Slashdot Mirror

← Back to Stories (view on slashdot.org)

Massive Android Mobile Botnet Hijacking SMS Data

Posted by Soulskill on from the all-your-texts-are-belong-to-us dept.

wiredmikey writes "A mobile botnet called MisoSMS is wreaking havoc on the Android platform, stealing personal SMS messages and exfiltrating them to attackers in China. Researchers at FireEye lifted the curtain off the threat on Monday, describing MisoSMS as 'one of the largest advanced mobile botnets to date' and warning that it is being used in more than 60 spyware campaigns. FireEye tracked the infections to Android devices in Korea and noted that the attackers are logging into command-and-controls in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages. FireEye's research team discovered a total of 64 mobile botnet campaigns in the MisoSMS malware family and a command-and-control that comprises more than 450 unique malicious e-mail accounts."

8 of 117 comments (clear)

  1. Re:MisoSMS by Eskarel · · Score: 5, Insightful

    The bigger problem is the really poor security options available on Android apps with somewhat ridiculously broad security rights. Most apps will ask to read phone identity simply because the need to be able to identify the device on which the app is installed, but the security grant for phone identity gives a whole crapload more than that. Manage accounts is another good one where in order for an app to actually store its own accounts it needs access to all the accounts.

    Add to that the fact that Google themselves have been constantly trying to take over your SMS with bloody Hangouts and it's not really that surprising that folks don't really understand the permissions they are granting.

  2. Point of view by Anonymous Coward · · Score: 1, Insightful

    Heh you Android guys are funny. If that was an article about Microsoft Windows, you'd be all over the place spewing end of days stuff :))))))

  3. FUD? by wannabgeek · · Score: 3, Insightful

    For all the exaggerated scary words used like "one of the largest", "more than 60 campaigns" etc, there was not a single solid data point about the actual devices infected. Not even a ball park number - like whether it is tens, thousands or millions of devices.
    Makes me suspect the claims.

    --
    I'm much more funny, interesting and insightful than the moderators think
  4. And the moral here is by DrXym · · Score: 4, Insightful

    Download your apps from a reputable store and exercise some common sense. I wouldn't be surprised if this infection was because idiots were downloading warez from some dubious app store.

  5. Better yet, walled garden by Anonymous Coward · · Score: 0, Insightful

    The vendor has a moral responsibility to protect their customers from themselves. When was the last "Massive iOS Mobile Botnet Hijacking SMS Data" headline?

    1. Re:Better yet, walled garden by DrXym · · Score: 1, Insightful

      When was the last "Massive iOS Mobile Botnet Hijacking SMS Data" headline?

      When was the last maximum security prisoner getting run over by a bus headline? Sometimes freedom has its own risks, which includes idiots making poor decisions over where to get their software from. Does that mean everyone should be locked up in a cage to prevent that from happening?

  6. Android: death by a thousand peeping toms by epine · · Score: 3, Insightful

    No kidding. I had to look through dozens of "flashlight" apps to find one that didn't want my calendar, SMS, internet access, and GPS.

    The Android permission system blows goats. It's not just the "all or nothing" approach to app acceptance. It runs deeper. It's also the app store itself, where I can't restrict (or prioritize) search results based on permissions demanded.

    Using aSpotCat, under android.permission-group.PERSONAL_INFO I've got AdService, Chrome, Firefox, Gmail, Google Play, Pebble, and RunKeeper. I've had to bail on the installation of close to fifty apps to keep this list this short.

    Basically the Android security model deters me from actually installing software, to the point where I no longer regard it as a platform.

    This xmas between an Android tablet and an eReader, I'm likely to get an eReader (Kobo here in Canada), which is not a platform either, and doesn't play one on TV.

    I was reading reviews that commented that a Kobo Aura is about the price of a servicable, entry level tablet from Walmart. Several of the reviewers commented "you might as well get the full Android platform for the price". What platform? Android is mainly a platform for sharing far more about myself than I wish to divulge with strangers I don't even know. Whatever information is gleaned will never be under my control ever again: it will almost certainly be amalgamated from one low-life to another ad nausium.

    I'd be quite happy if not a single vendor knew my location ever, who wasn't providing me with a map for my own purposes (such as RunKeeper). If they need to know, I'll tell them. Yet 90% of Android applications demand to hoover this up and the Google play store provides no mechanism to put these applications on a personal shit list, so that better-behaved applications float to the top of the candidate list.

    Android: Death by a thousand peeping toms. Where's well-behaved Waldo? Crushed by the throng. Eventually Diogenes tires of visiting the Turkish baazar and begins to subsist on juniper berries.

  7. F-Droid has limits in some categories by tepples · · Score: 3, Insightful

    You can't download other app stores from Google Play because of the "non-compete" provision of the developer agreement. If you don't trust the F-Droid app, you can always download Eclipse and recompile it yourself. But a problem with F-Droid is an inherent limit in funding development of Free games. Even if a game's engine is free, it'll get blocked with "anti-features" if it recommends installing non-free mission packs.