toggle

Rash of Android malware tips up, some on Android Market

updated 10:20 pm EDT, Mon July 11, 2011

Android hit by DroidDream, Zitmo, HippoSMS malware


Android faced a slew of new if mitigated malware infections over the weekend. Antivirus software maker Lookout Security warned that a variant of DroidDream Light was briefly available with four apps on the legitimate market. Google had pulled the apps, but not before 1,000 to 5,000 people were infected, Lookout said.

The attack was significant as it was likely to have been published by the same author that had been caught uploading malware earlier. Why Google hadn't taken action to prevent a resubmit isn't clear, though Google has historically had a consciously loose app screening policy to provide more liberties to developers.

Two instances of rogue code have been spotted outside of Google's own store. One, Zitmo, has been developed by a dedicated malware team ZeuS. Fortinet found that the trojan variant poses as a banking app but forwards text messaging to an outside server, where ZeuS can intercept private data.

Another, HippoSMS, was found by NC State University Assistant Professor Xuxian Jiang on third-party Chinese app stores. The code not only steers text messages to a toll number to rack up high bills but blocks text messages to and from Chinese service providers that would warn the user of excessive charges. Android antivirus makers have been contacted, but the only solution so far is to be cautious and monitor both the source and app permissions.

While the attacks have been relatively isolated, they come just after a recent Symantec study that showed a much higher vulnerability in Android than in iOS to hostile code. Apple's policies are sometimes criticized for being too restrictive but have also left any malware incidents to those who jailbroke their phones and disabled many of the protections. Among Symantec's findings was that Google wasn't adequately screening for suspicious apps and was leading to malware that infected real, regular users before it was pulled. [via CNET]

Zitmo in action: actual intercept code (top) versus what the user sees (bottom)




By Electronista Staff

print
email
(8)

TAGS :  

iPhone, security, software, Google, Android, mobile phones, Apple, Android Market

Related Articles

Recent Articles

Other Articles

toggle

Previous Comments

  1. iphonerulez

    Fresh-Faced Recruit

    Joined: Nov 2008

    +13
    07/11, 10:30pm | report spam | (1 reply) | reply

    What kind of a platform is

    Google running. Allowing anyone to upload apps without any screening whatsoever. That doesn't appear like "openness" but laziness on Google's part. As many Android smartphones there are, you'd think that Google would at least try to protect most of those non-tech users from malicious attacks. Google makes uploading apps so easy, it's almost begging for malware apps.


  1. qazwart

    Fresh-Faced Recruit

    Joined: Apr 2001

    +2
    07/12, 09:19am | report spam | (1 reply) | reply

    Come 3.0 Things May Be Different

    Google is clamping down hard on Android 3.0 which might start singling a more "iPhone" like behavior in Android operations. 3.0 won't be as modifiable as earlier versions of Android, and there is talk of clamping down on outside stores. One of the threats was Amazon and Facebook using custom made Android phones to lead people to their stores over Android Marketplace.

    I doubt that Android will be locked down as tightly as Apple. I believe Windows Phone is more in line of where Android is heading, but phones are way different than computers. I don't mind troubleshooting my computer. I don't want to do the same for my phone.


  1. hayesk

    Professional Poster

    Joined: Sep 1999

    +6
    07/12, 09:31am | report spam | reply

    Open

    Open - as in, your personal data is open to be uploaded to who knows where.


  1. ethical_paul

    Fresh-Faced Recruit

    Joined: Mar 2002

    +7
    07/12, 09:39am | report spam | reply

    Don't worry

    The free market will take care of this kind of malware--there's no need for Google to try to prevent it.

    That is to say, the free market will leave Android and head for iOS where they don't have to worry about malware.


  1. Flyingjoe

    Fresh-Faced Recruit

    Joined: Nov 2010

    +4
    07/12, 10:31am | report spam | reply

    Unbelievable...

    Admittedly, I do own Apple products. But I've never gotten this "live free or die" mentality of some, either in having unrestricted access to weapons or in not being denied some "freedom" with their phone. What app are they so in love with that makes this kind of vulnerability worthwhile? I guess even the nerd crowd has their share of the gun-toting fanatics. But it's not based on logic - it's a completely emotional response.

    I am glad that there's real competition out there as any quasi-monopoly isn't healthy for any company, very much including Apple, so Android will help keep iOS evolving and being more flexible. I thank them for that. In fact, I'll be happy to text them my thanks using my secure phone..


  1. viktorob

    Fresh-Faced Recruit

    Joined: May 2011

    +4
    07/12, 11:47am | report spam | reply

    Take that apple...

    May be you the iPhone has 400 k + apps, but how many virus and malwares you iphone users have? Zero, nada, finito.
    Android "openness" gives android user the freedom to run any malware and virus they want and apple does not gives you that option to have your data stolen or compromised.


Login Here

Not a member of the MacNN forums? Register now for free.

Recently Commented Articles

Related Forum Posts

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

10 Most Read

Recent Reviews

iHome iW2 AirPlay speaker

iHome generally isn't known as a luxury brand when it comes to audio, but it is prolific -- the company's docks and speakers are every ...

Logitech Ultrathin Keyboard Cover

One of the iPad's main weaknesses has always been productivity. It's not a question of apps; while it has taken a little time for a na ...

Logitech UE Air Speaker

If maybe a little more slowly than Apple would like, AirPlay is becoming a staple of the wireless speaker market for iOS devices. The ...

toggle

Most Commented

10 Most Discussed

 
toggle

Popular News