FBI Issues Android Virus Warning

Dupple writes "The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user's address book and the infected device's phone number."

Should rename these Darwin Viruses

[krelvin]

Places and things people should not be clicking on in the first place.

Re:Should rename these Darwin Viruses

[yog]

You still have to deal with typo squatters. If you type goole.com instead of google.com or some such you may end up at a phony website designed to phish you.

Fortunately, it seems that the big players have grabbed most of the common typos like gogle.com, bankoamerica.com and so forth. But out of millions of sites, there's bound to be plenty of opportunities for a determined script kiddie.

You can't fix stupid.

[scottbomb]

Android is secure enough as it is. My HTC will check with me and double check before it installs any apk. As long as there are people who can be suckered into installing unknown software, we will always have viruses.

Seriously

[Dunbal]

This is not a virus.

Re:Education

[tepples]

Smart platform vendors donate development platforms to colleges and universities around the world

But not to high schools. Or is there a good reason that kids shouldn't be programming before college? Or between graduating from college and getting a job in the field?

Wow, dangerous

[funkylovemonkey]

So I have to click on a strange email and then follow an unknown link where I will be asked to download an .apk? Then I will have to go into settings and click on the option to allow me to install something that isn't in the Play Store, click through the warning that tells me that sideloading an app can lead to viruses and malware, and then install the .apk which then asks me if I'm cool with it accessing my contacts, internet and everything else? If you do all that, you're pretty determined to have problems. I imagine that those who know how to side load apps on their phone are smart enough to not randomly install apps from questionable sources. Or at least they should be smart enough to know that they have no one to blame but themselves if they fall for it.

Re:You can't fix stupid.

[hawguy]

My HTC will check with me and double check before it installs any apk. As long as there are people who can be suckered into installing unknown software

So, basically, you acknowledge you can't sideload safely? How's that walled garden suiting you?

Just like with all software, you need to trust your source. If I don't like Google Market's policies, prices, or selection, I can move to Amazon's App store (or one of the other alternative app stores). Or I can download direct from the software maker.

What alternative does an IOS have if he wants to install an app that's been rejected from Apple's store because of the content or features?

Re:Yet another excellent reason...

[Anonymous Coward]

And you probably don't remember that the logs only existed on the phones, but were available by looking at the backup file. They were never transmitted. Google was found to be actually transmitting the current coordinates back to Google for warehousing. Apple removed the file, Google lobbied to allow them to keep doing it.

Remember that? Or are you just lying to spread more Apple hatred which makes the Android community look like a bunch of children.

Re:Seriously

[tooyoung]

Well, we've kind of dug ourselves into a hole here. For the past two years, we've been describing social engineering attacks against Apple as viruses. Sure, we knew that they weren't, but it helped to dent Apple armor on the "we don't get viruses" claim. When Apple supporters posted that these were trojans, etc, we trolled them and said they were merely arguing semantics. Now we've just got to sit through a little blow back.

Translation for the masses

[tooyoung]

I will be asked to download an .apk

I will install a normal application, like I have done many time before.

Then I will have to go into settings and click on the option to allow me to install something that isn't in the Play Store

Loading application that are outside of the walled garden is one of the main reasons for using Android. A bunch of my technical friends advocated this as the main reason for buying this phone in the first place.

click through the warning that tells me that sideloading an app can lead to viruses and malware

Sideloading an app, as my technical friends showed me, involves a few steps.

and then install the .apk which then asks me if I'm cool with it accessing my contacts, internet and everything else

I'm going to get paid to email people, so the company will need to make sure that I'm actually doing it. In fact, the instructions that they provided actually specified that I'd need to do this.

Re:Should rename these Darwin Viruses

[Anonymous Coward]

Oh, but I though that Android WAS a virus.