Slashdot Mirror
Android Botnet Evolves, Could Pose Threat To Corporate Networks
angry tapir writes An Android Trojan program that's behind one of the longest running multipurpose mobile botnets has been updated to become stealthier and more resilient. The botnet is mainly used for instant message spam and rogue ticket purchases, but it could be used to launch targeted attacks against corporate networks because the malware allows attackers to use the infected devices as proxies, according to security researchers.
Is this a good reason to root your device so you can put a decent firewall on it? At the least block its communication if it installs itself. Or is it known to change firewall settings too?
FTA.
Users would then see notifications about the finished downloads and would click on them, prompting the malicious application to install if their devices had the "unknown sources" setting enabled
ie: Stupid is as stupid does...
That's like lusers complaining about malware installed on the Windo$e PC being they turned off UAC.
I'm still waiting for a truly open-source, unlocked, user-controllable phone. Like a successor to Open Moko. (Building a closed platform on a base of open software doesn't cut it.)
Is anything out there or in the works?
(It's particularly acute for me just now: My decade-old feature phone started to flake out last week.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Don't install random crap from the internet. If you use play store the chance is virtually nil to be infected with malware. You also have to make the active choice to even be able to install these trojans by ticking "non trusted sources" down in preferences.
It isn't exactly hard to keep an Android device malware free. Same as any other operating system with a good selection of programs in the default repos and stores, like Debian, Ubuntu, or OS X. Even if those operating systems don't mandate one supplier of programs only.
If this sounds to hard, just use iPhones and Playstations which are unable to install random crap no matter how much you need it, but at least you're safe.
if their devices had the "unknown sources" setting enabled.
That is an advanced user setting. It should not be changed unless the user is certain. It even triggers a warning if you change it.
Only change that if you are certain you can use the device safely without it.
If you can't, then leave it in it's factory setting.
Stupid is as stupid does.
Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
I guess someone would have to tell us how to detect it, or something else equally helpful to actually PREVENT this threat. Warnings are pointless without a plan.
Just google for "free antivirus and sexy girl screensaver APK". Lots of Chinese warez sites have it. The app asks for a lot of permissions but only to see if there are viruses hiding in your text messages or contacts.
"could be used to launch targeted attacks against corporate networks" A corporate network operator that allows BYOD Android devices with no MDM installed, direct network access deserves an attack. And corporately owned Android devices would normally have a secure MDM installed with settings like "unknown sources" disabled and not user changeable. For this malware to get access to a corporate network it would require some really poor security practices on the part of the device owner and network owner which would probably mean the company were vulnerable to much simpler attacks.