Android Malware Intercepts Text Messages, Forwards To Criminals 137
An anonymous reader writes "A new piece of Android malware has been discovered that can intercept your incoming text messages and forward them on to criminals. Once installed, the trojan can be used to steal sensitive messages for blackmailing purposes or more directly, codes which are used to confirm online banking transactions. The malware in question, detected as "Android.Pincer.2.origin" by Russian security firm Doctor Web, is the second iteration of the Android.Pincer family according to the company. Both threats spread as security certificates, meaning they must be deliberately installed onto an Android device by a careless user."
Is this really news? (Score:5, Interesting)
This'd only be newsworthy if it's installed via Google Play or another mainstream source. Otherwise, it's just stupid people paying the price for their ignorance.
Re:Is this really news? (Score:5, Insightful)
Since the one of the main talking point about android is the ability to side install apps.
Of course how can you be sure any app you install is genuine? Unless you write, compile and install it yourself and even that isn't 100% trustworthy.
So define ignorance when the professional have a hard time and the average person isn't smart enough to know what compiling is let alone do it.
Re: (Score:2)
Since the one of the main talking point about android is the ability to side install apps
That is always a problem with any OS which includes Microsoft Windows although most malware and viruses target that OS. Still to be fair in the majority of cases it is the unaware user that is at fault. Of course the unaware user is going to be the one to complain when in reality it really is their fault for not even taking the time to read up on basic computer etiquette and security awareness.
Of course how can you be sure any app you install is genuine? Unless you write, compile and install it yourself and even that isn't 100% trustworthy
You are dead right if the developer (private or commercial) is not very good at programming then the application th
Re:Is this really news? (Score:4, Insightful)
Well it's not difficult to type "make" as a normal user then test and when fully satisfied that the application works properly type "make install" as the system admin. But this means using the "command line" or a developer GUI which basically allows the developer to develop and maintain the application. However the average person does not know what the "command line" or even what a development GUI is or if they do think their brains will explode if they attempt it :)
I don't know why people seem to think typing "make" and/or "make install" somehow protects them from malware. Unless you've examined the code, line by line, and actually have the skills to understand it, you're just as vulnerable as someone running a random binary on a Windows machine.
Re:Is this really news? (Score:5, Funny)
Re: (Score:2)
It is quantum. He was using it before he bought it.
Re: (Score:2)
I don't know why people seem to think typing "make" and/or "make install" somehow protects them from malware. Unless you've examined the code, line by line, and actually have the skills to understand it, you're just as vulnerable as someone running a random binary on a Windows machine.
While that's very true in essence, and I myself am no programmer, so 99% of code is indecipherable gibberish to me (unless you count basic HTML, hah), the thing is that I figure the odds are very high that someone -if not multiple people- out there with the ability has examined the source, and if it had been found to have had malware, an alarm would've been sounded throughout the community.
Granted, that's no guarantee of safety, and I realize that, but it's a lot better odds than installing something pr
Re: (Score:2)
Well it's not difficult to type "make" as a normal user then test and when fully satisfied that the application works properly type "make install" as the system admin. But this means using the "command line" or a developer GUI which basically allows the developer to develop and maintain the application. However the average person does not know what the "command line" or even what a development GUI is or if they do think their brains will explode if they attempt it :)
You're missing the point. Even if user
Re: (Score:2)
It's a talking point because on Apple devices it isn't even an option at all. I'm highly doubtful that malware could spread effectively via sideloading.
Re: (Score:2)
Anybody who wants to have a meaningful discussion on this subject needs to read Ken Thompson's 1984 ACM article "On Trusting Trust [bell-labs.com]". In it he describes inserting rogue code into the compiler that recognizes when it's compiling a compiler and replicates into the executable of the compiled compiler - and so becoming persistent across a platform migration. This is just the transport mechanism. The payload is code that recognizes the Unix Login and subverts its security. Obviously, once the first compiler is
Re: (Score:2)
Well, that seems to require that the compiler could anticipate future languages and compiler architectures. Not completely unfeasible, but it would probably need some massive AI capable of reverse-engineering from a limited set of code.
How to know whether or not it's malware? (Score:2)
So how do you act, given that you don't know whether or not it's malware? You don't install it, because you think it might be malware. [...] There's no difficulty. It's that simple, to keep free of malware. It has nothing to do with whether or not you're a pro or how technically advanced you are.
But you do need to be "technically advanced" to "know whether or not it's malware". Otherwise, you end up installing nothing, and your device becomes equivalent to a first-generation iPhone running iOS 1, which runs only the included applications and web applications.
Re:Is this really news? (Score:4, Informative)
Yep, it's another AV vendor beat-up.
"The Australian Communications and Media Authority has published detailed statistics of malware infections identified by their online security team (AISI). The team scans and identifies and compromised computers on Australian IP addresses and reports daily to around 130 participating ISPs.
Their breakdown shows about infected 16,500 devices are online at any one time. The malware type for all infections is available on the site."
http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_600121 [acma.gov.au]
If you look at the breakdown of malware infected IPs, there are around 16,500 active infections at any one time. Around 20 Windows viruses make up more than 99% of all infections. In the "Other" section, there are around 100 active IPs with rarer Windows viruses, and Mac, iOS, Linux and Android infections.
In other words, the total of all Android malware is competing with space in the fraction of 1% of malware instances that aren't on Windows.
Re: (Score:1)
that is a terrible set of stats you are using
Do you have any better stats? Eg, stats that are not from an AV vendor trying to desert from the sinking Windows ship.
Re: (Score:3)
Unlike iOS, Android is sold in far more countries than the store supports (Apple obviously only sells iOS devices in places where they have an iTunes store - which is why some countries only have the App Store and no music, movies nor books).
One of these countries is... China. Which is a huge population and stuff is shared rather promiscuously, plu
Re: (Score:2)
There's always a tradeoff with the usefulness of smartphones.
When you select one, you get to choose between having a really useful phone which allows you (the owner) to do what you want with it, or stopping you doing what you want and also stopping you doing something risky.
You've just chosen to go a long way towards the useless end of the scale.
Re:Is this really news? (Score:5, Informative)
I have moved apps to external sd cards, my devices don't boot loop...
The problem with android (and this problem occurs on windows as well to a lesser extent) is all the oems/carriers that think they know best and put out heavily kludged versions, introducing all manner of bugs and breaking standard functionality.
As for background apps, android *allows* background apps because such a feature is useful for users... You just have to choose background apps which are well written. Don't blame the os for shoddy applications.
Which can mean choosing no app at all (Score:2)
You just have to choose background apps which are well written.
On Android, it's possible for the only applications that perform a given task to be applications that are not well written. For example, they might all use polling instead of pushing [slashdot.org]. On one of the more curated platforms, a user doesn't have to worry about several major categories of poorly-written applications because developers can't get the application onto a user's device unless it avoids the known poor practices.
Re: (Score:2)
The SD card bootloop problem is well known and spread across a large number of devices. Take a look [slashdot.org].
It is not any app causing the problem, it's Android itself. It's suspected that it happens either after a certain number of apps/files are moved or a certain amount of space is used by apps on the SD card.
Well, my N1 doesn't have an issue - either with stock Android or Cyogenmod7 - where I more heavily moved apps to the SD card than with Stock since stock wouldn't allow some apps to go to SD Card, while a lot more can with C7.
It's mostly likely due to something that the OEMs/Carriers did by allowing some critical piece of software to be moved to the SD card.
And the only "boot loop" issue I had was a memory allocation issue by the Activity Manager completely unrelated to whether or not the SD card was p
Re: (Score:2)
Wait, what? you can't write emails or use calender while not connected to the network? what app are you using? I have a stock Nexus 4 with exchange, imap, and gmail accounts and I can use all 3 in airplane mode - just can't sync or send.
oh nevermind, you're just trolling.
The "phone" in smartphone (Score:2)
Why isn't it a function of the os to know what app is shoddy and what is not?
Because the user expects the device to make sure that the "smart" capability doesn't get in the way of the "phone" capability, especially for urgent calls.
Re: (Score:1)
Logic fail.
Justin Bieber has millions of fans too. I guess that makes him a fantastic musician.
Additionally, by the same logic, that makes Windows a superior desktop OS to any of the Linux distros.
lol, but Windows is prefered choice for Desktop.
Re: (Score:1)
Logic fail. Justin Bieber has millions of fans too. I guess that makes him a fantastic musician. Additionally, by the same logic, that makes Windows a superior desktop OS to any of the Linux distros.
lol, but Windows is prefered choice for Desktop.
Only b/c of legacy software.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Re: (Score:3)
You don't need AV. If you're not sufficiently clued up then you shouldn't enable settings intended for developers, in its default setting android won't let you download and execute arbitrary apps from random websites.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
oh come on people that was worth a +1 funny mod not -1.
FUD. Must be a slow news day (Score:3, Interesting)
From TFA,
Although Doctor Web doesnâ(TM)t say so, the good news here is that Pincer2 is not likely to be very prevalent. It has not been found on Google Play, where most Android users should be getting their apps, and appears to be meant for precise attacks, as opposed to being aimed at as many users as possible.
In short, this malware threat isnâ(TM)t one that you will likely be hit with, but it is an interesting example of how Android malware is evolving.
Re:FUD. Must be a slow news day (Score:4, Insightful)
In short, this malware threat isnÃ(TM)t one that you will likely be hit with, but it is an interesting example of how Android malware is evolving.
For suitably uninteresting values of 'you', perhaps. But standing at a bus stop and spotting someone sharply-dressed, I could ask to use their phone to make a quick call for [insert excuse here], and in a few seconds, install similar malware.
A few weeks later, all your bank accounts zero. Do you remember me?
Why did you even ask? (Score:2)
But standing at a bus stop and spotting someone sharply-dressed, I could ask to use their phone
You just had to get close enough to have it automatically installed over NFC. No need to have your face ever seen.
Or just install it under a bench at the bus station and have it email you the targets acquired remotely along with images and recordings of whatever conversations they might have had there.
Re: (Score:2)
I see we're going to get all secret agent style here. Except that people spreading malware are low-impact criminals, so I don't see this happening either.
Re: (Score:1)
You just had to get close enough to have it automatically installed over NFC. No need to have your face ever seen.
And does anyone actually trust NFC enough to leave it enabled? Not me, anyway. Same applies to bluetooth.
Re: (Score:3)
Lots of people leave Bluetooth enabled because they use it pretty often - car audio, headsets /speakerphones.
NFC I would think you'd leave enabled if you really used it for payments, otherwise it would be almost as slow as a normal credit card.
Re: (Score:2)
You could? Don't you think they'd notice when you're opening the browser and typing URLs rather than making a phone call?
Re: (Score:1)
I know I could ask Verizontal to block all texts, but I feel I need to retain the capability in case of a family emergency), but they tend to come in at all hours of the day and night.
I still think it's crazy that you have to pay to receive messages in some countries.
Don't you have a "Do not Call" registry?
Re: (Score:2)
I still think it's crazy that you have to pay to receive messages in some countries.
In the UK, the mobile companies just charge absolutely stupid amounts to the people calling them. It's much, much cheaper to phone anywhere in the world on a landline than it is to phone a mobile 10 yards away from you (unless you have a "special deal"). That's how they make their money.
It's the biggest scam of all time - just let the landline customers pick up the tab...
Re: (Score:2)
The answer is of course that it is easier to build certain apps on Android, so even if you stay in the walled garden, you end up with more stuff because it is not as well guarded. Which leads to the occasional pest. It is a trade off.
What I don't understand is how this poses a security risk. Sure your personal discussion and naked photos will be i
Re: (Score:1)
Anyone who uses the term "FUD" is an ignorant twat. Google Play isn't available on Android phones sold in China and many other countries, moron.
careless user (Score:4, Insightful)
So any malware that depends on users being careless will be a huge success. The other key will be ease of use.
That being said, I generally stick with my brother's rule: "I wouldn't transmit it electronically if I wouldn't want it on the front page of a national newspaper." My niece texted me her password the other day; I pointed out the error of her ways.
I did just come up with an app for Google glasses. You send someone encrypted messages that are displayed on their screen as a QR code. Their glasses decrypt it temporarily while it is in view. The phone can't decrypt, the glasses don't store. Glasses can still get hacked though but at least you do not have a plaintext message store.
Re: (Score:2)
Did you just hurp when you meant to derp?
Re:This is why I hate Android (Score:4, Insightful)
Kind of funny, isn't it...
Windows malware? Blame Microsoft.
Android malware? Blame the user.
Re: (Score:2)
Any story about Windows malware will have plenty of posts about it being the user's fault and how they have never had a virus blah di blah noscript blah di blah
Re: (Score:2)
If you're trying to point out hypocrisy, you miss. The WIndows OS code is so full of security holes it's pathetic... and yes, that is squarely Microsoft's fault. Android/linux is much much better, and when we're talking about malware that specifically must be cert-installed by a user, yes, the user is most definitely complicit. Get off your high horse.
Re: (Score:2)
Very nice troll from an Anonymous Coward.
Microsoft deliberately obfuscates the controls for their operating system and Android does not.
To put it another way: You can not defend yourself in a Microsoft world but you can defend yourself in a non-carrier ROM Android world.
Cheers
Re: (Score:1)
Every iPhone that can be jailbroken is also running around with a phone that has known vulnerabilities.
As far as I know, that means all of them.
--Jeremy
http://lmgtfy.com/?q=iphone+trojan (Score:2)
16.9 million results.
No platform is safe from user stupidity.
Re: (Score:2)
Android outsells iPhone globally by about 4 to 1. Given that their search hits are ballpark similar to those of iOS, a sensible person must conclude that Android is around 4 times safer.
Or that you've chosen a pointless metric to measure by.
Re: (Score:1)
Google result #s, that MUST indicate the security of one platform with another. I don't like iPhone/Apple in the slightest but come on. You insult computer security with such nonsense.
Let me PARSE that for you (Score:5, Interesting)
16.9 million results.
But what can any iPhone trojan actually do? It's limited to sending contacts (and that only IF the user allows it at the time it tries to access the contacts, not on install). It can send the users location IF the user agrees to have the location accessed, at the time the app tries to access location (not on install). It can send your photos to them IF the user agrees to allow access to get to the photos... you get the picture.
What CAN'T it do? It can't access or send SMS messages. It can't access or send email messages (at least not without the user hitting send on the email). It can't make a phone call without the user saying "why yes I would love to dial that number now which is clearly displayed to me in full".
The issue is that because Android makes you agree to what it can do up front, most non-technical users will simply agree to anything, and then the app can really DO anything it likes to the user. There are safegaurds technical users can install; but they are exactly the people who do not need protection or help!
Android is a platform built for the pleasure of the technical elite, with a promise to non-technical users of being their gateway into the new world of mobile computing. But that is a lie; it's simply a PC you can put in your pocket that brings along for the ride every ill ever conceived of on a PC and more besides.
Android could go a long way by simply grantng permissions for things at the time the app wants them as iOS does; but even then the fundamental problem is that there are so many permissions that extend so deep into the system that it allows apps to do things like intercept SMS. You can't take those away now without technical users crying foul, but the cost to non-technical users is monstrous.
Re: (Score:2)
Android is a platform built for the pleasure of the technical elite, with a promise to non-technical users of being their gateway into the new world of mobile computing. But that is a lie; it's simply a PC you can put in your pocket that brings along for the ride every ill ever conceived of on a PC and more besides.
This is modded interesting, here?
Android is in what way a platform for the technical elite? It is outselling Apple's offerings 4:1. It is easy for people to install what they like on it... th
Re: (Score:2, Insightful)
It is outselling Apple's offerings 4:1
Yes, because it's installed on every cheap phone around - that are mostly being used as phones. I have an Android phone myself because it was an easy thing to pick up when I lived in Europe for a short while, but it was so slow and dysfunctional all I could really use it for was tethering data to my iPhone...
I mean it's pretty telling that even when you are supposedly outselling another platform by a factor of four, the platform being outsold manages to outUSE you in t
Re: (Score:2)
iOS users are more free, because they are free from worry
You do have some strange definitions, don't you? So long as you define "freedom" to be "anything a non-technical user cares about" which is presumably and far more narrowly defined as "anything an iPhone user is allowed to do", then "worry" about that oh-so-scary malware threat that's rampaging outside the Apple walls (but never ever inside) suddenly becomes the only issue anyone could possibly care about.
You love to characterise all Android phones as cheap and worthless, while not only ignoring the wide ra
Re: (Score:2)
I think this is where Android's diversity gets it into a few different categories. At the high-end market, Android is for the technical elite. I can run a python interpreter and do some programming and run some custom apps that take advantage of the more arguably powerful hardware and hardware feature set that high Android phones offer vs iPhone and low end Androids. At the mid to low end market, Android is for consumers who just want to consume media and easily download apps. The statement that Android out
Re: (Score:2)
In terms of internal OS security, both iOS and Android are quite secure. Very few exploits exist for recent versions of each, though older & less-secure Androids are of course more common. In terms of the application stores, both are quite safe, with very low incidences of malware. Apple's store policies are arguably more stringent (though certainly not perfect), but users on either platform are highly unlikely to run into malicious apps, at least if they stick with the default settings.
It is of course
Re: (Score:1)
Re: (Score:2, Informative)
If the platform is so safe, why does Apple have to review and sign every app before it's allowed to run? There's no need to do that if your platform is free of exploits.
Re: (Score:3)
If the platform is so safe, why does Apple have to review and sign every app before it's allowed to run?
Because trojans can use legal API's to do work, and defense in depth means that there is actually depth to your defense.
Re: (Score:2)
This, of course, applies to both platforms. How, then, is running programs from outside the Google Play store is any less safe on Android than running programs from outside the App Store would be if iOS permitted it.
Re: (Score:2)
That's an irrelevant angle to argue because Apple has negated it completely. I suspect that having to check a box to load non-Play Store apps is just as effective in curtailing the sources of infection.
Re: (Score:2)
This, of course, applies to both platforms.
Not really, because even the Play apps have far greater reach into the Android system than iOS apps.
running programs from outside the Google Play store is any less safe on Android than running programs from outside the App Store would be if iOS permitted it.
iOS does permit it, when jailbroken. And it's not as safe - but the system still has the inherent sandbox for apps that you run, and people technically apt enough to handle the ability to jailbreak can also pro
Re:This is why I hate Android (Score:4, Insightful)
The Apple App Store is not immune to malware, but does offer some level of protection and once a threat is spotted in the wild corrective action can be taken by the platform. I know a lot of people who went to droid and bragged about how "open" the platform was and not limited to any one store and that it was 1985 with Windows vs Mac again only this time with Android playing the Windows role. And I agreed with them. Android will become the windows of mobile devices. Complete with the viruses and malware windows users have come to know and love.
Re: (Score:2)
The potential for Malware is just too high. Every geek will 'blame the user' but it's time to take responsibility and blame the platform
Like in real life, security and freedom are two divergent (if not opposed) directions. Assigning the blame is quite a cheap way to avoid assuming the responsibility for one's actions.
Re: (Score:2)
I love the fear mongering. Do you own Apple stock?
Re: (Score:2)
I love the fear mongering. Do you own Apple stock?
No. I have no vested interest in the success of any mobile platform whatsoever. How about you?
Then I guess I don't care (Score:4, Insightful)
Re: (Score:2, Interesting)
The install-type permissions model for Android has some serious flaws and even though I don't like Apple's strict requirements for getting into the app store, I think the iOS security sandbox is much better.
For example, I occasionally use Skype on my iPhone for video calls with my folks, but I don't want Skype(MS) to have access to all of my contacts either. On Android, I have no choice but to hand it over because the app requested access to my contacts in its permissions list. On the iPhone, the only way
Exactly! (Score:3, Interesting)
What people miss is that iOS is MORE customizable for users by default in the ways that matter most. As you say, Skype having my contact list? Hell no!
Or Google Maps app having my location or contacts or anything whatsoever? Don't think so! All I have to do is say no, but I'm still using the app.
Re: (Score:1)
in the ways that matter most.
To you, perhaps. What was it you were saying about batteries? Most users don't want to change them? Well most users don't give a shit about Skype seeing their contacts, either. They just want it to work. In fact, Skype having automatic access to their contacts is a beneficial feature to the non-paranoid, because it's very convenient.
Also, I wonder how long you'll keep this double-think talking point. "Slavery is freedom!"
And EVERY JAILBREAKABLE iPHONE is vulnerable to malware that can completely bypas
Re: (Score:2)
Everyone is so quick to rush to the soapbox and preach how wonderful their platform of choice is and how awful the others are
Not true. Load of folks on this thread are preaching about how stupid users are. I don't care if my computer is part of a botnet, as long as the thing is still working .. it's not my problem. Want my computer / telephone / answering system / car ECU not to be infected by the random waste of the internet? Make a computer which doesn't get infected by the random waste of the internet.
You can put in all the effort you want to educate me about your problems, they're still your problems.
No big deal (Score:2)
Since most of my texts are intended for criminals anyway, this doesn't seem to be that big of a deal to me.
Re: (Score:2)
You have to be root in order to chown it...
Ofcourse you could always chown it to root and make it setuid, then other users could run it too.
Re: (Score:2)
I'm half tempted to come back to this thread in three days and type, "Damn you!" It is, of course, too late for that now.
Good. Maybe now... (Score:2)
Maybe now they will stop thinking of Cell Phones as a "trusted" device. It's not really. Very easy to lose, very easy to steal, and it's supposed to be a trusted source for two factor authorization?
Not clear - "forward to criminals" (Score:2)
I would like to know why Google keeps this forward-to-criminals API in their SDK?? I hope they are responsible enough to pull this API and keep only forward-to-police one.
I don't feel well when my device can communicate with criminals in any way, and I believe Google will address this!
TIA Google!
I have my service provider block 5 digit codes. (Score:1)