Forgot your password?
typodupeerror
Android Security IT

Targeted Attack Campaign Uses Android Malware 74

Posted by Soulskill
from the burdens-of-popularity dept.
Trailrunner7 writes "Android attacks have become all the rage in the last year or two, and targeted attacks against political activists in Tibet, Iran and other countries have been bubbling up to the surface more and more often. Now, those two trends have converged with the discovery of a targeted attack campaign that's going after Tibetan and Uyghur activists with a spear-phishing message containing a malicious APK file. Researchers say the attack appears to be coming from Chinese sources. The new campaign began a few days ago when unknown attackers were able to compromise the email account of a well-known Tibetan activist. The attackers then used that account to begin sending a series of spear-phishing messages to other activists in the victim's contact list. One of the messages referred to a human rights conference in Geneva in March, using the recipients' legitimate interest in the conference as bait to get them to open the attachment. The malicious attachment in the emails is named 'WUC's Conference.apk.'"
This discussion has been archived. No new comments can be posted.

Targeted Attack Campaign Uses Android Malware

Comments Filter:
  • Harvests info (Score:4, Insightful)

    by Dan East (318230) on Tuesday March 26, 2013 @05:05PM (#43285403) Homepage Journal

    The Android App harvests information (contacts, SMS messages, location, SIM data) and reports it back only when ordered to by the reception of a SMS message command. The location is particularly troubling because they can just keep pinging the phone to track the individual in real-time, then who knows what could happen next.

    • So you're saying this isn't a "malware" problem so much as it is a "Chinese government hacking dissidents phones to try to find other people to throw in jail for political speech."
  • by Anonymous Coward

    Any communication method you use can and will be compromised.

  • Whatever happened to the folks who claimed in +5 insightful posts that Linux has better security because of the superior Unix architecture? And that Windows malware, spyware, viruses and etc. were because of the crappy Windows code and not just because of popularity?

    As Macs grow more popular, so does the malware targeting it. And Android has a huge malware problem. Perhaps those posts were wrong?

    • by schitso (2541028) on Tuesday March 26, 2013 @05:30PM (#43285669)
      Regardless of the system, an incompetent privileged user is always going to be a vulnerability.
      • Then what's the solution when the median device owner has proven incompetent? Take away privilege from the general public and sell it back to interested adults for an annual fee? That's what Apple does on iOS.
        • by LDAPMAN (930041)

          Exactly right! That is the solution. To be able to do what you like you need $99/yr and enough knowledge to run Xcode. I think it's a pretty good solution.

          • by Nerdfest (867930) on Tuesday March 26, 2013 @08:04PM (#43287001)

            ... yeah, don't you need to buy a Mac as well? I think a check box in the settings works perfectly fine.

            • by drinkypoo (153816)

              ... yeah, don't you need to buy a Mac as well? I think a check box in the settings works perfectly fine.

              I'm sympathetic to the idea that it might be useful to make it a bit more difficult, like downloading a free app with the checkbox in, or executing an adb command. But it's ridiculous to expect the user to spend any amount of money to control their own device.

        • by schitso (2541028)
          Er, no? How about take away the privilege by default, and require that the user enable the ability install potentially insecure apps? Those of us who are responsible with our devices shouldn't have to pay the maker of our preferred OS to toggle a setting.
          • How about take away the privilege by default, and require that the user enable the ability install potentially insecure apps?

            That's what Android does (the "Unknown sources" checkbox) and what Mac OS X does (Gatekeeper choosing among App Store only, registered Mac developers only, or all executables). But you'll end up with the majority of users having enabled that ability and left it enabled because at some time in the past they wanted to see dancing bunnies [wikipedia.org].

        • There is no solution for stupidity. You accept that it will happen, try to mitigate it as best you can, and you move on. It's still not worth giving up your rights over.

      • Regardless of the system, an incompetent privileged user is always going to be a vulnerability.

        And that's why the malware problem on Android is so bad - the users are more incompetent than the iOS users.

    • by Threni (635302)

      I don't think anyone is saying:

      1) it's impossible to write a layer of abstraction above Linux, and
      2) for that system to support the installation of software outside of the control of the vendor of that layer of abstraction, and
      3) for that software to potentially perform some action the user isn't aware of

    • And that Windows malware, spyware, viruses and etc. were because of the crappy Windows code and not just because of popularity?

      Microsoft isn't off the hook by any means.

      There are still several orders of magnitude more malware for Windows than any other platform, despite Android overtaking it in the market. Android malware is also almost exclusively socially engineered, rather than exploiting OS flaws. The same can't be said for Windows.

      • Windows has a bigger install base than Android, and PCs are far more lucrative target than a weak phone with a weak data connection.

        Android malware is also almost exclusively socially engineered, rather than exploiting OS flaws. The same can't be said for Windows.

        What OS flaws? Reference? The vast majority of Windows malware is through downloads, like fake codecs.

    • by sgt scrub (869860)

      Windows being crappy code isn't the only complaint by any means. The fact that it is locked down so the user doesn't have control is as big a complaint. Having to hack your phone to gain control is a perfect example of lack of control.

    • "Whatever happened to the folks who claimed in +5 insightful posts that Linux has better security because of the superior Unix architecture?

      What has the actions of some user in installing malware got to do with the security of the architecture?
      • by drinkypoo (153816)

        More to the point, this has nothing to do with Linux security. The kernel is not being compromised in this exploit.

    • by AmiMoJo (196126) *

      It's worth pointing out that Android does everything right. By default "unknown sources" is disabled, so the user has to go and turn that on and see the warning. Then when they for install it tells them that the apple will know where they are, read their contacts, read SMS messages etc. Really if you are dumb enough to fall for this, especially when you know people are out to get you and basic online safety says don't install stuff from attachments then it's your own fault, not Android.

  • There is no concept of the worth of an individual. A person is only worth as much as he can be used by his rulers. Anyone who isn't enthusiastically supporting the rulers is considered subhuman to be disposed of like any other vermin.

    I really hope the US has a doomsday satellite in orbit because better humanity be wiped out that be subject to chinese rule.

  • by Anonymous Coward

    I am all for Tibet becoming independent of China. However, for Xinxiang and any other Uyghur lands, I don't. The Tibetans would happily settle down in peace (sorta like Bhutan) if made independent and left alone. The Uyghurs would probably try and enable Jihad in the neighboring Soviet '-stans' with the goal of getting a greater Turkestan made up of the Soviet '-stans' and Xinxiang, and gang up with Turkey for bigger Jihads

  • "Android attacks have become all the rage"

    Except a user tricked into downloading and installing malware from some third party location, in no way shape or form, relates to Android security !
    • by smash (1351)
      Just like Java exploits requiring the user to type their administrative credentials in relate to Windows or OS X security.
  • Let's click it. What is this, 1995?

I bet the human brain is a kludge. -- Marvin Minsky

Working...