodgy website. Or perhaps they do, but just don't admit it. Maybe its much more common with kids who don't have credit cards.
But overall, resorting to third-party installation sources seems much rarer in those countries there there is affordable equal-access to the legitimate markets. Malware penetration into the official markets is not unheard of, but it is surely minuscule compared to the "cracked apps" sites.
The protections and limitations placed on the official markets by some countries seem to inflict more harm than what ever they thought they were protecting their citizens from.

--
Sig Battery depleted. Reverting to safe mode.
1. Re:Borders induced problem? by drinkypoo · 2013-08-04 15:53 · Score: 1
  
  I don'k know a single person that installs apps from some random dodgy website. Or perhaps they do, but just don't admit it. Maybe its much more common with kids who don't have credit cards.
  You can find Android warez on sites in Russia easily with Google. It is safe to assume that a percentage of these warez include trojans.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
2. Re:Borders induced problem? by tlhIngan · 2013-08-04 16:54 · Score: 1
  
  I've heard it said that the reason people resort to untrusted sources is because official markets (Apple App store, or Google Play store, Amazon, etc) are not available in many countries, or the prices, designed for western economies, are simply not affordable in second and third world countries.
  Except Apple isn't the problem. Apple makes sure that when it sells a product to a country, that country has an App Store at the very least. And since Apple controls it all, it does a fairly good job at ensuring that if you're buying an iSomething, you got the App Store. Many countries also have music and movies, but not all.
  The deal with Android is that it is sold in many places where Google Play is not allowed or where Google Play does not support payment (when Android launched, it only supported payment from the US - so only free apps were shown in other countries).
  Of course, since Android makes it easy to sideload apps, people realized that they needed to pirate apps in order to get any good ones that required payment, so all sorts of "app stores" came into existence.
  Of course, that checkbox is quite useless in Android because there are plenty of legitimate app stores as well - Amazon being one, but Humble Bundle sells a few as well.
3. Re:Borders induced problem? by Anonymous Coward · 2013-08-04 16:54 · Score: 0
  
  In China most phones don't come with Google play, and the government makes it difficult to install on most phones. The phones come with app stores that require you to allow untrusted sources. In fact my China telecom phone is happy to silently install new software, and I can't disable this feature.
Lookout Mobile Security by fustakrakich · 2013-08-04 06:48 · Score: 1

Sounds as phony as a three dollar bill. Not naming names? Who and what are they protecting? Maybe somebody else will come forward.

--
“He’s not deformed, he’s just drunk!”
And by Anonymous Coward · 2013-08-04 07:01 · Score: 0

60% by american firms...
And I bet all of it is on Android! by EGSonikku · 2013-08-04 07:03 · Score: 1, Interesting

...but please, keep telling us how much safer and secure Linux is compared to Windows and Mac/iOS!

--
- "Scientia non habet inimicum nisp ignorantem"
1. Re:And I bet all of it is on Android! by Todd+Knarr · 2013-08-04 07:21 · Score: 1
  
  Even if all of it's on Android, I notice that it isn't available through the official app stores. So if you install your mobile software by going to Google Play or Amazon's app store or the like, you're probably not going to get hit. These guys set up their own unofficial app "stores" and web sites, luring you into going outside normal channels to get their stuff. And of course you get bit when you do that.
  My attitude is that for most apps, if it's not available through Google's store I should be suspicious of it. Other large stores like Amazon's I'll use once I've confirmed from the app's own site that it's supposed to be available that way. Direct installation from the software's site... only if I know the site and the project behind it well and know this is their official source. Anything I'm just finding through an ad somewhere else I do not know well enough to trust a direct install. And buying by clicking on a link in a mobile browser? Yeah, just not happening.
2. Re:And I bet all of it is on Android! by Anonymous Coward · 2013-08-04 07:22 · Score: 0
  
  There is a big difference between remote exploitation and user stupidity
3. Re:And I bet all of it is on Android! by Anonymous Coward · 2013-08-04 07:31 · Score: 0
  
  Reread your comment and find how it fits with your signature.
  Ignorant.
  --
  Teun
4. Re:And I bet all of it is on Android! by Anonymous Coward · 2013-08-04 09:49 · Score: 0
  
  Even if it is available on Google's store, one should be suspicious. Read reviews, and you will find a lot of apps with a lot of fake 5-star "chenglish" reviews, then the few 1-star "spams contact list" ones.
  Even then, I've had a game have an update that autoupdated... and the result was a completely different game and malicious code. It was limited by the permissions given, but all it takes is a quick update, and that game that has been fun for a while now shows its true colors as a malware vector.
  Contrast this to iOS with its burly gatekeeper where there have been zero malware intrusions in the wild.
5. Re:And I bet all of it is on Android! by Anonymous Coward · 2013-08-04 10:29 · Score: 0
  
  When browsing the web on my Android device, some sites (look like ad servers) try to push as a download something like security-update.apk or similar. Of course, looking at the security manifest of that shows that it wants everything under the sun...
  Sometimes I do sideload some apps. F-droid installed ad-blocking software come to mind (because Google banned most of it.)
  It is a price to pay. Yes, Apple's store has never has had a malware issue, but access to Cydia on newer devices is getting harder and harder to get (due to jailbreaks being rarer and rarer), so I'll take using multiple secure repos and the danger of that over just one store.
6. Re:And I bet all of it is on Android! by Anonymous Coward · 2013-08-04 12:28 · Score: 0
  
  Unfortunately, there is still one security hole that no operating system has been able to patch and that is the user themselves. The thickness of the steel on your nuclear bunker doesn't matter if you open the door to let some fresh air in.
7. Re:And I bet all of it is on Android! by drinkypoo · 2013-08-04 15:56 · Score: 1
  
  Sometimes I do sideload some apps. F-droid installed ad-blocking software come to mind (because Google banned most of it.)
  Ad-Away and NoScript Anywhere cover all my needs. Aside from Ti Backup, Ad-Away is about the only thing I actually need to install from anywhere but Google any more. If I want XBMC to work worth a crap, though, I have to sideload that too.
  
  It is a price to pay. Yes, Apple's store has never has had a malware issue, but access to Cydia on newer devices is getting harder and harder to get (due to jailbreaks being rarer and rarer), so I'll take using multiple secure repos and the danger of that over just one store.
  Not to mention that nothing is forcing you to use unauthorized markets. You can treat Google just like Apple if you want to.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
8. Re:And I bet all of it is on Android! by vandamme · 2013-08-05 05:08 · Score: 1
  
  To a determined idiot, nothing is truly idiot-proof.
Re:app mobile by Anonymous Coward · 2013-08-04 07:12 · Score: 0

yes, careful is what we must be making for when we to download new application at mobile telephone
The other 70 percent comes from... by Anonymous Coward · 2013-08-04 08:00 · Score: 1

the NSA?
1. Re:The other 70 percent comes from... by Skapare · 2013-08-04 16:49 · Score: 1
  
  Only when someone leaks them.
  
  --
  now we need to go OSS in diesel cars
2. Re:The other 70 percent comes from... by K10W · 2013-08-05 13:11 · Score: 1
  
  the NSA?
  doubt it, they have no real benefit in making this kind of malware as far as I can see, it is bottom of the barrel stuff we're talkign about here. Admittedly they do have a hand in a hell of a lot of the other stuff like zeroday exploit kits which the vendors of admit US is one of the biggest customers in buying such kits. The money is no issue to gov funded group so pocket change from making such malware is pointless, besides any other reason to compromise mobiles they can get access to that data already without your phone being compromised
Re:30 Percent of Mobile Malware Made By 10 Russian by Anonymous Coward · 2013-08-04 10:58 · Score: 0

Nope, 31% of mobile malware originate in China.
The U.S. only makes about 35% of the malware.
No, the product is insecure. by Anonymous Coward · 2013-08-05 01:06 · Score: 0

It doesn't matter how dumb the user is, if the parts are insecure, the parts are insecure.
The user is just one other part.
Buying legit is no sinecure. by Anonymous Coward · 2013-08-05 01:08 · Score: 0

And buying a Sony CD can install a rootkit too.
Re:30 Percent of Mobile Malware Made By 10 Russian by ArcadeMan · 2013-08-05 01:35 · Score: 1

Russia, 30%
China, 31%
USA, 35%
I guess we'll take the last 4%, eh?

--
Get free satoshi (Bitcoin) and Dogecoins