Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Android Trojan Fakes Device Shut Down, Spies On Users

Posted by timothy on from the let's-listen-in dept.

An anonymous reader writes A new Android Trojan that tricks users into believing they have shut their device down while it continues working, and is able to silently make calls, send messages, take photos and perform many other tasks, has been discovered and analyzed by AVG researchers. They dubbed it, and AVG's security solutions detect it as PowerOffHijack.

118 comments

  1. not-a-bug; wont-fix by sbrown7792 · · Score: 4, Funny

    Issue closed by NSA

    1. Re:not-a-bug; wont-fix by slashmydots · · Score: 2

      This sounds much more like something the Chinese government would do, although they would simply force the manufacturer to do it, not trick people with fake apps.

    2. Re:not-a-bug; wont-fix by riis138 · · Score: 1

      I would say that's a good guess, though the NSA has had some of their nefarious methods of spying exposed lately as well.

      --
      Somewhere, something incredible is waiting to be known. -Carl Sagan
    3. Re:not-a-bug; wont-fix by ShanghaiBill · · Score: 3, Insightful

      This sounds much more like something the Chinese government would do

      It sounds more like something an anti-virus company like AVG would make up to get publicity and boost sales. If this was something real, they should name the app (they don't) and/or describe a plausible mechanism. An Android app can detect a hard power down (so that it can save data or whatever) but it cannot stop or delay it. So the only way it could work is to trick the user into releasing the power button too early.

    4. Re:not-a-bug; wont-fix by Anonymous Coward · · Score: 0

      This sounds much more like something the Chinese government would do, although they would simply force the manufacturer to do it, not trick people with fake apps.

      Who says there is a difference between the NSA and Chinese government? I mean that literally. Or even more likely between the NSA and criminal gangs of hackers... I am paranoid enough to expect that there is quite a bit of cross-over and infiltration amongst these groups despite the vetting processes for TS clearances. When people claim that the NSA is only concerned with national security, then I ask well what about the hundred people that have slipped through the vetting process and are motivated by criminal intent or are foreign agents or could be bribed at any time by outside groups?

      We have already seen that massive leaks can be motivated by a sense of patriotism or basic right and wrong, but what about motivations of money, sex, drugs, foreign allegiances, criminal gangs and blackmail?? My sense is that counter-intelligence has gotten the shit end of the resources and that you have maybe 1 agent for every thousand people with TS clearances and at best they are doing very superficial checks most of the time. America has aircraft carriers and an impressive array of military technology available, but our weakness is our growing reliance on what might be a dangerously false sense of impervious secrecy.

      The only people in the dark might be the broader public and not our actual enemies.

    5. Re:not-a-bug; wont-fix by Anonymous Coward · · Score: 0

      We are paranoid

      They are after you.

    6. Re:not-a-bug; wont-fix by Anonymous Coward · · Score: 0

      Glad I don't use Android.

    7. Re:not-a-bug; wont-fix by Bonzoli · · Score: 1

      I'm assuming this only gets in a phone if its jail broken/rooted and your downloading illegally obtained crap the phone. My bet is Government made, but which one has the most to gain from it?
      Is it an Ad for AVG?
      The other Ad, chances of catching this approaches 0 if you don't screw the security on your device up?

    8. Re:not-a-bug; wont-fix by slashmydots · · Score: 2

      Or just follow the golden rule of Android since it's invention: stay off the third party app stores!

    9. Re:not-a-bug; wont-fix by farble1670 · · Score: 1

      exactly. this little detail ...

      That's because the malware, after having previously obtained root access

      the app has to have root to work. how did it get root? my guess is that it's a an app that masquerades as an app that requires root, and it fools the user into granting root privs to the app. if that's what happened, the users deserve their fate.

    10. Re:not-a-bug; wont-fix by Technician · · Score: 1

      I keep a set of cheap amplified speakers on my desk. It's the kind with a tattletale buzz when a cell phone is too close. It's hard to be stealthy in a field full of bushes full of bells.

      --
      The truth shall set you free!
    11. Re:not-a-bug; wont-fix by suutar · · Score: 1

      or if it's embedded in a stupid game app on the Google Play store.

    12. Re:not-a-bug; wont-fix by DocSavage64109 · · Score: 1

      All you have to do is get it integrated into whatever tools someone uses to root their phone and it's installed.

    13. Re:not-a-bug; wont-fix by ayesnymous · · Score: 1

      works-as-intended.

    14. Re:not-a-bug; wont-fix by Anonymous Coward · · Score: 0

      All you people can think of is humor .. but android is like going back to windows dark ages .. close source app stores .. you dont know what the fuck is in there .. app asks permission to ur disk bookmarks camera and ur girlfriends pussy .. without any reason .. this is boring .... this is not technology .. this is fucking lame

    15. Re:not-a-bug; wont-fix by david_thornley · · Score: 1

      The Android permissions system is broken. When you see the list of permissions an app claims it needs, you don't know what it's going to do with those permissions. You're expecting people to look over a list and figure out whether everything looks reasonable for any use of the permissions in that app in an unknown context. I can't look at such a list and be confident with it, and I know a lot more about this stuff than most people.

      I much prefer the iOS system, which asks permission for specific actions at specific times, allowing me to run the app normally and allow or deny individual actions that require permission as they come up.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
    16. Re:not-a-bug; wont-fix by Anonymous Coward · · Score: 0

      Is there a reason it couldn't use a vulnerability to gain root access, just like towelroot?

    17. Re:not-a-bug; wont-fix by farble1670 · · Score: 1

      i'm assuming there is no vulnerability. that'd be the real story. if there's a root vulnerability, you can do almost anything. you don't need to fool the user, you just sit in the background and download all of their pictures and data and scan memory for credit cards and passwords ... and so on.

  2. This is why..... by TheCarp · · Score: 5, Insightful

    If you really need privacy, you pull the phone battery....and if you might need privacy, you don't buy a phone that can't have its battery pulled.

    Not really any solutions, as long as people are walking around with what amount to wireless microphones in their pockets this will always be a potetial problem.

    --
    "I opened my eyes, and everything went dark again"
    1. Re:This is why..... by Iamthecheese · · Score: 5, Insightful

      Requiring an action as inconvenient as partially dismantling the device in order to not experience undesired operation is a piss-poor design.

      --
      If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
    2. Re:This is why..... by Anonymous Coward · · Score: 0

      Absolutely. This problem can be directly traced to removing the Big Red Switch from desktop PCs just because Windows 95 cached disk writes and not just reads.

    3. Re:This is why..... by Anonymous Coward · · Score: 1

      Good to know you don't need a cell phone of any kind since, well... you know. Any cell phone, smart or dumb, can be activated at any time by anyone with the tools necessary and used as a listening device. This tends to be done during civilian orientation on Military bases as a demonstration of why cell phones are not permitted in designated secure areas, no exceptions.

    4. Re:This is why..... by Anonymous Coward · · Score: 0

      Unless there's a hidden powercell in it that still keeps spying on you even though the battery is out and the display is off. Paranoia in 3, 2, 1...

    5. Re:This is why..... by Anonymous Coward · · Score: 1

      The article wasn't very clear, but most phones have a hard shutdown that works almost the same as a battery pull if you hold the power button for 10-20 seconds that would most likely bypass anything like this virus.

      Still inconvenient and untrustworthy. I really wish physical buttons that physically disconnect parts of devices would make a comeback. I would love to be able to flip a switch and know for certain that my camera/microphone were off, or to disconnect power rather than opening my phone and pulling my battery.

    6. Re:This is why..... by thieh · · Score: 2

      If you need privacy, you don't buy a phone. Do all your talking in person. Actually, do everything in person.

    7. Re:This is why..... by GTRacer · · Score: 1

      Don't forget to frisk everyone you speak with! They may have untrustworthy mobiles!

      --
      Defending IP by destroying access to it? That makes sense, RIAA/MPAA. Go to the corner until you can play nice!
    8. Re:This is why..... by freeze128 · · Score: 1

      That's not practical in the age of global commerce.

    9. Re:This is why..... by TheCarp · · Score: 2

      In theory I agree, in practice, this requirement is imposed by the intersection of the other stated requirement "privacy" and the necessary capabilities of the device known as a "smart phone".

      You can't really have a device that does what a smart phone does and isn't a privacy risk without some sort of hard power disconnect.

      You could, otoh, leave the phone in another room, or lock it inside a soundproof box. There are many solutiuons but none of them involve "hit the soft off switch and put it in your pocket"

      --
      "I opened my eyes, and everything went dark again"
    10. Re:This is why..... by jeffmflanagan · · Score: 1

      I wouldn't dismiss a huge performance gain as " just because."

    11. Re:This is why..... by GrumpySteen · · Score: 4, Funny

      They could have an untrustworthy mobile hidden in an orifice. Best don the latex and do a thorough cavity search!

    12. Re:This is why..... by BasilBrush · · Score: 1

      Android's tend to have removable batteries. iPhones don't.
      Android's have this malware. iPhones don't.

    13. Re:This is why..... by tepples · · Score: 1

      Android devices that have not been rooted do not have this malware. You can't catch it just by turning on "Unknown sources".

    14. Re:This is why..... by Anonymous Coward · · Score: 0

      many smart phones have a second battery.

    15. Re:This is why..... by Anonymous Coward · · Score: 0

      I wish I still had some mod points left

    16. Re:This is why..... by Anonymous Coward · · Score: 0

      Obviously impossible!
      http://www.mouser.com/Power/Supercapacitors/_/N-6uivw

    17. Re:This is why..... by Anonymous Coward · · Score: 1

      If you really need privacy, you pull the phone battery....and if you might need privacy, you don't buy a phone that can't have its battery pulled.

      Not really any solutions, as long as people are walking around with what amount to wireless microphones in their pockets this will always be a potetial problem.

      Or at the very least, don't run any apps outside of the designated ecosystem that at least have provisions to theoretically mitigate malware like this. It's really the equivalent of downloading random installers from torrent links on the pirate bay, and then going "oh shit windows is so insecure!" when you get hacked and your banking passwords get stolen.

    18. Re:This is why..... by Hognoxious · · Score: 1

      Components with moving parts cost money. This is why having a touchscreen quickly leads to having only a touchscreen.

      Not disagreeing with you, BTW. If you want to form a club for the preservation of actual controls you can feel (along the lines of CAMRA) sign me up as member 2.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    19. Re:This is why..... by Anonymous Coward · · Score: 0

      You could, otoh, leave the phone in another room, or lock it inside a soundproof box. There are many solutiuons but none of them involve "hit the soft off switch and put it in your pocket"

      Or put it in an elegant metal box, like cigar boxes.

    20. Re:This is why..... by suutar · · Score: 1

      I thought "unknown sources" was enough to allow third party app stores (assuming that it hasn't actually reached Google Play yet), from reading this. Am I mistaken?

    21. Re: This is why..... by Anonymous Coward · · Score: 0

      That's funny. Really. Since Google's main business line is harvesting your data. That's all they do man; spy on you.

    22. Re:This is why..... by markdavis · · Score: 3, Insightful

      I think you hit on the solution: A hard power switch.

      And better yet, also add: A hard microphone switch and a physical shutter for the cameras. I wouldn't mind having a hard radio switch and/or GPS switch too.

      No software can work around that when you need real privacy.

    23. Re:This is why..... by Anonymous Coward · · Score: 0

      When Cuba is completely open these will be redwood again. Then you'll know elegance.

    24. Re:This is why..... by Neil+Boekend · · Score: 1

      I have friends on the other side of the planet. I can be loud if I want to but I doubt I could shout hard enough for them to hear me.

      --
      Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
    25. Re:This is why..... by Neil+Boekend · · Score: 1

      You are not mistaken.

      However, this virus apparently and logically also needs root access. Unknown sources does not grant it that. Rooting your phone does.

      It needs both to work.

      --
      Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
    26. Re:This is why..... by Anonymous Coward · · Score: 0

      Whoosh.

    27. Re:This is why..... by david_thornley · · Score: 1

      The problem with a Big Red Button on a phone is that it will be pushed by accident. My desktop sits there, with the front panel controls out of easy reach, and the cats don't try to get too friendly with it, so a BRB is just fine. My phone sits in my pocket all day, and I touch various parts of it as I pull it out, use it, drop it and try to catch it, take something else out of that pocket, whatever. I don't want to have my phone turn off when I don't want it to. I don't want to be able to touch something that suddenly cuts the microphone or camera off when I'm using them.

      --
      "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
    28. Re:This is why..... by TheCarp · · Score: 1

      This is one of the things that pisses me off about droids as awell. I bought the fucking hardware, its my phone. If I break it, I buy a new one. So why don't I have access to the root acount. I don't want to run everythng as root, but I shouldn't need an exploit to get it and run apps that need it.

      And maybe, if they designed with that access in mind, and didn't make people use exploits to get root access....maybe if they stopped treating it like hardare I was borrowing instead of buying we could have mechanisms to deal with this access better.

      --
      "I opened my eyes, and everything went dark again"
    29. Re:This is why..... by Neil+Boekend · · Score: 1

      I actually agree with some of the sentiment of the manufacturers. Most users can't handle root so you shouldn't give it to them. Manufacturers can't just work with nerds who can handle it. Ordinary users will mess things up and complain to the manufacturer about it.
      However it should be a setting like "unknown sources" where those that choose it can activate it. At their own risk of course.

      --
      Well, I might have a way, but it only works on a semi spherical planet in a vacuum.
  3. part of the great Google conspiracy by Anonymous Coward · · Score: 0

    "It is apparently being propagated via third-party online app stores, but the researchers haven't mentioned what apps it masquerades as."

    That's right, you should only get your apps from Google. It's must better to have your phone hijacked by marketing-ware that tracks your every move.

    1. Re:part of the great Google conspiracy by morgauxo · · Score: 1

      It's probably in apps that are either copies of or otherwise masquerading as good ones. Listing them would just serve to hurt the makers of the actual real apps while not acomplishing much as the malware pedler's would just quickly adapt by copying someone else's app. It's better just to inform the marketplaces to pull the offenders and publish articles like this to remind people to be careful of what they install in general.

    2. Re:part of the great Google conspiracy by Anonymous Coward · · Score: 0

      I'm convinced that Google has been publishing these malware applications on third party sites for years.

  4. Don't be silly by Anonymous Coward · · Score: 0

    Android is based on linux and linux doesn't get malware; nice try Micro$oft!

    1. Re:Don't be silly by blackest_k · · Score: 4, Insightful

      I think its fair to say that it takes a user to install it first, linux has pretty much always had trustworthy repositories, Google not so much.

      I love some of the things you can add to chrome but there seems to be little to no security checking of what an app or extension does. That does worry me.

      --
      Blarney Quality Restaurant, Plants
    2. Re:Don't be silly by ArhcAngel · · Score: 1

      If a vampire tries to enter your home he will not succeed...unless he can get you to invite him in. Once you have invited a vampire in you are screwed!

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
  5. WTF? by gstoddart · · Score: 3, Funny

    Why is it so damned easy for malware to get root access, and so damned annoying for me to get it?

    And, quite honestly, by how annoying and intrusive AVG was becoming when I got away from it ... do we have another source which confirms this?

    I'm just not sure I trust them to be quite honest.

    --
    Lost at C:>. Found at C.
    1. Re:WTF? by Anonymous Coward · · Score: 0

      Why is it so damned easy for malware to get root access, and so damned annoying for me to get it?

      That's the power of open sores!

    2. Re:WTF? by Anonymous Coward · · Score: 0

      Had to restart my computer twice yesterday for AVG updates, I need to switch antivirus...

    3. Re:WTF? by Anonymous Coward · · Score: 0

      Really? That's your solution to "so damned annoying for [the phone's owner] to get root access"?

    4. Re:WTF? by Anonymous Coward · · Score: 0

      If you only use the Google Playstore to install apps, you can't get hosed by this app.

    5. Re:WTF? by Anonymous Coward · · Score: 0

      Really? That's your solution to "so damned annoying for [the phone's owner] to get root access"?

      Really? You think the most important issue here is getting root access and not the lack of security on the Android platform? People wanting root is part of the problem.

    6. Re:WTF? by fisted · · Score: 1

      Wait since when is rooting an android device difficult? What model are we talking about?

      --
      CLI paste? paste.pr0.tips!
    7. Re:WTF? by gstoddart · · Score: 2

      Look, if I want to build my fucking phone in a kit ... well, actually, I don't want to build my phone in a kit, which is my damned point.

      So first I need to find an exploit for my phone, hope it works, hope it has no chance of bricking my phone (which no matter what anybody says is non-zero), then I need to download a ROM, then I need to recreate all the functionality I need, and then I need to hope it works. Then I need to do who knows what to keep it running.

      Sorry, but no.

      I've looked into rooting both my phone, and my tablet ... and both of them sound like they're a lot more nuisance than it's worth.

      If you're a hobbyist who craves nothing more than endlessly fiddling with your device, maybe it sounds worthwhile. But from what I've been able to tell, it's a lot more than I'm willing to do.

      All I want is the damned app which lets me say "no, you can't to that" to remove perms from apps .. I don't want to build a phone from scratch.

      --
      Lost at C:>. Found at C.
    8. Re:WTF? by AmiMoJo · · Score: 4, Informative

      There is nothing to see here. The malware doesn't get root. It's just a normal app that simulates shutdown, like those lame joke apps we used to write back in the day that mimic the DOS format command output or Netware login screen. The user has to be simultaneously knowledgeable enough to enable app installation from sources other than Play and extremely dumb to install an app requiring so many permissions and from a dubious source.

      The malware doesn't do anything a normal app can't. No exploits, it just makes the screen completely black and starts sending text messages (which the user gave it permission to do), while hoping you don't press the home key and discover the ruse.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    9. Re:WTF? by Anonymous Coward · · Score: 0

      Not really.

      http://www.cmcm.com/blog/en/security/2015-01-21/531.html

    10. Re:WTF? by nevermore94 · · Score: 1

      It all comes to your choice in phones and if they have a locked boot loader (or an unlockable one) or not. Phones without one like Nexus devices, Google Play Editions, or my personal favorite the Moto X Developer Edition are simple to root and don't even require ROMing. My Verizon Moto X Dev has even stayed rooted through 3 Over The Air updates without having to do anything special.

      --
      Nevermore.
    11. Re:WTF? by Anonymous Coward · · Score: 0

      Isn't that the phone that has three microphones?

    12. Re:WTF? by Anonymous Coward · · Score: 0

      Android has become the everything for everyone platform. The API is getting bloated under the weight of all the developer pandering.

      IMHO, apps are secondary to making calls, sending SMS, battery life, and Wifi tethering the 4G radio to your laptop. That's why I use a Nokia Windows Phone. It does the things that matter. The lack of apps doesn't bother me because I have a chromebook with me at all times which does everything Android does except with a full keyboard, a larger battery, and no "Dalvik" virtualization overhead IE: more efficient battery usage.

      Android has turned in to your grandma's Internet Explorer browser covered in toolbars like so many refrigerator magnets.
      It's mostly the carriers fault for the retarded amount of time they take to release OS updates to their devices.

      I'm an Android Developer btw. Also: Techno-hipster.

    13. Re:WTF? by stephanruby · · Score: 2

      Why is it so damned easy for malware to get root access, and so damned annoying for me to get it?

      In this case, the phone must already be rooted, and the user must be willing to grant root permission to the application. In other words, this is essentially a surveillance app for your spouse/girlfriend/boyfriend/children, where you must have physical access to their device for you to be able to install the trojan.

      After all, why else would the AVG vendor not give us the name of the app?? And why else does the AVG vendor vaguely says that the app "applies for the root permission" when it goes down to the absolute nitty-gritty details for everything else.

      In that context, it makes sense that 10,000 people downloaded/installed this app from some Chinese app store. Finding jealous people that want to spy on their significant other is easy enough (especially around Valentines day, which was only four days before this article was written). And rooting a phone in China is easy also, even for people that wouldn't know how to do it themselves, there is an entire corner shop service industry that's dedicated to helping Chinese consumers getting rid of regional locks, copy-write restrictions, software locks on pirated software, etc.

    14. Re:WTF? by fisted · · Score: 1

      Okay, so instead of answering my genuine question you prefer to go on a rant demonstrating how you're confusing rooting with installing a custom ROM. Fucking useless.

      --
      CLI paste? paste.pr0.tips!
    15. Re:WTF? by farble1670 · · Score: 1

      I've looked into rooting both my phone, and my tablet ... and both of them sound like they're a lot more nuisance than it's worth.

      having a custom ROM and rooting are orthogonal. i have a Nexus 10 that's rooted but's running the stock firmware and continues to get OTA updates. that being said, you are mostly right about running a custom ROM. the result is a loss of an hour of your life and a device that's almost always less stable.

  6. AVG: People still use it? by Anonymous Coward · · Score: 0

    "has been discovered and analyzed by AVG researchers"

    Seriously now, people still use AVG? Even after the tool-bar and complaints on the web on how difficult it is to completely remove? What of detection rates?

    I'm at a loss here. Other than using anti-virus bootcds (LiveCDs) which I find to be more effective than most free (installed or portable) antivirus products, what is a tip top free anti-virus these days?

    1. Re:AVG: People still use it? by slaker · · Score: 1

      I'd say that Avast is best among the free Windows options and that the free version is specifically a better product than the paid one. One of the paid modules is god-awful for system performance.I only install the Virus and Web Shields and the Browser Cleanup and Rescue Disk options. The rest is just fluff and my local mail gateway will check emails anyway.

      Microsoft Security Essentials on Windows 7 is more of an antimalware tool than functional antivirus and testing has shown it to be progressively less effective even at that.

      Avira insists on generating pop-ups every time you do anything with it. At least Avast can be put permanently into game mode if you never want it to put messages on screen.

      AVG is a performance boat-anchor and some the branded add-on tools distributed by AVG are now recognized by removal tools as Potentially Unwanted Programs. Between those things, I put AVG in the same "uninstall on sight" category as home versions of McAfee, Norton and Webroot security products.

      --
      -- I wanna decide who lives and who dies - Crow T. Robot, MST3K
    2. Re:AVG: People still use it? by mlts · · Score: 2

      The only AV products I've found which actually do anything are SpywareBlaster and Malwarebytes, because MB actually blocks by IPs, and SpywareBlaster doesn't actively run, but sets kill bits and blocklists in browsers.

      However, with an adblocking browser extension, Web based malware should never hit your system in the first place, and with click to play functionality, should not have a chance of being activated... and with a VM or sandbox, even if the browser does get compromised, it won't get past that.

      As for Android, the weakness is that a lot of Chinese stores have little to no curation or filtering out bad stuff. Google does a decent job in stomping out the bad stuff, but I still think they need to go with two tiers, one tier as things are currently, and one tier where developers have to agree to more stringent rules, and the software has to pass more tests... that way, if a user sticks to the more curated tier, there is less chance of an infection happening.

      One note -- the exploits we read about with Android almost always are related to either pirate repositories or "app stores" with little to no moderation. Even something like Cydia's ecosystem would be highly unlikely to have malware like this ever hit it it in the first place, and if it did, the devs would have it pulled in minutes to hours.

      As for AV software, I use it on machines to make legal eagles happy. I've yet to see it actually actively stop a compromise of a machine. At best, it is good for scanning for 1+ day stuff. The real defense are the IP blacklists, hosts files, kill bits (SpywareBlaster is quite useful), Web browser extensions and click-to-play. The best mitigation if an infection happens are sandboxes (SandboxIE), virtual machines, and jails. AV was useful back when one scanned a floppy with the latest copy of Doom on it, but these days, it is more for the checkbox in paperwork than actual protection.

    3. Re:AVG: People still use it? by slaker · · Score: 1

      MBAM does have an AV module in its paid product, but I think you're not making a distinction between anti-malware and anti-virus applications.The two things are distinct and primarily differentiated by whether or not the software in question tries to spread itself to other files or computers. I agree that anti-malware is much more important because it is much more commonplace, and in my experience there is no single tool that is actually worthwhile for both types of protection, but Windows machines do need both and are best served with best of breed protection from multiple products rather than a single tool that might only really offer worthwhile protection from one side or the other.

      I'll also say that Spybot Search and Destroy offers a much more comprehensive array of malware blocking tools when compared to Spywareblaster and it should probably also be in your tool belt.

      --
      -- I wanna decide who lives and who dies - Crow T. Robot, MST3K
    4. Re:AVG: People still use it? by Anonymous Coward · · Score: 0

      Usually AV and AM tend to be the same products these days. Symantec Endpoint Protection, for example... or McAfee's offering.

      Either way, the product isn't worth much, and usually by the time it might notice something, the rootkit is in place so the AV/AM utility is already bypassed.

      One exception is AV/AM that scans from the hypervisor or SAN level. This can snapshot the VM for forensic purposes and automatically roll it back to a clean copy. Otherwise, AV/AM stuff is worthless except for the legal aspect.

    5. Re: AVG: People still use it? by Anonymous Coward · · Score: 0

      got that right

  7. Son don't try Aptoid by lord_rob+the+only+on · · Score: 1

    You may Save a few bucks using pirated software but you'd better stay with the original Play store even if it costs you some dollars to register your app and at lest you make a developer happy for his job

    1. Re:Son don't try Aptoid by slaker · · Score: 1

      Some Android devices don't have licensed access to the Play Store, including anything that runs FireOS and tits-knows how many generic devices that somehow manage to get random retail distribution. You can tell people "Don't buy those things." but what do you say to the people who already own them?
      In some cases (e.g. Firefox), an APK will be available from the developer, but because of the way Android works, there's every possibility that even a random developer's packaging (e.g. Pushbullet) will rely on Google's authentication framework and therefore their software will be worthless on unlicensed devices.

      --
      -- I wanna decide who lives and who dies - Crow T. Robot, MST3K
    2. Re:Son don't try Aptoid by Anonymous Coward · · Score: 0

      There are alternatives to Play Store

      Amazon, F-Droid etc.

      And if you check forums there are usually ways to put Play sTore on most devices.

    3. Re:Son don't try Aptoid by tepples · · Score: 1

      F-Droid doesn't have free apps, and a lot of developers of apps on Play Store appear unwilling to put their apps on Amazon.

    4. Re:Son don't try Aptoid by Anonymous Coward · · Score: 0

      You meant "doesn't have non-free apps", right?

    5. Re:Son don't try Aptoid by slaker · · Score: 1

      You can get about 85% functionality from loading four specific APKs to get some Google apps on a FireOS device. You can also root it and load the full suite at the cost of your warranty. But some apps sourced from the Play store use Google components that won't work without Google licensing even if they themselves are not products of Google.

      Many Android devs simply don't publish their apps on Amazon. I'm not a mobile dev, so I don't know why that's a problem, but it is.

      You can tell people not to use third party stores, but there's a greater problem when the first-party option is completely off the table and the second best and universally compatible choice is wholly inadequate.

      --
      -- I wanna decide who lives and who dies - Crow T. Robot, MST3K
  8. Re:Fuck off. by davydagger · · Score: 2

    yes actually, but the NSA has been caught doing the last few times in a row, its not ignorant ot make that assumption.

  9. Not new by JeffOwl · · Score: 2

    This capability predates Android and was used against feature phones quite a number of years ago. The countermeasure then, as it is now, leave your phone elsewhere or pull the battery if you really need to be sure you aren't being monitored.

    1. Re:Not new by pecosdave · · Score: 1

      Of course that's been counted by the fact they won't let you pull the friggin battery anymore.

      --
      The preceding post was not a Slashvertisement.
    2. Re:Not new by Anonymous Coward · · Score: 0

      Wow. Pull the battery if you want privacy? Really? Nothing to see here? LOLZZZZ!!!!! Android fails yet again! .

      If you think Android is the only operating system with privacy issues then you must be living on another planet. Name any smartphone phone operating system and I will show you a vulnerablility.

    3. Re:Not new by Anonymous Coward · · Score: 0

      That must of been a joke. I'm sure he was talking about iphones... Let's try it and see if it makes more sense:

      Wow. Pull the battery if you want privacy? Really? Nothing to see here? LOLZZZZ!!!!! Apple fails yet again!

      How you Fanboys are willing to live and die by your stupid little itoys.... Hitler didn't have as loyal of goose steppers

      Seems about right.

    4. Re:Not new by Anonymous Coward · · Score: 0

      I'm not stating that at all. I'm just saying that if this were Apple or MS the idea of pulling a battery (even if it could be done) would be "teh Epik fail11!!!!11!!1!!"
       
      If you think I'm wrong then you've been asleep.

  10. HijackOff by wasteoid · · Score: 1

    should've been the name they gave it.

    1. Re:HijackOff by sexconker · · Score: 1

      OffJacker or OffJack.

    2. Re: HijackOff by Anonymous Coward · · Score: 0

      You may be wondering "how does wood get so hard?"
      The wood became hard over thousands of years!

  11. There's a positive. by Anonymous Coward · · Score: 0

    At least you will get super-fast shutdown and boot up times now.

  12. Some LiveCDs ... Re:AVG: People still use it? by Anonymous Coward · · Score: 0

    Thank you.

    Are you a Linux user by chance?

    I found this:

    http://www.bitdefender.com/bus...

    And it appears to be 100% free with a free license.

    I know - people say *nix doesn't need antivirus program(s)...but clamav isn't enough to satisfy my needs.

    ###

    Avira continues with popups? What a shame. One would think popups to be a form of adware. I enjoyed the configuration options which Avast didn't provide [several years ago].

    MSE makes me wonder if I have any protection at all.

    Avast may be the winner here [for free options] if you turn off most of the non-virus related scanning modules.

    I like Clamwin for a backup manual scanner, it's caught some trojans MSE couldn't find. I hear detection rate is poor and false positives are common but it's one more tool in my chest.

    Here are some free antivirus LiveCDs:

    + AVG:
    http://www.avg.com/us-en/avg-r...

    + AVG ARL: The latest release version of the AVG Rescue CD GNU/Linux (ARL) with daily updated virus database,
    latest alpha or beta version of the ARL and all the resources needed to build the ARL from scratch. Releases are signed!
    https://share.avg.com/arl

    + Avira:
    https://www.avira.com/en/downl...

    + BitDefender:
    http://download.bitdefender.co...

    + Comodo Rescue Disk (CRD):
    https://www.comodo.com/busines...

    + Dr.Web LiveCD:
    http://www.freedrweb.com/lived...

    + F-Secure:
    https://www.f-secure.com/en/we...
    https://www.f-secure.com/en/we...

    + Kaspersky:
    http://support.kaspersky.com/f...
    http://support.kaspersky.com/v...
    http://forum.kaspersky.com/ind...

    As with all antivirus products, please read the greedy EULAs before proceeding.

    1. Re:Some LiveCDs ... Re:AVG: People still use it? by Anonymous Coward · · Score: 0

      Should we all be using HOSTS files too?

    2. Re:Some LiveCDs ... Re:AVG: People still use it? by slaker · · Score: 1

      I think the MVPS.org hosts file is a good idea for everyone on every device, but anyone using Windows 8+ should know that if the Windows Defender Service is enabled (and I've seen system updates re-enable it), Windows 8 will ignore the content of your hosts file.

      My standard protection list is: Adblock+ with Easylist, Malware Domains and Fanboy's Annoyances subs (I also use Warning removal and turn off unobtrusive ads) for every browser on every user account. I actually impregnate the default user account on whatever desktop OS to make sure every account gets CREATED with those options turned on for Mozilla and Google browsers.

      Adblock+ for IE doesn't have all those options, but as of version 1.3 at least unobtrusive ads can be turned off. IE does support TPLs, so in an AD environment I mandate the Easylist TPL for basic ad blocking, even if the user disables other ad blocking tools.

      On Windows machines that don't have some kind of security appliance or web filtering in place, I also install Spybot Search and Destroy for its Immunization function.

      I'll also throw Malwarebytes on absolutely everything and I urge end users to avoid installation of Java and Adobe Acrobat Reader as much as humanly possible. On systems that I maintain, I have a script that adds a scheduled task to install Chocolatey.org's repo + scripts to update browsers, flash, PDF reader et al on Windows machines.

      --
      -- I wanna decide who lives and who dies - Crow T. Robot, MST3K
    3. Re:Some LiveCDs ... Re:AVG: People still use it? by Anonymous Coward · · Score: 0

      "I think the MVPS.org hosts file is a good idea for everyone on every device"

      The original/old Spybot had an option to automatically re-write your hosts file to include a long list of blocked domains with one click!

      Which would you find more useful, Spybot's or MVPS'?

    4. Re: Some LiveCDs ... Re:AVG: People still use it? by Anonymous Coward · · Score: 0

      What about APKs host file tool? I see people raving about it for pages on end here, all the time!

    5. Re:Some LiveCDs ... Re:AVG: People still use it? by slaker · · Score: 1

      I'm more likely to use Spybot's, on systems that support it. That's mostly out of laziness. It's actually possible to do both. Spybot will append its list to whatever is already present, but functionally they're close enough that I don't bother.

      --
      -- I wanna decide who lives and who dies - Crow T. Robot, MST3K
  13. Re:Fuck off. by Anonymous Coward · · Score: 3, Insightful

    yes actually, but the NSA has been caught doing the last few times in a row, its not ignorant ot make that assumption.

    With a track history like the NSAs, it's not even an assumption. It's more like a statistical certainty.

  14. bennett by Anonymous Coward · · Score: 0

    is it him?

  15. Re:Fuck off. by Anonymous Coward · · Score: 0

    NSA get caught because they are crap at it. You can bet your bottom dollar that the Chinese, Russians and others are having a good go at it too. And let's not forget the British GCHQ.

  16. Re:Fuck off. by Anonymous Coward · · Score: 0

    And Jamie Oliver!

    And the Girl Scouts!

    And the Spanish, those... those... wait, are they from Mexico? So, Mexico is involved? I knew it!

    And the animals, I've read they've got some intelligence, I'm sure they're spying someone, too, everyone spies!

    See, we could only do what everybody is doing! Nothing to see here...

  17. My favorite old-school phone hack by swb · · Score: 1

    At about the peak of analog phones, most would have a dumb message on the screen, usually the maker's name or the carrier name. You could often change this message but almost nobody did, but the displays were so primitive that informational messages usually appeared in the same place and type, like "NO SERVICE".

    The fun thing to do was to change the message from "Airtouch Celluar" to "NO SERVICE" and enjoy the hilarity when people picked up their phone and wondered why it wasn't working.

    Yes, most phones showed "bars" and there was no reason why someone with half a brain wouldn't sort it out in a second, but it was often funny how many DIDN'T sort it out.

  18. Useless trojan by Anonymous Coward · · Score: 0

    This sounds like the most useless trojan ever. So it intercepts when people try to shut down their phone/table and then does malicious stuff. Gee, that might be useful, for the 0.01% of the time that most people actually SHUT DOWN their phone/tablet. Seriously, every single person I've known does not shut those devices down except for in rare circumstances.

  19. It needs Root to work by fateblossom · · Score: 1

    As the article state it needs Root to do it.

    And it do not say how you gets it.

    So it's some code that need root access to mess with your phone.
    So you properly just need to root your phone. And install an app that you have downloaded from some suspected webpage.
    So is it a Trojan or just a feature from a rouge app/programmer?

    Do not root your phone if you do not have any idea what you are doing and installing apps from every that you find.

  20. That will work ... by PPH · · Score: 1

    ... right up to the point where my GSM phone makes one of these 'background calls' and every nearby radio starts squawking and buzzing.

    --
    Have gnu, will travel.
  21. FUD anyone? by farble1670 · · Score: 2

    That's because the malware, after having previously obtained root access

    how did it get root? either the device was rooted and the user granted the app root privs (duh!), or they've discovered a hack to gain root on non-rooted devices. if it was the latter, we'd be hearing a lot more about it, and faking a phone shutdown is the least of our concerns.

  22. Reminds me by Anonymous Coward · · Score: 0

    Reminds of the 'CSI:NY' episode where the police can track anybody by sending their mobile phone a wake-up signal. Which of course means, the phone was never truly off, just at 'mode execute ready'.

  23. Re:Fuck off. by Anonymous Coward · · Score: 0

    Fuck off.

    Ohh, look! The loop is now closed.

  24. 3th party app markets by sad_ · · Score: 1

    These things always happen to people who are using 3th party app stores, besides f-droid (which only has open source android apps), what could the possible reason be to use 3th party app stores? what apps are on there that you can't find on the play store?

    --
    On a long enough timeline, the survival rate for everyone drops to zero.
  25. Re:Fuck off. by davydagger · · Score: 1
    agreed. you also forgot most major corporations, world wide of all nations as well.

    There is no better reason then to stiff up your lip, and write backdoors for no one. The best practice for dealing with the NSA just happens to be best practice for dealing with the GCHQ, Russian FSB, and whatever the chineese, french, or any other nation state has.

    1. blow the whistle on everything. Don't ever spy exlusively for any powerful institution.
    2. don't write backdoors for anyone
    3. don't weaken crypto for anyone
    4. don't get involved in super-secret squirel spy-vs-spy plots, for anyone, for any reason(you never know who's pulling the strings, and you know they are all bad). Stay away from the shadows as much as you can. Drain the swamp on unethical behavior
    5. write/use/recommend systems that are more distributed and peer to peer systems that can't be controlled centrally, and are hard to stop, or monitor.
    6. Release all code and schematics Free and Open Source. Help inspect and audit others code.
    7. Put all bugs in the core stack of Free software in appropriate bug trackers and get them fixed, to prevent people from getting spied on. If any company open sources their firmware, help them make sure there are no backdoors or other bugs in it.(its a self serving favor, like everything in Open Source).(white hat hacktivism is best hacktivism) 8. Associate with like minded people to help protect yourself. Agitate to get people to fix bugs, and adhere to the above. Don't be affraid of making alliances of mutual aid, which are unconventional, if they work in common intrest.(an Anarchist as myself, teaming up with corporations to make sure that critical pieces of software and hardware remain free and secure, and readily available).

    The point is that we can make social change that weakens the ability of large organizations to use surviallence as leverage against non-involved citizens and use people against their will. This will make governments world wide need more consent from the people to rule, thus improving conditions for everyone world wide

    All hackers, programmers, technicians, can and will make a diffrence.