"Bill Shocker" Malware Controls 620,000 Android Phones In China 138
Orome1 writes "A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the 'Bill Shocker' (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide. Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges."
Nope (Score:3)
There are phone numbers you can dial that result in an addition to your bill and money being paid to the guy you dialed... 1-900 numbers or whatever in the US.
The idea of making malware to forcibly call these numbers to the profit of the number owner is not new.
Re: (Score:2)
The idea of making malware to forcibly call these numbers to the profit of the number owner is not new.
It used to happen back in the days when we had modems in our PCs.
On "Smart" Phones (Score:2)
Re: (Score:2)
I don't really think of them as a "PC" though. I'm sure most other people don't either.
(Yes, I know what the literal meaning of the acronym "PC" is...)
Re: (Score:2)
I don't really think of them as a "PC" though. I'm sure most other people don't either.
Yeah, the fact that they actually have higher computing power than the PCs back then obviously doesn't matter.
Re: (Score:2)
Your point? or are you just being an ass? Oh AC, that answers that.
Re: (Score:1)
The problem is the platform is so vulnerable.
That is A problem; but not THE problem.
The REAL problem are the entities (Banks, Telcos and Governments) that are all standing under this money fountain, being WILLFULLY BLIND to all these transactions.
Not to shamelessly self-promote; but I covered this in a comment [slashdot.org] further below.
Re: (Score:2)
Actually THAT was one of the biggest shifts that Apple pushed on the telcos. In the pre-iPhone days ALL SALES went through the phone company at exorbitant up charges.
When Apple introduced iPhone everybody made their online purchase with a separate iTunes account, not with their phone bill. Combine with the "all in one" plans that eliminated most common overages such scams mostly went away for normal, careful folk.
Re: (Score:2)
Re: (Score:2)
Just don't uncheck the box allowing third party software to be installed and you thwart this type of attack.
You do realize that is a big selling feature for the Android phones don't you? It "opens up a whole new world" for the user. The when the user gets owened, we can all blame it on the user.
Really, it's so much like the Windows world that I'm so happy to have abandoned. It's always someone elses fault. Always the customer's mistakes. The OS is secure, except when it isn't.
Not even wrong (Score:1)
Noooo, having the option of flipping the switch that says "WARNING: You're making me insecure" right there and then allows owner to do whatever he wants - even if it's not good for him - is extremely baaaaaaad thing.
Don't forget that Larry, Sergei and Eric stand behind your shoulder and basically push you to do it, because otherwise your Android device is useless, useless, I say.
We don't need choice, it's bad for security and requires us to - what gall! - to think and be responsible for our actions. Also, m
Re: (Score:1)
Your sarcasm doesn't change the fact that iOS is more secure specifically due in large part that it does the very thing you are mocking.
To rephrase, you are saying that Android isn't less secure, and then say how good it is that the user has the option to make it less secure...?
Yes, Android provides a bit more freedom. But that freedom comes with a cost, and you can't just mock that cost away.
Re: (Score:2)
Noooo, having the option of flipping the switch that says "WARNING: You're making me insecure" right there and then allows owner to do whatever he wants - even if it's not good for him - is extremely baaaaaaad thing.
You are ignoring that Larry, Sergei and Eric already have made that decision for the Chinese users, with no way for those users to go the opposite way.
Re: (Score:2)
Re: (Score:3)
If you don't know what you are doing, you have no business changing the security settings in the first place.
But that doesn't stop them from doing it. And yes, it's their fault. That gets us nowhere.
Putting dangerous things in the hands of people who don't know what to do with them is in itself dangerous.
Car analogy time. A friend of mine one time bought a performance vehicle and he was a gearhead. So he wanted to tune it a bit. He put together a box with which he could alter the timing, the fuel injectors, the turbo boost, and other params from his console. Pretty awesome, but by 50K miles, the engine was to
Re: (Score:1)
Anytime you think of an operating system as your security, you have already lost the battle. Security is a process and procedures, not a product, not software, and not an operating system. Android can be locked down securely as well as iOS. Just don't uncheck the box allowing third party software to be installed and you thwart this type of attack.
That's a nice theory, but why doesn't it match reality?
iOS has never had anything like this on non-jailbroken iPhones, while Android has, even on non-rooted phones that disallow apps from outside the Play Store/Android Market.
Re: (Score:2)
Considering right in TFA it states this particular malware was installed using infected third-party apps, saying this would work even on a phone set to not install third party apps seems a bit inaccurate.
Re: (Score:1)
If this is the case, you posting a citation proving it should be trivial. Or maybe your theory is nice, but it doesn't match reality...
You're right, it is trivial.
Citation 1 [thenextweb.com]
Citation 2 [in.com]
These were at the top of a simple google search, and are recent news items.
So yeah, maybe my "theory" (I presented no theory, just an observation of facts. You presented a theory. Please learn the difference) matches reality a bit better than yours.
Re: (Score:2)
(If this is in fact a theory, you certainly haven't disproved it.) Which is true in the case we are actually talking about. I never claimed that having that box checked would prevent ALL types of malware, but it certainly will prevent third party apps form being installed. If you can cite a source showing that an un-rooted Android phone somehow installe
Re: (Score:1)
The first citation lists: "146 of the 28,398 malware samples were found on Google Play"
And: "23,049 were potentially unwanted software (PUA), 13,639 of which came from Google Play."
Hell, even the title says "0.5% came from Google Play"
And your quote? "This means most users, at least in countries where Google Play is available, won't ever see these malicious apps."
Again, by saying "most", that means there will be some who do. Re-read my post and you will see I never came close to implying most, just that it
Re: (Score:2)
No, your *theory* was that the OS can't be relied upon for security.
Your words:
Anytime you think of an operating system as your security, you have already lost the battle.
The Android OS has a feature by which a user can completely bypass the most fundamental security involved.
I never claimed that having that box checked would prevent ALL types of malware, but it certainly will prevent third party apps form being installed.
No, you said the exact opposite, you said that an OS *can't* provide sufficient security. So, obviously your claim wasn't that there is no Android malware, quite the opposite!
iOS *doesn't* have a malware problem, due to the security mechanisms of the OS being tied to a curated App Store. Based on your words, this cannot happe
Re: (Score:2)
Funny thing is, even using land lines, you can get hacked. Steve Jobs and Wozniak first product was a blue-box [wikipedia.org] that allowed you to make long distance phone calls for free. At least they were sticking it to the man and not to the consumers.
I wonder, what they would be working on if they were 18yo today.
Re:Nope (Score:4, Insightful)
the also unsurprising factor is that this is happening in China, where the same responses for how to prevent this have been sent every week:
download things from official trusted sources only.
Re: (Score:2)
Pasted below is the same advice from TFA. Question is - who the hell do you trust? Unfortunately, Android opened the doors to all sorts of idiots developing crap, and there are no "trusted repositories". I guess it's safer to trust the phone company than some random developer from some random site. But, I'm not one to trust a phone company!
To avoid becoming a victim, please follow common-sense guidelines for smartphone security:
1. Only download applications from trusted sources, reputable application st
Re: (Score:3)
...or google could just section off the store - devs can submit, or submit for review and approval. wild west over here.. anything goes. these have been reviewed. they're safe.
i don't see a downside. the relative lack of app dollars going to google (vs. Apple) has to be at least partially because some people don't feel "safe"
if you get too many warnings from this.. http://www.androidpolice.com/2012/10/11/apk-teardown-the-play-store-is-getting-a-built-in-malware-scanner-theres-more-wish-list-progress-and-mor [androidpolice.com]
Re: (Score:1)
the also unsurprising factor is that this is happening in China, where the same responses for how to prevent this have been sent every week:
download things from official trusted sources only.
"Android is better than iOS because it has a 'Freedom' button. Oh, also, never press that 'Freedom' button. kthxbye!"
Re: (Score:2)
amount of things this has to do with freedom in correlation to IOS or android = zero.
please leave slashdot.
Re: (Score:1)
They have so many other ways to screw people, would they really resort to this?
Nevermind, I know the answer.
Re: (Score:2)
I would say "Whoosh!"
But in this case, I think it actually took his head clean off.
Re: (Score:1)
Re: (Score:3)
Of course the high profit venture has gone from 900 numbers to texting. The phone companies are once again in a position to help, but they won't.
Re: (Score:2)
It's simple. $2-$3 of that $9.99 went to the boss... And that INCLUDED charge backs.. So the phone company was dipping in both sides ... It was free money either way.
If State Attorney Generals forced phone companies to be half as honest as they forced Apple to be we wouldn't have these little chats.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Or just don't install every single app that promises you free bikini-clad-screencursors.
Re: (Score:1)
Or just don't install every single app that promises you free bikini-clad-screencursors.
"Apple is bad because they don't allow porn. Google is better because they do. Oh, btw, don't install porn apps."???
Re: (Score:2)
So? The point was, "don't install it". Go away you braindead monkeywanker.
Might be a monkeywanker, but there is a bit of truth to it. THe problem is that not everyone is a technical and OS security genius like you or me.
So yes, they do allow third party downloads - many of them have heard about them from the very salesmen who sold them their Android phone. I know I have. Free Software! ZOMG! Wait til I tell all my BFF"S! I had a salesman use the third party repositories as a selling point over iPhone because Apple wouldn't allow it.
I've spent a of of time cleaning up computer
All worried until... (Score:5, Insightful)
Upon further reading the infection vector is infected pirated Android apps sold/distributed in black market Android marketplaces. Cry me a river folks.
Re: (Score:3)
Re: (Score:2)
So if someone lives in a country where most devices come without Google Play Store... where should he get apps instead?
Amazon.
China not on Amazon's list yet (Score:2)
Re: (Score:2)
It's the largest Android customer base in the world. They have legal marketplaces provided by the carriers. My understanding is most phones are pre-loaded with MM (Mobile Market). Now if you're an English speaker you've got some problems with the market place, but you could root the phone and download a legit market app from Samsung or other reputable player.
Re: (Score:2)
where should he get apps instead?
I wasn't aware that "apps" were mandatory. I guess I must be doing it wrong (again...)
Re: (Score:2)
I wasn't aware that "apps" were mandatory.
If you didn't want apps, you would have bought a dumbphone instead of a phone that comes with Android.
Re: (Score:2)
Maybe I just wanted a big screen, decent camera, mp3 player and Angry Birds for less than the price of an iPhone
(actually my phone company gave me my Samsung Galaxy for free...)
iPhone 5 coming to China later this year (Score:2)
"Bill Shocker" Malware Controls 620,000 Android Phones In China
And if you didn't want malware, you'd have bought an iPhone rather than an Android.
I thought the iPhone wasn't officially out in China yet. That won't happen until later this year [telegraph.co.uk].
Re: (Score:1)
Apple's been selling iPhones in China since the iPhone 3. And yes, they sell the iPhone 5. Your rumour link is about a new model, not the already existing models.
Re: (Score:1)
where should he get apps instead?
I wasn't aware that "apps" were mandatory. I guess I must be doing it wrong (again...)
So, now you're doing it wrong if you install apps on Android?
Why is it that, somehow, China counts for Android, where all the non-Play, low quality Android phones are sold, but then when they get malware, all of a sudden they don't count? You want the good (numbers, "freedom") you gotta take the bad the comes along with it (crap phones, malware). People act like the ~70 of phones running Android are all Samsung Galaxy SIII's and Note 2's, and that if you install malware it's entirely your fault for not read
Re: (Score:2)
Installing random apps from untrusted source can cause malware infections. News at 11.
Re: (Score:1)
Installing random apps from the Google Play store can cause malware infections. But more to the point, in China, the Play Store isn't even available.
I'm just pointing out the blatant hypocrisy here. Android is "better" because it's open. But anyone who uses that openness gets blamed for anything bad that results from it. Android is touted as being used by more people so developers should write more apps, but a large portion of those people can't even use the Play Store to address that significant market seg
Re: (Score:3)
He should install the Google Play Store
Re: (Score:1)
Doesn't work, at least not on the last 3 Android phones I have had. I've been in China for 3 years now. I assume it might work on a rooted phone. Besides that, i can't even get the google play website to load half the time.
Re: (Score:2)
You may install a free software from that market and still get infected.
Android market is not available in every country. Two months ago I traveled to a specific country and Google Play would not allow login to me. When I asked why people said it has never been working in the country.
Not true (Score:5, Informative)
"Bill Shocker downloads in the background"
Not really true. You have to install an infected app to get it started.
what they should do on this (Score:2)
since the PHONE COMPANY gets a cut then the PHONE COMPANY should be on the hook for the profits.
it should be LAW that you must get Positive Confirmation for any charges either above 3(money units) or that are multiple charge type things.
Re: (Score:2)
"We don't care. We don't have to. We're the phone company"
Re: (Score:2)
Wait, wait, wait. Let me get this straight.
We gots us a malware thingy. The thingy acquires permissions to install itself. It's not quite clear that it is using "root" permissions, but it does have elevated permissions. Elevated enough to install software, at any rate. We've already bypassed everything on the phone, except possibly root, and probably BIOS.
Kindly explain WTF this "non-circumventable confirmation dialog" thingy might be. And, explain HOWTF it works. There's a special chip in the phone,
Trojans? In my Chinese pirate app store? (Score:5, Funny)
It's more likely than you think!
So it's just like this article, then?
And the infection vector? (Score:4, Insightful)
Let me guess... you have to manually install an apk from an untrusted source?
Re: (Score:3)
Yup.
Could just as easily infect a jailbroken iPhone this way.
This sort of infection vector is nothing to get excited about.
Re: (Score:3)
Yup.
Could just as easily infect a jailbroken iPhone this way.
This sort of infection vector is nothing to get excited about.
Last time I looked (a few months ago) some 38% of Chinese iOS users had jailbroken their phones and the trend was declining. China must be a small market for Apple since globally, only 10% of iOS users had bothered to jailbreak.
Re: (Score:2)
Re: (Score:1)
Yup.
Could just as easily infect a jailbroken iPhone this way.
This sort of infection vector is nothing to get excited about.
Except in China that's the only way to get apps, while on iOS you can get apps from the App Store.
So, what you are saying, is that Chinese people should not buy Android phones, and instead should buy iPhones, at least until Google opens the Play Store in China? Or just that they should buy Android phones and not install apps?
Re: (Score:2)
Can you name a reliable, trusted source for an Android phone in China?
Sites that are out, as they're not reliable or completely unavailable:
Google
Amazon
Re: (Score:1)
Better fix it then by downloading the app from that link in the article ... oh wait ...
Re: (Score:3, Interesting)
Android is not a "Linux variant". Android uses a Linux kernel, but it's not a Linux distro. It most certainly is not an established, trusted distro, such as Debian, Suse, or Redhat.
Various dope smoking fools, working for various companies have rolled their own flavors of Android, seldom consulting with real Linux enthusiasts. Each and every manufacturer rolls his own dope-soaked version of Android, then alters that dopey version to suit the whims of the telcos that are actually purchasing them.
If Android
Re: (Score:3)
I'd actually argue that Android has had more thought put into application security than the typical linux distro has.
Especially after it's been fucked up by idiots doing this sort of thing [rwxrwxrwx.net]
Re: (Score:1)
"Android is better because it's free. Any use of that freedom doesn't count."???
If Android is a Linux distro, then BlackXP, available via torrent, is a valid Windows release.
Only MS, and those they have agreements with, are allowed to modify and distribute customized versions of Windows. Android (and Linux) are licensed such that everyone is allowed to modify and distribute it.
You can't go around calling something has more freedom, then bitch when that freedom is exercised!
Re: (Score:2)
Didn't the Librarian just pass a ruling, that cellphones are NOT free? Suddenly, it's against the law to "jailbreak" or "unlock" a cellphone. Android has more in common with Apple than with Linux, in the "freedom" arena.
Re: (Score:2)
I'm not certain whether to call Android a linux distro or not. It clearly could be. And even were it one, there is NOTHING about linux that would prevent this same thing from happening. We aren't talking about a virus here, or a worm, we're talking about an application that the user installs. And no linux distro that I'm aware of prevents you from installing applications from untrusted sources. I frequently install software from a relatively unknown source. (Less so now that Sourceforge and GitHub h
As Much As I'd Like To Poke Fun At Android... (Score:2)
This CA
RICO prosecutions (Score:3)
RICO prosecutions would help. It's what should have been done with Spam in the early days when it started to become profitable.
Drag in the banks, the ISPs, and the other supposedly reputable service providers into the RICO prosecutions. Once a couple of well-known institutions get caught like this it would cut off the air supply of the illegal action and make it much, much more difficult.
By not doing this, we only encourage our supposedly legitimate institution to keep providing services to people who ac
Re: (Score:1)
RICO prosecutions would help. It's what should have been done with Spam in the early days when it started to become profitable.
Drag in the banks, the ISPs, and the other supposedly reputable service providers into the RICO prosecutions. Once a couple of well-known institutions get caught like this it would cut off the air supply of the illegal action and make it much, much more difficult.
By not doing this, we only encourage our supposedly legitimate institution to keep providing services to people who actually committing crimes.
My thoughts exactly.
Not a virus; virus self-replicate (Score:2)
This is NOT a virus; viruses infect a system, typically by modifying other existan executable files, and then self-replicate themselves. These are malware applications which have been installed by the users. In this case he notice, not covered in the summary, is that these applications are not designed to be malware, but rather they employ a free (as in gratis) SDK, which converts the phone in a zombie.
However, note that simply removing the applications should remove the "infection". The Android security mo
Re: (Score:2)
Well, it's also entirely possible that the malware roots the phone for the user (it has happened before). Plus there are many apps in the Play Store that require root - enough so that 4.2 includes sudo now and a way to manage it (it's called "device
Can someone explain how is it... (Score:2)
Re: (Score:3)
Easy - the history is implemented by the App, not the OS. If you ask the OS to send a message, it just sends it.
That is why if you send a text from messaging App A you don't see it in the history of messaging App B.
The real place to monitor history is at the provider level anyway - then it will cover history even across multiple phones, OS resets, etc.
The bigger issue here is that mobile providers are allowed to sell you a service you don't want to buy. If I were grand dictator one of my first edicts woul
Re: (Score:2)
Re: (Score:2)
Flamebait for Linux Fan boys (Score:1)
This is once again proof that an OS is only as good as it's implementation, configuration and install software.
woot (Score:2)
Running unsigned code from anywhere is awesome!
30+ years of this shit on desktop computers, and so it repeats on mobile.
China is a Cyperpunk Novel (Score:2)
The hacking, the spying, the amoral corporations/pseudo-governments, the omnipresent smog. China is looking more and more like neo-Shanghai.
William Gibson was right!
Re:Happy to have a Windows Phone (Score:4, Interesting)
"At times like these, I'm happy to have a Windows Phone."
Ok... but what about all the rest of the time? I was given an HTC 8x at work and asked to research the platform.. trying to use it as a daily driver and its just so frustrating coming from Android. You never realize how important a thriving app ecosystem is until you try to live with WP. I can deal with the wonky notifications and the limited "live tiles" vs widgets.. I guess. But looking through the app store is just depressing.
Re: (Score:2)
Re: (Score:2)
Let me start by fully admitting I am new to the device and may just not be finding things that do exist.
Things I used to do daily on my Android phone and haven't found an app for:
SSH client that works on WP8
RDP client that works on WP8
Google Talk client that actually works (found gchat but it disconnects a lot and never manages to bring in chat history so you just lose whatever messages happened while its d/c)
IRC client that stays connected while using other apps.. It seems they *all* lose connection the mi
Re: (Score:2)
In your particular case, I think that those apps will be coming soon for the Windows Phone. MS just cut off the Windows Phone 7 platform just
Re: (Score:2)
Yeah that's a fair assessment, and why i have avoided android this far and stuck with the "walled garden" of iOS.
It is an appliance, like a toaster or a fridge. We've gone through decades of malware on PCs, and it doesn't need to be that way.
I'll gladly trade the ability to pay a nominal development kit fee for a security cert and tools in order to have a more secure locked down device. Whether that means iOS, Windows Mobile, or whatever new platform provides a nice slick UI, good performance and an
Re: (Score:2)
Considering that the apps involved aren't in the Android Market you get the same benefit from just buying from the Android Market - it is just a lot less walled. Having the freedom to install anything you want doesn't mean that you should just run any exe file Aunt Tilly sends you.
Re: (Score:2)
Re: (Score:2)
So if I am only installing from a market, what's the advantage again?
The advantage of what? Buying a phone that is easier to use, more useful, less expensive, better designed, and more attractive? Or the advantage of being able to run whatever you want on it? Or were you just referring to the advantage of owning the phone that you paid for?