Massive Android Mobile Botnet Hijacking SMS Data

wiredmikey writes "A mobile botnet called MisoSMS is wreaking havoc on the Android platform, stealing personal SMS messages and exfiltrating them to attackers in China. Researchers at FireEye lifted the curtain off the threat on Monday, describing MisoSMS as 'one of the largest advanced mobile botnets to date' and warning that it is being used in more than 60 spyware campaigns. FireEye tracked the infections to Android devices in Korea and noted that the attackers are logging into command-and-controls in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages. FireEye's research team discovered a total of 64 mobile botnet campaigns in the MisoSMS malware family and a command-and-control that comprises more than 450 unique malicious e-mail accounts."

Re:LOL WTF LMFAO

[hairyfeet]

I think you are missing the more important information here, malware like this and Linux servers being targeted for attack finally drive a stake through the lie that just because you have source that magically makes it more secure. As we see its just as many of us have been saying for years that once Linux reached a level of popularity it too would fall, no different than windows and OSX.

All having the source does is make it so that 1.- if you have the money, or 2.- if you have the coding talent, that you can continue to have that older piece of hardware or software supported...that's it, that's all it does, it keeps you from ending up with software or hardware being unsupported because everybody moved on because you can pay to keep it going or fix it yourself. I mean if anybody even thought about it for more than 30 seconds it would be plain as the nose on your face why "many eyes" is a myth, how many tens of millions of loc is in your average distro? How many programs and/or components are updated/upgraded on that distro per quarter? This is why every bug tracker has bugs going back several years, for the vast majority of any distro I seriously doubt anybody other than the guys that actually work on the project look at it with any regularity and you can be damned sure the majority of it isn't getting a security audit, it simply changes too fast.

But of course I'll be modded off the page for daring to point out what TFA clearly shows, but IRL Linux is just as complex as any other modern OS and where there is complexity there is flaws, simple as that.