Printed from http://www.electronista.com

Hijacked Android apps rack up high SMS bills, underline risk

updated 11:15 am EST, Tue March 1, 2011

Trojan Android apps send premium SMS

Risks of the current Android ecosystem were underscored late Monday with a warning from Symantec about a new trojan. Known as Android.Pjapps, the rogue code has been installed in bootlegged Android apps and adds a secret backdoor that the malware writers can use to send text messages to a premium service, giving a profit to the hijacker at the user's expense. The app also has to collect vital device info, such as its IMEI number, to keep the hack working.

Among the examples of apps pirated so far include Steamy Window (legitimate copy). The hacked app does send notifications that it collects text messaging and personal info but is otherwise superficially identical to the app from the official store.

Google has control over what can appear in Android Market, but the discovery for Symantec underscored the risks of outside apps. It urged users to download only from "regulated Android marketplaces" and to turn off one of Google's key selling points, the toggle to allow non-Market apps.

While Apple has been criticized for using its App Store-only approach in a way that limits flexibility and potentially blocks competition, the company also hasn't had to contend with maliciously altered apps or other significant app-based threats. Most risks on iOS so far have come to jailbroken devices; while they have more freedom, the nature of a jailbreak also gives complete root-level access and opens the device to more risk than if Apple had enabled the feature itself.

Steamy Window



By Electronista Staff
toggle

Comments

  1. msuper69

    Professional Poster

    Joined: Jan 2000

    -1

    MS Windows redux.

    your comment

  1. DerekMorr

    Fresh-Faced Recruit

    Joined: Mar 2010

    -2

    Hmm

    As opposed to iOS smurf games, which also run up high bills?

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -1

    wow...

    Users installed pirated software that still specifically tells them it will use SMS and gather personal info, they still install it, then are shocked to find it has some trojan inside.

    Yep, that's definitely a sign of a bad OS. How dare they tell you what they will do and then do it. And you'd think that Android would require all pirated programs to be digitally signed to prove they haven't been tampered with.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -2

    however

    If this had been said about an iPhone app, it would be labeled as FUD. Or posters would just say "That's what you get for jailbreaking your device!" or "If you're going to download apps from unknown sources, you get what you deserve!" or any of a thousand other things to indicate its the user's fault. But for android, it's an OS issue or something.

  1. macnixer

    Fresh-Faced Recruit

    Joined: Mar 2006

    +1

    however not

    @testudo:

    On the iOS you have to jailbreak a phone to run apps outside of Apple's App Store and Apple does not endorse this. HOWEVER with Android, Google permits and endorses (provides the capability) installing apps outside of Android Marketplace. Essentially you have the option. This is not an user fault. For non-tech users like my other half, a market is market. As long as you can get to it, you can get stuff from there. It is we geeks who try to check. So in my opinion, iOS is protective and Android sucks.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News