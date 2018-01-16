Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Researchers Uncover Android Malware With Never-Before-Seen Spying Capabilities (arstechnica.com) 68

An anonymous reader quotes a report from Ars Technica: According to a report published Tuesday by antivirus provider Kaspersky Lab, "Skygofree" is most likely an offensive security product sold by an Italy-based IT company that markets various surveillance wares. With 48 different commands in its latest version, the malware has undergone continuous development since its creation in late 2014. It relies on five separate exploits to gain privileged root access that allows it to bypass key Android security measures. Skygofree is capable of taking pictures, capturing video, and seizing call records, text messages, gelocation data, calendar events, and business-related information stored in device memory. Skygofree also includes the ability to automatically record conversations and noise when an infected device enters a location specified by the person operating the malware. Another never-before-seen feature is the ability to steal WhatsApp messages by abusing the Android Accessibility Service that's designed to help users who have disabilities or who may temporarily be unable to fully interact with a device. A third new feature: the ability to connect infected devices to Wi-Fi networks controlled by attackers. Skygofree also includes other advanced features, including a reverse shell that gives malware operators better remote control of infected devices. The malware also comes with a variety of Windows components that provide among other things a reverse shell, a keylogger, and a mechanism for recording Skype conversations.

Researchers Uncover Android Malware With Never-Before-Seen Spying Capabilities

  • I find such things immensely distasteful. >.

    Hm. Gives me an idea for an app! appy app apps!

  • Three questions... (Score:4, Interesting)

    by Blinkin1200 ( 917437 ) on Tuesday January 16, 2018 @04:58PM (#55941753)

    1 - How can I tell if I'm infected?
    2 - Where can I get it?
    3 - How much does it cost?

    for testing purposes...

    • Re: (Score:2)

      by AHuxley ( 892839 )
      As a thought experiment? A fictional movie script?
      1. Police, security services or special forces at the door with vans waiting outside.

      2.. That needs some research. Go to a library and write out a long list on paper of a nations most sensitive mil/industrial/research/medical sites, contractors/gov services, mil sites, mil ports.
      Dont do that research online.

      Buy a small number of new cell phones that have a lot of community software and hardware support to see what the cell phone hardware and OS is

    • 1 - How can I tell if I'm infected?

      When you downloaded and installed the app.

      If you don't know if you downloaded or installed the app, you can tell it when your android device phoning home to a few ip like 54.67.109.199, or when it has one of these services that you do not initially have (AndroidAlarmManager, AndroidSystemService, AndroidSystemQueues, ClearSystems, ClipService, AndroidFileManager, AndroidPush, RegistrationService) or when your nonrooted device is somehow rooted. Source [securelist.com]

      2 - Where can I get

  • Sounds nasty (Score:5, Insightful)

    by DigitAl56K ( 805623 ) on Tuesday January 16, 2018 @05:08PM (#55941821)

    ... and let me guess, 90%+ of Anrdoid devices today will never receive updates that close all the exploits this thing takes advantage of.

    Android: For when you want to receive only semi-regular security updates for only a handful of models from a few manufacturers for a few years tops.

  • Google's habit of having everything in beta for nearly, or completely, its lifespan leads to things like this. The new features are the ones majorly being exploited. Accessibility getting around security? That is a major screwup considering that Android phones don't get regular updates. Some lower cost phones will never receive a patch and will be compromised for the entire time it is owned.

    • Re: (Score:1)

      by AvitarX ( 172628 )

      Accessibility pretty much must get around security.

      It needs to be able to read everything on the screen to function.

  • According to Conventional Wisdom(TM) Meltdown and Spectre are MUCH worse, leading to patchy BIOS updates, BSODs and varying levels of performance loss. Perhaps a dose of perspective, which this helps bring to the table, is in order - finally.

  • Tell me why, again? (Score:5, Funny)

    by Rick Schumann ( 4662797 ) on Tuesday January 16, 2018 @05:20PM (#55941915) Journal
    Tell me why, again, I should ever have a smartphone?

    But Rick, you can't be one of the cool kids if you don't have one!
    But Rick, you're a luddite if you don't have one!
    But Rick, you're not interesting enough for anyone to spy on!
    But Rick, you're obviously paranoid and wearing a tinfoil hat, you should just calm down and get one anyway!

    ..and all the other lame-ass crap people post when I say this.

    If you want what's left of your privacy, and actual data security preserved, GET RID OF YOUR SMARTPHONE!

    • If you want what's left of your privacy, and actual data security preserved, GET RID OF YOUR SMARTPHONE!

      Better get that Intel-chipped laptop out then...

    • Maybe just don't install random crapware?

      When I was working support, I didn't blame laptops when users repeatedly installed bonzy buddy on them. I blamed the idiots who kept doing it over and over, and then kept bringing me the laptop whining about how slow it was.

      I suppose you would have just taken away their laptops and told them to go back to using pencils and paper.

      • Read the article. Has nothing to do with installing anything. Your Android phone can be infected with this malware without you doing anything and you'll never even know.

        • Read the article. Has nothing to do with installing anything. Your Android phone can be infected with this malware without you doing anything and you'll never even know.

          Bullshit. Neither of the linked articles state anything to that effect. As a matter of fact, both of them state that the malware is primarily spread via "web landing pages" which mimick various carriers websites, and the original Kaspersky article gives example. All of their examples are links to APK files.

          So, essentially, what needs to happen is:

          1. User is somehow directed to a webpage which looks like a cellphone carriers website.
          2. Webpage asks the user to download an APK file.
          3. User downloads the

    • Re: (Score:2)

      by tepples ( 727027 )

      Tell me why, again, I should ever have a smartphone?

      Because netbooks made for* GNU/Linux are no longer sold in major U.S. electronics showroom chains. What's less bad between a smartphone (or Android tablet) and a Windows 10 tablet or laptop?

      * "Made for" means shipping with or otherwise warranted to run.

    • If you want what's left of your privacy, and actual data security preserved, GET RID OF YOUR SMARTPHONE!

      Whew -- good thing I just replaced it with a mobile multifunction, n'est ce pas?

    • Re: (Score:2)

      by antdude ( 79039 )

      Just get rid of everything like Internet, computers, etc. Go off the grid! :P

    • Tell me why, again, I should ever have a dumbphone?

      ..and to all the other tech nerds post when I say this.

      If you want what's left of your privacy, and actual data security preserved, Get rid of your dumbphone and GET A PIGEON!

      Pigeon not only looks cool but can also delivery your message securely and safely without all those phone / network connectivity nonsense. In addition, each pigeon comes with its own bird-droppings delivery feature which is prefect for targeting those on your most hated list, like y

  • This reads more like an advertisement. (Score:3)

    by Fly Swatter ( 30498 ) on Tuesday January 16, 2018 @05:26PM (#55941963) Homepage

    And less like a warning for a product that you can apparently find by looking towards an Italian Security company.

    -Remember that internet thing? It didn't end well.

  • I'm never giving up the dial phone hanging on my wall.

    • Make sure you ignore that resistor I placed across your tip/ring.
      Or that man down the way a little bit using a buttset. I'm sure he's not making LD calls.

    • Never gonna give, never gonna give, (Give you up!)

  • Skygofree is a reminder that so-called implant software sold to governments and police forces, sometimes in countries with poor human rights records, remains a threat to people using a wide variety of devices and operating systems.

    It looks like it is a product sold to security agencies and police forces around the world. They might force the installation of this software by the sellers in their countries, or install it once they arrest the dissident. It is a spyware alright, but it might not be a garden variety virus that infects you unbeknownst to you.

  • ... they have no reason to adhere to NDAs by the various terror... err, I mean spying... err, I mean not stupidity but "intelligence" organizations, and can finally leak all the nasty shit.

    I hope.

  • Kaspersky (Score:1)

    by Anonymous Coward

    Tell me again why I shouldn't get the antivirus that catches the real bad guys?

  • I came to this article thinking they were talking about Google Home!

