Forgot your password?
typodupeerror
Android China Security IT

"Bill Shocker" Malware Controls 620,000 Android Phones In China 138

Posted by timothy
from the it's-ok-they're-calling-the-premier dept.
Orome1 writes "A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the 'Bill Shocker' (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide. Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges."
This discussion has been archived. No new comments can be posted.

"Bill Shocker" Malware Controls 620,000 Android Phones In China

Comments Filter:
  • by Kagato (116051) on Thursday January 31, 2013 @10:39AM (#42750373)

    Upon further reading the infection vector is infected pirated Android apps sold/distributed in black market Android marketplaces. Cry me a river folks.

    • by tepples (727027)
      So if someone lives in a country where most devices come without Google Play Store, a country where even the manufacturers and carriers preload "black market Android marketplaces", where should he get apps instead?
      • by Guppy06 (410832)

        So if someone lives in a country where most devices come without Google Play Store... where should he get apps instead?

        Amazon.

      • by Joce640k (829181)

        where should he get apps instead?

        I wasn't aware that "apps" were mandatory. I guess I must be doing it wrong (again...)

        • by tepples (727027)

          I wasn't aware that "apps" were mandatory.

          If you didn't want apps, you would have bought a dumbphone instead of a phone that comes with Android.

          • by Joce640k (829181)

            Maybe I just wanted a big screen, decent camera, mp3 player and Angry Birds for less than the price of an iPhone

            (actually my phone company gave me my Samsung Galaxy for free...)

        • by node 3 (115640)

          where should he get apps instead?

          I wasn't aware that "apps" were mandatory. I guess I must be doing it wrong (again...)

          So, now you're doing it wrong if you install apps on Android?

          Why is it that, somehow, China counts for Android, where all the non-Play, low quality Android phones are sold, but then when they get malware, all of a sudden they don't count? You want the good (numbers, "freedom") you gotta take the bad the comes along with it (crap phones, malware). People act like the ~70 of phones running Android are all Samsung Galaxy SIII's and Note 2's, and that if you install malware it's entirely your fault for not read

          • by 0123456 (636235)

            Installing random apps from untrusted source can cause malware infections. News at 11.

            • by node 3 (115640)

              Installing random apps from the Google Play store can cause malware infections. But more to the point, in China, the Play Store isn't even available.

              I'm just pointing out the blatant hypocrisy here. Android is "better" because it's open. But anyone who uses that openness gets blamed for anything bad that results from it. Android is touted as being used by more people so developers should write more apps, but a large portion of those people can't even use the Play Store to address that significant market seg

      • by ZiakII (829432)
        So if someone lives in a country where most devices come without Google Play Store, a country where even the manufacturers and carriers preload "black market Android marketplaces", where should he get apps instead?

        He should install the Google Play Store .apk?
        • by Anonymous Coward

          Doesn't work, at least not on the last 3 Android phones I have had. I've been in China for 3 years now. I assume it might work on a rooted phone. Besides that, i can't even get the google play website to load half the time.

    • by wmac1 (2478314)

      You may install a free software from that market and still get infected.

      Android market is not available in every country. Two months ago I traveled to a specific country and Google Play would not allow login to me. When I asked why people said it has never been working in the country.

  • Not true (Score:5, Informative)

    by Joce640k (829181) on Thursday January 31, 2013 @10:40AM (#42750389) Homepage

    "Bill Shocker downloads in the background"

    Not really true. You have to install an infected app to get it started.

  • since the PHONE COMPANY gets a cut then the PHONE COMPANY should be on the hook for the profits.

    it should be LAW that you must get Positive Confirmation for any charges either above 3(money units) or that are multiple charge type things.

    • by MarkGriz (520778)

      "We don't care. We don't have to. We're the phone company"

  • by 0xdeadbeef (28836) on Thursday January 31, 2013 @10:54AM (#42750543) Homepage Journal

    It's more likely than you think!

    the infection uses the device to send text message to the profit of advertisers

    So it's just like this article, then?

  • by bickerdyke (670000) on Thursday January 31, 2013 @10:58AM (#42750573)

    Let me guess... you have to manually install an apk from an untrusted source?

    • by h4rr4r (612664)

      Yup.
      Could just as easily infect a jailbroken iPhone this way.

      This sort of infection vector is nothing to get excited about.

      • Yup.
        Could just as easily infect a jailbroken iPhone this way.

        This sort of infection vector is nothing to get excited about.

        Last time I looked (a few months ago) some 38% of Chinese iOS users had jailbroken their phones and the trend was declining. China must be a small market for Apple since globally, only 10% of iOS users had bothered to jailbreak.

        • by smash (1351)
          Apple has only been officially selling in China for a very small period of time as I understand it - like the last year or so?
      • by node 3 (115640)

        Yup.
        Could just as easily infect a jailbroken iPhone this way.

        This sort of infection vector is nothing to get excited about.

        Except in China that's the only way to get apps, while on iOS you can get apps from the App Store.

        So, what you are saying, is that Chinese people should not buy Android phones, and instead should buy iPhones, at least until Google opens the Play Store in China? Or just that they should buy Android phones and not install apps?

    • Can you name a reliable, trusted source for an Android phone in China?

      Sites that are out, as they're not reliable or completely unavailable:
      Google
      Amazon

    • Better fix it then by downloading the app from that link in the article ... oh wait ...

  • I think there is a LARGE measure of culpability (yes, I know that's the CRIMINAL term) for this on the part of the "Money Launderers" (the Banks, Telcos, and Governments involved in the "chain of custody" of these funds). Once alerted to this, the Police/"Justice Departments", not to mention the Telcos and Banks, in the country(ies) where the money is "landing" should be seizing bank accounts, taking down internet access, and generally making life a living Hell for whoever is PULLING THE DEPOSITS.

    This CA
    • RICO prosecutions would help. It's what should have been done with Spam in the early days when it started to become profitable.

      Drag in the banks, the ISPs, and the other supposedly reputable service providers into the RICO prosecutions. Once a couple of well-known institutions get caught like this it would cut off the air supply of the illegal action and make it much, much more difficult.

      By not doing this, we only encourage our supposedly legitimate institution to keep providing services to people who ac

      • by macs4all (973270)

        RICO prosecutions would help. It's what should have been done with Spam in the early days when it started to become profitable.

        Drag in the banks, the ISPs, and the other supposedly reputable service providers into the RICO prosecutions. Once a couple of well-known institutions get caught like this it would cut off the air supply of the illegal action and make it much, much more difficult.

        By not doing this, we only encourage our supposedly legitimate institution to keep providing services to people who actually committing crimes.

        My thoughts exactly.

  • This is NOT a virus; viruses infect a system, typically by modifying other existan executable files, and then self-replicate themselves. These are malware applications which have been installed by the users. In this case he notice, not covered in the summary, is that these applications are not designed to be malware, but rather they employ a free (as in gratis) SDK, which converts the phone in a zombie.

    However, note that simply removing the applications should remove the "infection". The Android security mo

    • by tlhIngan (30335)

      However, note that simply removing the applications should remove the "infection". The Android security model does not allow an application to "infect" the OS, unless the user has rooted the phone and runs the application as root (in this case, it's your fault).

      Well, it's also entirely possible that the malware roots the phone for the user (it has happened before). Plus there are many apps in the Play Store that require root - enough so that 4.2 includes sudo now and a way to manage it (it's called "device

  • ... that a program can evidently send a text message to someone else without that text showing up in the message history?
    • by Rich0 (548339)

      Easy - the history is implemented by the App, not the OS. If you ask the OS to send a message, it just sends it.

      That is why if you send a text from messaging App A you don't see it in the history of messaging App B.

      The real place to monitor history is at the provider level anyway - then it will cover history even across multiple phones, OS resets, etc.

      The bigger issue here is that mobile providers are allowed to sell you a service you don't want to buy. If I were grand dictator one of my first edicts woul

  • This is once again proof that an OS is only as good as it's implementation, configuration and install software.

  • by smash (1351)

    Running unsigned code from anywhere is awesome!

    30+ years of this shit on desktop computers, and so it repeats on mobile.

  • The hacking, the spying, the amoral corporations/pseudo-governments, the omnipresent smog. China is looking more and more like neo-Shanghai.

    William Gibson was right!

You can measure a programmer's perspective by noting his attitude on the continuing viability of FORTRAN. -- Alan Perlis

Working...