Slashdot Mirror

← Back to Stories (view on slashdot.org)

Massive Android Mobile Botnet Hijacking SMS Data

Posted by Soulskill on from the all-your-texts-are-belong-to-us dept.

wiredmikey writes "A mobile botnet called MisoSMS is wreaking havoc on the Android platform, stealing personal SMS messages and exfiltrating them to attackers in China. Researchers at FireEye lifted the curtain off the threat on Monday, describing MisoSMS as 'one of the largest advanced mobile botnets to date' and warning that it is being used in more than 60 spyware campaigns. FireEye tracked the infections to Android devices in Korea and noted that the attackers are logging into command-and-controls in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages. FireEye's research team discovered a total of 64 mobile botnet campaigns in the MisoSMS malware family and a command-and-control that comprises more than 450 unique malicious e-mail accounts."

2 of 117 comments (clear)

  1. Re:MisoSMS by Eskarel · · Score: 5, Insightful

    The bigger problem is the really poor security options available on Android apps with somewhat ridiculously broad security rights. Most apps will ask to read phone identity simply because the need to be able to identify the device on which the app is installed, but the security grant for phone identity gives a whole crapload more than that. Manage accounts is another good one where in order for an app to actually store its own accounts it needs access to all the accounts.

    Add to that the fact that Google themselves have been constantly trying to take over your SMS with bloody Hangouts and it's not really that surprising that folks don't really understand the permissions they are granting.

  2. Re:Mf-droidisoSMS by nadaou · · Score: 5, Informative

    > No kidding. I had to look through dozens of "flashlight" apps
    > to find one that didn't want my calendar, SMS, internet access,
    > and GPS.

    F-Droid is your friend.

    As always, FOSS means you don't have to put up with the bullshit.

    F-Droid build all apps they ship from source, including some sort
    of grep filter on permissions to catch (and then remove) any code
    which is not in the user's best interest, or at minimum flag and
    explain the issue in detail to let you decide for yourself.
    Otherwise-good apps with flagrant ad-ware or cripple-ware in it
    simply gets patched.

    --
    ~.~
    I'm a peripheral visionary.