Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Malware Posing As Official Google Play Store Evades Most Security Checks

timothy posted about 5 months ago | from the ok-ok-using-ios-doesn't-count dept.

Android 100

DavidGilbert99 (2607235) writes Mobile malware on Android is nothing new, but now security company FireEye has discovered in the Google Play store a sophisticated piece of malware which is posing as....the official Google Play store. Using the same icon but a different name, the malware is not being detected by the vast majority of security vendors, is difficult to uninstall and steals your messages, security certificates and banking details.

Sorry! There are no comments related to the filter you selected.

Link? (4, Interesting)

Anonymous Coward | about 5 months ago | (#47273317)

Dear submitter,

Link me to an article. I don't want to search for the company's announcement, and I don't want to just take your word for it.

Re:Link? (5, Informative)

DavidGilbert99 (2607235) | about 5 months ago | (#47273693)

Here is the link: http://www.ibtimes.co.uk/malwa... [ibtimes.co.uk] I submitted it to Slashdot but it failed to publish it.

Re:Link? (0)

martiniturbide (1203660) | about 5 months ago | (#47274321)

I think that David Gilbert (Author of the post and article) has lost half of the dose of the slashdot effect for forgetting the link :)

Good luck next time.

Re:Link? (1)

Nyder (754090) | about 5 months ago | (#47274769)

Here is the link: http://www.ibtimes.co.uk/malwa... [ibtimes.co.uk]
I submitted it to Slashdot but it failed to publish it.

Well, that is what editors for and instead we get timothy.

Uh... (2, Insightful)

msauve (701917) | about 5 months ago | (#47273319)

Can I buy a link? Timothy strikes again.

Re:Uh... (-1)

Anonymous Coward | about 5 months ago | (#47273443)

Timothy is a fucking moron, always has been

Re:Uh... (0)

Anonymous Coward | about 5 months ago | (#47294267)

I heard he is gay too.

Umm.. (1)

Anonymous Coward | about 5 months ago | (#47273335)

If you're dumb enough to download the Google Play store FROM THE REAL GOOGLE PLAY STORE THAT YOU'RE ALREADY ON... then you deserve to get some malware.

Re:Umm.. (3, Insightful)

Jiro (131519) | about 5 months ago | (#47273423)

The malware is named "Googl app stoy".

If you're dumb enough to download something spelled that way, you deserve, well, almost anything.

Re:Umm.. (0, Flamebait)

BasilBrush (643681) | about 5 months ago | (#47273651)

So blame the user rather than the Google Play store for listing the app?

Apple manages to keen their app store malware free, why can't Google?

Re:Umm.. (0)

Anonymous Coward | about 5 months ago | (#47273731)

Apple manages to keen their app store malware free, why can't Google?

Citation required

Re:Umm.. (4, Funny)

Anonymous Coward | about 5 months ago | (#47273887)

Citation required

"Apple manages to keen their app store malware free, why can't Google?"
-- BasilBrush, Slashdot comment #47273651

There ya go...

Re:Umm.. (0)

Anonymous Coward | about 5 months ago | (#47274455)

Here ya go...

http://www.pcworld.com/article/2099421/report-malwareinfected-android-apps-spike-in-the-google-play-store.html
http://antivirus.about.com/od/wirelessthreats/a/Is-Google-Play-Safe.htm
http://www.cnet.com/how-to/malware-authors-target-android-phones/
http://www.techrepublic.com/blog/google-in-the-enterprise/malware-in-the-google-play-store-enemy-inside-the-gates/
http://www.cbsnews.com/news/google-play-store-suffers-from-malware/
http://www.forbes.com/sites/gordonkelly/2014/03/24/report-97-of-mobile-malware-is-on-android-this-is-the-easy-way-you-stay-safe/
http://www.digitaltrends.com/mobile/who-can-fight-android-malware-not-google/#!0XLpz
http://venturebeat.com/2013/06/26/254158-android-apps-are-malicious-as-mobile-malware-skyrockets-614/
http://arstechnica.com/security/2014/04/covert-bitcoin-miner-found-stashed-in-malicious-google-play-apps/
http://www.dazeinfo.com/2014/06/18/google-inc-play-store-malwares-android-apps-infected-2014/
http://www.androidcentral.com/google-removes-32-apps-google-play-over-malware-concerns

Re:Umm.. (1)

FreedomFirstThenPeac (1235064) | about 5 months ago | (#47282899)

Mine this set and I'll bet you find ONE (1) real statement and 10 that use that statement (directly or indirectly).

Re:Umm.. (1)

gstoddart (321705) | about 5 months ago | (#47273993)

Google also allows Android to be set to allow installation from 3rd parties.

So, if you explicitly enabled that, and downloaded something from a shady source ... well, you may have shot yourself in the foot.

If this came from the Google Play store, then Google has a problem. If this came from a 3rd party store, then the user has a problem. And if this came from a vendor's proprietary store the vendor has a problem.

I think it comes down to "where did this package come from, and what did you need to do to install it?"

Re:Umm.. (1, Informative)

BasilBrush (643681) | about 5 months ago | (#47274137)

TFA (Which the editor neglected to post) says it came from the official Google Play store.

http://www.ibtimes.co.uk/malwa... [ibtimes.co.uk]

Re:Umm.. (1)

mythosaz (572040) | about 5 months ago | (#47274675)

We couldn't find anything for your search - "Googl app stoy".
Suggestions:
Make sure all words are spelled correctly.
Try different keywords.
Try more general keywords.

Try again.

Re:Umm.. (1)

BasilBrush (643681) | about 5 months ago | (#47274803)

Well of course they've taken the malware down now. Duh!

Re:Umm.. (1)

mythosaz (572040) | about 5 months ago | (#47275659)

Isn't that exactly what's supposed to happen?

Malware discovered and removed. News at 11.

Re:Umm.. (1)

BasilBrush (643681) | about 5 months ago | (#47284793)

No, removing malware after it's been news on the internet is not what's supposed to happen. What's supposed to happen is that it doesn't get on the store in the first place.

Re:Umm.. (1)

St.Creed (853824) | about 5 months ago | (#47277051)

The sophisticated piece of malware - called "Googl app stoy" - was discovered in the official Google Play store by security company FireEye who then worked with Google to remove the app.

RTFA.

Re:Umm.. (1)

Dishevel (1105119) | about 5 months ago | (#47275817)

It did. But let me state right off the bat. For each individual that downloaded and ran Google App Stoy ... Good. Let your bank account be pwnd. Let your email get taken over. I am ok with your life being ruined because you are an unthinking being. Bye.

Re:Umm.. (1)

david_thornley (598059) | about 5 months ago | (#47282031)

Never knew anybody with dyslexia, did you?

Re:Umm.. (1)

Dishevel (1105119) | about 5 months ago | (#47282307)

430 Downloads with a publisher that is not Google and a bad name.

How much does it take before you decide a person has no responsibility in their own problems?

More to the point though. Why are people so interested in things not being their fault? My children are taught that the only place you should look when things go bad is to yourself. What could I do differently to get the outcome I desire? When you have no responsibility in the problems in your life you have no power over their solution. With responsibility comes power.

Re:Umm.. (1)

david_thornley (598059) | about 5 months ago | (#47289613)

I'm explaining why "Googl App Stoy" might look reasonable to somebody, for perfectly legitimate reasons.

More to the point: why do you want such consequences for people who do something stupid? Bank account pwned, email taken over, that sort of thing. It isn't going to stop people (including dyslexics) from doing stupid and trusting things. You seem to be hoping that bad things happen to people who make mistakes.

Re:Umm.. (1)

Dishevel (1105119) | about 5 months ago | (#47291989)

Bad things should happen to people who do not are thoughtless.

Bad things should happen to people that take out a speculative loan on their home hoping the can always refinance.

Bad things should happen to motorcycle riders in tank tops and shorts pulling wheelies.

Bad things should happen to people that get tattoos on their face.

Bad things should happen to a lot of people.

Re:Umm.. (1)

FreedomFirstThenPeac (1235064) | about 4 months ago | (#47306475)

"You can make a Slashdot signature quote seem authoritative by attributing it to a famous person" - Sun Tzu

Citation? My references attribute this to Buddha.

Re:Umm.. (0)

BasilBrush (643681) | about 5 months ago | (#47284903)

It did. But let me state right off the bat. For each individual that downloaded and ran Google App Stoy ... Good. Let your bank account be pwnd. Let your email get taken over. I am ok with your life being ruined because you are an unthinking being. Bye.

So when you get older, and maybe get Alzheimers, it's OK if you get ripped off as an easy target, because you are an unthinking being? Or if you travel and end up getting ripped off because you don't read the foreign language very well. In fact it's not just OK, we should all celebrate because you have lost a lot of money.

You know something, by posting what you did there, you've made a pretty good case for you not being a thinking being now. Or at least not a mensch.

Re:Umm.. (1)

Dishevel (1105119) | about 5 months ago | (#47285035)

Say what you want. The truth is we coddle people too much.

Take a look at the backing crisis. Now given the banks are mostly pieces of shit and should never have been bailed out but ...

Some asshole who took out loan on a house that says you will pay $X for Xmonths then we will raise it to $X for Xmonths on the speculation that the housing market will go up forever and he can make a bunch of money is ok by me. If he wants to speculate to make money I am fine with that. But we need to do HARP for these fuckers?

I did not take out extra loans on my house to try and cash in. That fucker gets rewarded? He gets to keep the cash and have his payments reduced? Personal Responsibility learn it. Live it. If you make an agreement to pay. Just because the value of your house goes down does not excuse you from your agreement.

Fuck every one of them and Fuck the politicians that gave my money to them.

Re:Umm.. (0)

BasilBrush (643681) | about 5 months ago | (#47285421)

I hope that age will bring you peace.

Re:Umm.. (0)

Anonymous Coward | about 5 months ago | (#47274003)

Except for, you know, the studies that have found that even trustworthy apps from Apple's store leak more personal data than stuff you get from Google Play. But because an obviously malicious app was available, even temporarily, all of Google Play sucks!

Re:Umm.. (0)

Anonymous Coward | about 5 months ago | (#47275033)

If they were females.\, I would say g00gl is a sadistic beotch.. and enjoys f#cking with EVERY BODY, but who's comparing apples to lemons?

Re:Umm.. (1)

doccus (2020662) | about 5 months ago | (#47283179)

So blame the user rather than the Google Play store for listing the app?

Apple manages to keen their app store malware free, why can't Google?

Well, who'd be dumb enough to think that "googl app stoy" is a legit app?

Re:Umm.. (1)

doccus (2020662) | about 5 months ago | (#47283229)

So blame the user rather than the Google Play store for listing the app?

Apple manages to keen their app store malware free, why can't Google?

Well, who'd be dumb enough to think that "googl app stoy" is a legit app?

Just noticed someone else mentioned it's name as well.. Well, I suppose if downaroder have rearry bad engrish it's possible...

Re:Umm.. (1)

BasilBrush (643681) | about 5 months ago | (#47284757)

That's wooly thinking. If your security relies on you spotting a badly spelled app name, you have no security against all those malware authors that didn't misspell their malware.

Furthermore, why did Google not notice the app name and icon ripped off from their own app? Because there is no security on their store. Google will sell anything anyone uploads. Again this cannot happen on the Apple App Store.

Re:Umm.. (1)

mythosaz (572040) | about 5 months ago | (#47274663)

We couldn't find anything for your search - "Googl app stoy".
Suggestions:
Make sure all words are spelled correctly.
Try different keywords.
Try more general keywords.

Re:Umm.. (0)

Anonymous Coward | about 5 months ago | (#47275103)

You mean the malware isn't Google Play itself (5, Insightful)

Rosco P. Coltrane (209368) | about 5 months ago | (#47273339)

I mean, with the recent dumbing down of fine-grained authorizations when installing apps, it's Google Play itself that feels like a security liability.

Re:You mean the malware isn't Google Play itself (0)

Anonymous Coward | about 5 months ago | (#47273635)

I've never gotten an Android app anywhere but F-Droid. I don't know why anyone would.

Re:You mean the malware isn't Google Play itself (0)

Anonymous Coward | about 5 months ago | (#47273717)

Because not everyone with an Android phone is as hyper-intelligent and euphoric a gentleman as you.

Re:You mean the malware isn't Google Play itself (1)

mythosaz (572040) | about 5 months ago | (#47274695)

Because there are 1100 total apps on f-driod, and, at most, a couple dozen are useful and not redundant?

Find me free alternatives to these (1)

tepples (727027) | about 5 months ago | (#47278259)

I've never gotten an Android app anywhere but F-Droid. I don't know why anyone would.

Because F-Droid carries only free software [gnu.org] , and there are several categories of application that aren't going to be free any time soon [pineight.com] . These include (for example) games, applications to view rented movies, and applications to prepare a tax return. What's the free alternative to, say, Sonic the Hedgehog or the Netflix or H&R Block app?

Re:You mean the malware isn't Google Play itself (1)

timeOday (582209) | about 5 months ago | (#47273907)

Almost every app requests almost every permission anyways, so what was the point of fine-grained permissions? Why do I have to let you access the network and my contact list to play Tetris? It's frustrating.

Re:You mean the malware isn't Google Play itself (1)

Anonymous Coward | about 5 months ago | (#47274401)

That's part of the stupid issue. The 'fine grained permissions' were NOT fine enough and some were grouped in odd places. And of course, App Devs being lazy or intrusive, they ask for exceptionally broad permissions often enough. At least with the fine-grained permissions, you could use a third party tool to revoke individual permissions before running the app.

Really, you're making the main valid point here though: App Devs are making mandatory a lot of permissions that ought not be mandatory. That's bad design.

Perhaps an app dev can answer one question: If I install with a particular permission set, but an optional feature some users might want would require an additional permission, could I not prompt the user for that permission when they want to enable the optional feature? If this is possible, not doing it is not excusable on behalf of the App Devs. If it isn't possible, it is not excusable on the Android Devs part.

I kinda hate Google now, which is sad, because for a long time they stood up for some reasonably good things and produced some useful software. Lately, they seem to be turning into a-holes. They release 'updated' apps that strip key functionality without telling you in the release notes, they have never made much of a useful attempt to make permissions work, and they seem to want to know more and more about you when they don't need to.

Google, you've turned into Oracle and Microsoft. Once you had cool and inventive devs who did new things that were useful and interesting. Now you have followers-on who are gradually gutting your existing product qualities and aren't generating much new and cool. That's probably why a lot of great talent has left for other places.And also, you can't hold much high ground against Apple anymore either.

Re:You mean the malware isn't Google Play itself (1)

BasilBrush (643681) | about 5 months ago | (#47274925)

Perhaps an app dev can answer one question: If I install with a particular permission set, but an optional feature some users might want would require an additional permission, could I not prompt the user for that permission when they want to enable the optional feature? If this is possible, not doing it is not excusable on behalf of the App Devs. If it isn't possible, it is not excusable on the Android Devs part.

It's not possible on Android.

On iOS it's the way it always works. You are only asked for a given permission at the time the app tries to do the privileged thing.

Helper apps (1)

tepples (727027) | about 5 months ago | (#47278323)

Yes it is, so long as the separate features are factored into separate packages on Google Play Store. Under Android, packages signed with the same software publisher certificate can share data through the sharedUserId mechanism. This lets the user install one main interactive app, which appears in the launcher or IME chooser or whatever, and then several helper apps that expose content provider services to the main application. For example, a keyboard could have helper apps that extend its autocorrect dictionary. These would include one for each language, one that adds the names of nearby businesses (which requires Internet and location), and one that adds the names of your contacts (which requires access to your contexts). These might be named something like "Swype auf Deutsch", "Swype Local", and "Swype Knows Your Name", and the main app would open their respective Google Play Store pages when the user turns on the main app's features that require them.

Re:You mean the malware isn't Google Play itself (1)

timeOday (582209) | about 5 months ago | (#47274991)

My problem is, IIRC, you don't know what broad permissions an app is going to request upfront, until after you have downloaded and partially installed it. By then you have already wasted your time and bandwidth. You are invested. It would take half a day to look at 20 different versions of Tetris to see which is OK. If you could filter Google Play searches - "search for a version of Tetris that doesn't demand to look at my contact list" - then that would create a tiny bit of market pressure to not just demand everything all the time.

Re:You mean the malware isn't Google Play itself (1)

Dishevel (1105119) | about 5 months ago | (#47275913)

Or you could just take a little bit of personal responsibility for your own actions and decide not to install something. I know it is hard. Having to deny yourself a free Tetris game or slugging through the description of the app on the store to actually read the permissions requested before downloading.

I feel for you, I really do. I think that is a true shame that you were allowed to grow up in an environment that made you such an entitled person. One day if you are lucky life will step in and teach you why being responsible for your own actions is a really good thing.

Re:You mean the malware isn't Google Play itself (1)

timeOday (582209) | about 5 months ago | (#47276381)

You are an idiot. I don't own a smartphone because of the experience I wrote about.

Re:You mean the malware isn't Google Play itself (0)

Anonymous Coward | about 5 months ago | (#47278243)

When I choose 'install' on the Play store, it tells me what permissions the app wants immediately. I don't have to download and partially install anything.

Re:You mean the malware isn't Google Play itself (1)

tepples (727027) | about 5 months ago | (#47278337)

it tells me what permissions the app wants immediately

Except that lately, Google Play Store has "simplified" apps' permissions to make them less fine-grained.

Re:You mean the malware isn't Google Play itself (0)

Anonymous Coward | about 5 months ago | (#47279059)

I don't know what qualifies as "recently" (I have only had my phone for about a month), but there's definitely something wrong with the permissions setup as it is.

Pretty much every app I try to install wants access to everything to function. I try to install a simple game, it wants access to my phone history, contacts, email, google accounts, and fuck knows what else. Maybe this is the lack of fine grain you're talking about, but I can't see what my contacts list or phone history has to do with ANYTHING these apps actually need to do.

As a result, I have installed about four apps on the phone. Also, updating any app (especially the Google ones it came with) is a similarly frightening experience. I don't want to spend the ridiculous amount an iPhone costs on a device I hate, but I can sure as shit see why people prefer it to Android.

Why more Android apps are $0.00 (1)

tepples (727027) | about 5 months ago | (#47282127)

Pretty much every app I try to install wants access to everything to function. I try to install a simple game, it wants access to my phone history, contacts, email, google accounts, and fuck knows what else.

Android phones were sold in some countries before Google Checkout (now Google Wallet). In countries without Google Checkout, Android Market (now Google Play Store) showed only freeware apps. In order to derive revenue from users in those countries, developers had to put ads in their apps. And in order to compete for users with developers that had embraced adware, other developers had to make their apps free as well. Google Wallet has since expanded to far more countries, but the expectation of a freeware price point in Google Play Store has continued. And the push for ad revenue has led to more targeted ad delivery systems, which need to see more of your PII. See also tlhIngan's comment [slashdot.org] .

It's not as widespread on iOS because Apple introduces the iTunes Store in each country before selling iProducts there. This means a payment system always precedes the App Store, preserving an international market for paywalled apps.

In any case, if you want to limit your exposure to Android adware that needs to see your PII, turn on "Unknown sources" and install F-Droid, which allows only applications distributed under a free software license [gnu.org] . If you're worried about the security implications of turning on "Unknown sources", then turn on "Unknown sources" only when using F-Droid and turn it off when done. There's not nearly as much selection, especially because free and games mix like oil and water [pineight.com] , but what you do get has fewer annoyances.

Re:You mean the malware isn't Google Play itself (1)

tlhIngan (30335) | about 5 months ago | (#47275343)

Almost every app requests almost every permission anyways, so what was the point of fine-grained permissions? Why do I have to let you access the network and my contact list to play Tetris? It's frustrating.

Part of the problem is Google itself - when Android was released, the only place you could buy apps was in the US, which mean everywhere else trying to hit Google Marketplace was restricted to seeing free apps. Which means developers end up writing free apps loaded with advertising and having to request every damn permission to get that advertising module to run. Because they needed it free. In fact, comparisons between the various app stores showed the end result - Google Marketplace had approximately 50+% apps that were free, while Apple, Microsoft and Blackberry were averaging 25%.

So between advertising supported app models, the whole freemium thing also originated on Android because those apps could easily set up a Paypal account to handle in-app purchases.

End result today is that if an app is free, it's going to rape your data for advertising purposes. If you're lucky, the developer has an ad-free version available.

Of course, there are also some really strange permissions like "Read phone state and identity" which is needed if you just wanted to ensure that you went away if the phone rang.

Re:You mean the malware isn't Google Play itself (1)

mlts (1038732) | about 5 months ago | (#47274753)

Some Android devs are trying to do their best to work around it. It requires root, but I highly recommend the XPrivacy tool, which will allow you to restrict what apps can actually contact. I also like using a DroidWall successor as a thing of last resort, especially with apps that are bandwidth hungry, so they get forced to Wi-Fi only and not on the cellular network.

LBE Privacy Guard used to be a good tool, but the successor has yet to be officially translated to English yet.

The bad thing is that apps from the Play Store are all or nothing. The good thing is that the people at xda-developers and other sites have spent many man-hours to rectify that.

Shameful what's happened to Android in general (1)

Anonymous Coward | about 5 months ago | (#47276949)

This kind of thing probably wouldn't happen if Android were Free/Libre Open-Source Software. As Google quietly effectively close-sources Android piecemeal, by making it so that parts of the OS, as provided are Google-PROPRIETARY, like the store itself, security problems will abound. It's only natural. To save time, money, and ink, Google's shortened it's motto by one word, and didn't tell anyone. The one word, in case you didn't already guess, is "Don't". They're every little bit as bad as M$ ever was, they are the GE of information, or the Ma' Bell of data, and they do things like this.

They take a company like Android, (or whatever the company itself was called,) that took Linux, a free and open-source OS, strip off the GNU utilities and replace them with their own, tooled to work in a touch-based, mouse-free environment with no assurance of a physical keyboard being available, and buy it out. Then they take the parts they want to replace with their own versions, replace them, and fragment Android.

One version, the FL Android, is still available, but without kick-backs from Google, most phone manufacturers, tablet makers, etc., won't bother with it, because people it seems WANT access to Google's proprietary apps. So they are obliged to take Google/Android, with all its proprietary BS, which no one outside Google (or their hog-tied by NDA's developer community) can readily verify works the way its supposed to like they could if Android were provided in its original form, the FREE/LIBRE version...

Long story short, Android's become a huge, flaming pain in the ass, and if I'm going to surrender my personal info to a giant, multinational behemoth, I'd rather it be one that sells an actual physical product, so they have a way of making money to pay for the software development that DOESN'T involve selling my personal information to the highest bidder, (or anyone who wants it, actually) and whoring my eyeballs out to advertisers looking to push their bullshit on me, because Google sees the user as a product, a pair of eyeballs and support system for a wallet. I'll take my phone and mobile-OS from someone that has at least PRETENDING it's got my back as its core mission, (aside from making scads of money for its investors, naturally,) and wants me to feel like I'm getting value, and the best user experience for my money, though I won't say WHOM, because I'm not a shill.

~ Sent from my iPhone

Is slashdot just a big personal blog now? (0)

Anonymous Coward | about 5 months ago | (#47273347)

This "story" has no link. Most personal blogs aren't this bad. WTF is going on people?

Link? (4, Informative)

devjoe (88696) | about 5 months ago | (#47273361)

Not sure how this brief blurb with no link got posted, but here [techweekeurope.co.uk] is a link to an actual story.

Link to Article (0)

Anonymous Coward | about 5 months ago | (#47273371)

Because I haven't seen it included by the poster:

http://www.fireeye.com/blog/technical/2014/06/what-are-you-doing-dsencrypt-malware.html

Exposes a defect in Android (4, Informative)

tepples (727027) | about 5 months ago | (#47273431)

According to the article (clickable link for the lazy [fireeye.com] ):
  • The app is titled "googl app stoy". To start with, that's a trademark infringement.
  • If the user can install an app that the same user cannot uninstall, the mechanism allowing the app to do this is a defect in Android.

More android malware?? (0)

Anonymous Coward | about 5 months ago | (#47273427)

Queue Android fanboi apologists in 3...2...1...

Re:More android malware?? (0)

Anonymous Coward | about 5 months ago | (#47274659)

I wouldn't blame Android proper on this. Android permissions work fine.

I do wish Google would split their store into two tiers. One super curated like Amazon's or Apple's, and one that is more "free for all", like how the Play Store is now. The reason why Apple has such a positive reputation is that their app gatekeepers are brutal.

Of course, Android needs to move to an ask-before-use permission model... like Blackberry OS, iOS, and others. Otherwise, it is all or nothing, unless you use XPrivacy.

Re: More android malware?? (0)

Anonymous Coward | about 5 months ago | (#47285829)

Exactly. If Apple did something half as bad this place would be full of outrage and pick forks. Instead it's casual apologist as usual. People aren't event google fanbois, it's a cult.

FireEye is full of shit. (-1, Troll)

Anonymous Coward | about 5 months ago | (#47273429)

Most of their articles are only intended to sell their security software. They haven't been a legitimate security company in my eyes for at least a year now.

Android Security (1)

zentigger (203922) | about 5 months ago | (#47273675)

Why doesn't Android have a permissions structure that allows the user to explicitly manage the permissions for each app?

  If I want to disable access to the contacts for any given app, I should be able to do that. If it breaks functionality of the app, then that is MY problem, but in most cases, it wouldn't cripple the app; I don't need my shopping list to be able to read my contacts and send premium text messages on my behalf.

Re:Android Security (0)

Anonymous Coward | about 5 months ago | (#47273803)

Why doesn't Android have a permissions structure that allows the user to explicitly manage the permissions for each app?

That would break the whole Android business model.
Google, and everyone who publishes non-FOSS apps for Android, needs to be able to have constant access to things their users would refuse if they knew about them. How else could they make a profit?

Re:Android Security (2, Insightful)

gstoddart (321705) | about 5 months ago | (#47273873)

Because Google values their ability to sell advertising over user security would be my guess.

Remember, it's their phone, you're only using it under license -- because Google has long since given up any pretense of the whole "do no evil" thing.

I see so many things list their permissions and think "WTF would you need these permissions for, and why on Earth would I give them to you?" And then I cancel the download.

Re:Android Security (0)

Anonymous Coward | about 5 months ago | (#47279655)

if frustrated that your flashlight app wants to read your contact list and have full access to the internet, try installing some open source apps from F-Droid.org.

sample:

permissions required: write to SD card

and that's it! apps from the Play store condition you to accepting a long list of vulnerabilities.

When all the by users for users apps from f-droid only need zero to three permissions it's fairly enlightening as to how badly you are being owned by the proprietary equivalents.

Fix Is Available (0)

Anonymous Coward | about 5 months ago | (#47273749)

F-Droid [f-droid.org] unaffected.

Re:Fix Is Available (1)

mythosaz (572040) | about 5 months ago | (#47274885)

So, all I have to do is enable apps from outside the official store, download from an unknown site, and then I'll have full access to 1,100 apps!, which almost all also exist in the Play store, which I don't have to enable outside apps and download from an unknown source?

Re:Fix Is Available (0)

Anonymous Coward | about 5 months ago | (#47275097)

F-Droid, your "unknown source", doesn't include the malware we're discussing here. Google Play does.
Everything on F-Droid is FOSS. You can see the source. They strip out advertising libraries and such crap, and tell you which permissions an app needs.
Google Play can't compete with that.

Re:Fix Is Available (1)

mythosaz (572040) | about 5 months ago | (#47275649)

Google Play doesn't. Go ahead. Provide the link to it -- you can't because it's not there.

Unless I install the developer tools on a separate machine, there's no telling if the downloadable .apk on f-driod matches the provided source on f-droid.

Using f-droid requires lowering your machine's security, and trusting another source -- f-droid, just because you said so.

How to protect yourself (0)

c (8461) | about 5 months ago | (#47273787)

Easy: Don't. Fucking. Install. It.

This is yet another piece of software which the user needs to download, enable installation of third-party apps, and install. Or the user might've installed it from a dodgy app store (in which case their device is likely already a teeming mess of malware).

Either way, the user needs to do something we've spent the last umpteen years trying to indoctrinate people against.

Wake me up when someone starts injecting this stuff through advertisements in web pages.

Re:How to protect yourself (1)

Anonymous Coward | about 5 months ago | (#47274149)

This is yet another piece of software which the user needs to download, enable installation of third-party apps, and install.

What do you mean "third party apps"? The summary and TFA claim that this one is in the official Google Play store.

Re:How to protect yourself (1)

c (8461) | about 5 months ago | (#47274469)

What do you mean "third party apps"? The summary and TFA claim that this one is in the official Google Play store.

Good point. Mind you, that kinda makes anyone who installs it even dumber than I would have thought.

Re:How to protect yourself (1)

ray-auch (454705) | about 5 months ago | (#47274435)

Maybe it came already installed... sounds awfully like one that does (just buy the phone from the ad in the web page...):

http://www.theguardian.com/tec... [theguardian.com]

Banking on Android no way!!! (1)

substance2003 (665358) | about 5 months ago | (#47273817)

And this is the reason I won't do banking on an Android phone much the same as I refuse to do online banking from a Windows PC.

I've been sticking to my Linux distro for that and felt that it's the best way to function with some security on my end.

Install vector? (2)

gstoddart (321705) | about 5 months ago | (#47273843)

So I R'd TFA, and I can't see anything which says *how* you get this. Or if it's in there I can't find it.

I assume it either piggy backs on something else downloaded from the app store, or comes in from someone enabling apps to come from other places.

The fact that an application can even disable the uninstall feature is pathetic.

And, sadly, Google has removed even more permissions control, so this will only get worse.

I still maintain I should be able to go in at any time and remove permissions from apps -- because, quite frankly, why something like a Flashlight needs access to my messages and contacts has always been a mystery.

Re:Install vector? (0)

Anonymous Coward | about 5 months ago | (#47274041)

In general, they're trying to do things like keep the phone from sleeping or not turn off the light just because you get a text message. There are ways to do those things w/o accessing your messages or contact history, but the people programming flash light apps, probably aren't programmers worth 6 figures on the open market. Instead they're following google's simplest advise on how to do it crudely and ignoring the permissions.

Re:Install vector? (0)

Anonymous Coward | about 5 months ago | (#47274053)

why something like a Flashlight needs access to my messages and contacts has always been a mystery.

It doesn't. [f-droid.org]

Re:Install vector? (1)

gstoddart (321705) | about 5 months ago | (#47274107)

It doesn't.

LOL, you expect that, in a story about malware on Android that I'm going to trust a link to install software on Android from outside of the Play store?

I think not.

Re:Install vector? (0)

Anonymous Coward | about 5 months ago | (#47274309)

Are you an Apple customer?

Re:Install vector? (2)

gstoddart (321705) | about 5 months ago | (#47274417)

Are you an Apple customer?

Yes. And an Android customer. And a Microsoft customer. And a VMWare customer. I've also been a Solaris customer in the past. I've also got Linux and FreeBSD boxes.

And I have a really awesome collection of tin-foil hats.

Did you have some kind of point?

Re:Install vector? (1)

ewhac (5844) | about 5 months ago | (#47275163)

...I'm going to trust a link to install software on Android from outside of the Play store?

I think not.

Clearly you've never heard of the F-Droid project. Go read up on it. [f-droid.org]

You're still running VIRUS SCANNERS in 2014?!? (-1)

Anonymous Coward | about 5 months ago | (#47273859)

the malware is not being detected by the vast majority of security vendors

If your approach to malware is to detect it, then you have already failed. A time traveller from 1994 could have told you that!

Time to face the facts: Android is Microsoft Windows. And iOS is the Microsoft XBox. This is why the smartphone OS market is still like (in the words of Tony Montana) "a great big pussy just waiting to get fucked", because the established players really do just completely suck beyond the point that most people would think imaginable. Indeed, their shittiness is so over-the-top that when you combine it with the currently incredible marketshares, fleeing into the darkness of denial really is the only way any sane person can cope. But it's been long enough; it's time you poke your head out of the sand and really look at how things are. And when you do, you'll realize that almost no progress has been made in the last ten years. (Except with hardware; the story with hardware is awesomely good.)

The next time you hear about Yet Another free phone OS project, maybe cut 'em a little slack, because it's pretty much in everyone's face by now, that we really do need a phone OS. Because the world doesn't have a serious one, yet.

Could this be because of BYOD? (0)

Anonymous Coward | about 5 months ago | (#47273877)

It stands to reason if a company implements and allows users to Bring Their Own Device and requires them to install additional software on the device, say security certificates to be able to access the company VPN network. It's only a matter of time before some users install some sort of malware embedded into a game or another app store to allow this kind of attack. It seems to me that security on android is pretty much abysmal at worst, and ok assuming you have an intelligent user who doesn't install everything under the sun. What are other / dotter's opinions on security for android. Is it even able to be secured? ***Disclosure: I've only recently started using android myself in the last year ***

Only works on android 3.1 (0)

Anonymous Coward | about 5 months ago | (#47274075)

“The good news is that the risk of infection is low. Mouabad.p only works on Android versions older than 3.1....

The IOS fanboys go to great lengths to not mention that

What's the difference? (0)

Anonymous Coward | about 5 months ago | (#47274273)

The Play store now automatically grants full network access to any app that asks for it. And doesn't tell you about it.
This is my last Android phone.

Re:What's the difference? (0)

Anonymous Coward | about 5 months ago | (#47274351)

You might try f-droid [f-droid.org] instead. There you only get FLOSS software, and the devs won't do grant such things to the apps. Android isn't bad. Its only the play store.

Re:What's the difference? (0)

Anonymous Coward | about 5 months ago | (#47275701)

Playstore doesn't grant anything. Android OS does.
Playstore is just an app (with tons of permissions and auto update without asking user) that is allowed to install other apps. It may choose to only display a subset of permissions for apps you're trying to install via play store.

tell me the difference (0)

Anonymous Coward | about 5 months ago | (#47274313)

the malware is not being detected by the vast majority of security vendors, is difficult to uninstall and steals your messages, security certificates and banking details.

to the "real" play store.

"difficult to remove" (1)

Lumpy (12016) | about 5 months ago | (#47274871)

Nahh, installing Cyanogenmod is quite easy and can get rid of this malware almost instantly.

android is horrible (-1)

Anonymous Coward | about 5 months ago | (#47275517)

stop being a bum, get your money up, and buy a damn iphone.

banking? (0)

Anonymous Coward | about 5 months ago | (#47275527)

I do not do my banking on my Nexus tablet. Nope. No online bill pay either. I use the desktop with Comodo security.

b.s post (0)

Anonymous Coward | about 5 months ago | (#47278175)

Why is this being posted when there is no article associated with it?

Concerning the recent behavior of Google... (0)

Anonymous Coward | about 5 months ago | (#47278893)

Concerning the recent behavior of Google...
see recent news about youtube and independent music publishers
see Ted Talk with Charlie Rose and Google found what's his name, where Page says "information wants to be free," while Google is screwing book publishers and authors, digitizing books, often with errors, and claiming a a new copyright for the 'digitized' version

I don't even need 20-40 phone calls at my business each day from scammers pretending to represent Google Maps or Google Woogle (Hey, I sound trademark that!) to make me want to shut out all things Google.

"Do no harm," my asphalt!

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?