Forgot your password?
typodupeerror
Android Botnet Security

Massive Android Mobile Botnet Hijacking SMS Data 117

Posted by Soulskill
from the all-your-texts-are-belong-to-us dept.
wiredmikey writes "A mobile botnet called MisoSMS is wreaking havoc on the Android platform, stealing personal SMS messages and exfiltrating them to attackers in China. Researchers at FireEye lifted the curtain off the threat on Monday, describing MisoSMS as 'one of the largest advanced mobile botnets to date' and warning that it is being used in more than 60 spyware campaigns. FireEye tracked the infections to Android devices in Korea and noted that the attackers are logging into command-and-controls in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages. FireEye's research team discovered a total of 64 mobile botnet campaigns in the MisoSMS malware family and a command-and-control that comprises more than 450 unique malicious e-mail accounts."
This discussion has been archived. No new comments can be posted.

Massive Android Mobile Botnet Hijacking SMS Data

Comments Filter:
  • Re:MisoSMS (Score:4, Informative)

    by erikkemperman (252014) on Wednesday December 18, 2013 @04:47AM (#45723799)

    A million times this. Android's permission model is deeply flawed. You have to either accept or deny *all* that an app requests in its manifest, or you can't install.

    So as a developer, sure you could add a setting to your app's config pages to, say, turn of location services -- but the app still has that privilege. nothing for it but uninstalling.

  • Re:MisoSMS (Score:5, Informative)

    by Rob Simpson (533360) * on Wednesday December 18, 2013 @05:20AM (#45723929)
    No kidding. I had to look through dozens of "flashlight" apps to find one that didn't want my calendar, SMS, internet access, and GPS.
  • by Anonymous Coward on Wednesday December 18, 2013 @06:04AM (#45724083)

    The Google Play Store isn't available in China. My phone, an LG P-765, came preloaded with AnZhi [anzhi.com], a Chinese app store. I've seen more than a few suspicious apps on there. I actually download most of my apps from 3rd party APK download sites, like APKTop [papktop.com].

  • Re:Mf-droidisoSMS (Score:5, Informative)

    by nadaou (535365) on Wednesday December 18, 2013 @07:01AM (#45724309) Homepage

    > No kidding. I had to look through dozens of "flashlight" apps
    > to find one that didn't want my calendar, SMS, internet access,
    > and GPS.

    F-Droid [f-droid.org] is your friend.

    As always, FOSS means you don't have to put up with the bullshit.

    F-Droid build all apps they ship from source, including some sort
    of grep filter on permissions to catch (and then remove) any code
    which is not in the user's best interest, or at minimum flag and
    explain the issue in detail to let you decide for yourself.
    Otherwise-good apps with flagrant ad-ware or cripple-ware in it
    simply gets patched.

"Silent gratitude isn't very much use to anyone." -- G. B. Stearn

Working...