Printed from http://www.electronista.com

Rash of Android malware tips up, some on Android Market

updated 10:20 pm EDT, Mon July 11, 2011

Android hit by DroidDream, Zitmo, HippoSMS malware

Android faced a slew of new if mitigated malware infections over the weekend. Antivirus software maker Lookout Security warned that a variant of DroidDream Light was briefly available with four apps on the legitimate market. Google had pulled the apps, but not before 1,000 to 5,000 people were infected, Lookout said.

The attack was significant as it was likely to have been published by the same author that had been caught uploading malware earlier. Why Google hadn't taken action to prevent a resubmit isn't clear, though Google has historically had a consciously loose app screening policy to provide more liberties to developers.

Two instances of rogue code have been spotted outside of Google's own store. One, Zitmo, has been developed by a dedicated malware team ZeuS. Fortinet found that the trojan variant poses as a banking app but forwards text messaging to an outside server, where ZeuS can intercept private data.

Another, HippoSMS, was found by NC State University Assistant Professor Xuxian Jiang on third-party Chinese app stores. The code not only steers text messages to a toll number to rack up high bills but blocks text messages to and from Chinese service providers that would warn the user of excessive charges. Android antivirus makers have been contacted, but the only solution so far is to be cautious and monitor both the source and app permissions.

While the attacks have been relatively isolated, they come just after a recent Symantec study that showed a much higher vulnerability in Android than in iOS to hostile code. Apple's policies are sometimes criticized for being too restrictive but have also left any malware incidents to those who jailbroke their phones and disabled many of the protections. Among Symantec's findings was that Google wasn't adequately screening for suspicious apps and was leading to malware that infected real, regular users before it was pulled. [via CNET]

Zitmo in action: actual intercept code (top) versus what the user sees (bottom)





By Electronista Staff
toggle

Comments

  1. iphonerulez

    Dedicated MacNNer

    Joined: Nov 2008

    +13

    What kind of a platform is

    Google running. Allowing anyone to upload apps without any screening whatsoever. That doesn't appear like "openness" but laziness on Google's part. As many Android smartphones there are, you'd think that Google would at least try to protect most of those non-tech users from malicious attacks. Google makes uploading apps so easy, it's almost begging for malware apps.

  1. qazwart

    Fresh-Faced Recruit

    Joined: Apr 2001

    +2

    Come 3.0 Things May Be Different

    Google is clamping down hard on Android 3.0 which might start singling a more "iPhone" like behavior in Android operations. 3.0 won't be as modifiable as earlier versions of Android, and there is talk of clamping down on outside stores. One of the threats was Amazon and Facebook using custom made Android phones to lead people to their stores over Android Marketplace.

    I doubt that Android will be locked down as tightly as Apple. I believe Windows Phone is more in line of where Android is heading, but phones are way different than computers. I don't mind troubleshooting my computer. I don't want to do the same for my phone.

  1. hayesk

    Professional Poster

    Joined: Sep 1999

    +6

    Open

    Open - as in, your personal data is open to be uploaded to who knows where.

  1. ethical_paul

    Fresh-Faced Recruit

    Joined: Mar 2002

    +7

    Don't worry

    The free market will take care of this kind of malware--there's no need for Google to try to prevent it.

    That is to say, the free market will leave Android and head for iOS where they don't have to worry about malware.

  1. Flyingjoe

    Fresh-Faced Recruit

    Joined: Nov 2010

    +4

    Unbelievable...

    Admittedly, I do own Apple products. But I've never gotten this "live free or die" mentality of some, either in having unrestricted access to weapons or in not being denied some "freedom" with their phone. What app are they so in love with that makes this kind of vulnerability worthwhile? I guess even the nerd crowd has their share of the gun-toting fanatics. But it's not based on logic - it's a completely emotional response.

    I am glad that there's real competition out there as any quasi-monopoly isn't healthy for any company, very much including Apple, so Android will help keep iOS evolving and being more flexible. I thank them for that. In fact, I'll be happy to text them my thanks using my secure phone..

  1. viktorob

    Fresh-Faced Recruit

    Joined: May 2011

    +4

    Take that apple...

    May be you the iPhone has 400 k + apps, but how many virus and malwares you iphone users have? Zero, nada, finito.
    Android "openness" gives android user the freedom to run any malware and virus they want and apple does not gives you that option to have your data stolen or compromised.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Sponsor

toggle

Most Commented

 
toggle

Popular News