Feeds

back to article Android malware spotted hitching a ride on mobile botnet

Kaspersky Lab has reported the first sighting of mobile malware (Android, of course) that piggybacks on the back of a separate mobile botnet and uses the resources of other malware once it's installed. "For the first time malware is being distributed using botnets that were created using completely different mobile malware," …

COMMENTS

This topic is closed for new posts.

"...the flaw that allows Obad to embed itself has been patched, but only in the Android 4.3 build – meaning that unless you have one of a very few Nexus devices, you're wide open."

This is one of the big flaws of Android: Google leaves updates entirely up to the hardware manufacturers but most hardware manufacturers aren't interested in devices which they sold a year ago, so most remain stuck on older versions of Android. Apps may get updated regularly in the market but updates to Android OS are pretty rare for most users.

4
1
Bronze badge

To be fair, Apple abandons their devices too. Just usually takes longer.

1
0
Anonymous Coward

About three years, by which time they're pretty obsolete.

0
0
Anonymous Coward

This is the reason why it is wise to steer clear of Android

2
6
Silver badge

...wise to steer clear...

Bit of a victim of its own success in that sense. I started with a G1 when you could count the apps in android market as it was in the time it took to make a cup of tea. It was a minority platform so not really worth attacking.

Now if you want that, you go winmo. Ironic that it's the Linux-based platform that's the bigger risk than the windows-based one, and a bit of one in the eye for the /. twonks who spell Microsoft with a $ symbol slagging off their engineering. Apparently vulnerability is not inherent, just what happens when you're the most popular platform.

5
3
Silver badge

This is the reason why I always install Avast or Lookout anti-malware security apps, and keep them up-to-date and run real-time scanning on Android devices.

And I never install untrusted apps.

1
0
Bronze badge

get it once and for all

Google leaves updates entirely up to the hardware manufacturers

Google leaves <caps>everything</caps> up to the manufacturers. Just like Debian project leaves everything up to whatever-progeny distro uses Debian system as a base. Blame not Google , but the "distros" here.

3
0
Bronze badge
Linux

Re: ...wise to steer clear...

Now if you want that, you go winmo. Ironic that it's the Linux-based platform that's the bigger risk than the windows-based one

For a brainless, careless user or both, it is. It is a much lesser risk compared to Windows, though. The risk is well comprehended. No surprises here with the transparent permissions (which now you might be ab;e to tweak) and sandboxed apps. Nothing like Windows. Let me compare it to having sex without using a condom in the pocket, with a stranger, knowing the possible consequences, while Windows is always a sex when condoms are not offered at all. I still prefer trusted repos though.

Apparently vulnerability is not inherent, just what happens when you're the most popular platform. Apparently, you don't know what you're talking about.

3
2
Linux

Re: ...wise to steer clear...

"Ironic that it's the Linux-based platform that's the bigger risk than the windows-based one, and a bit of one in the eye for the /. twonks who spell Microsoft with a $ symbol slagging off their engineering"

On a Linux desktop, where can I click or open an email attachment to get "infected" with malware?

0
2
Silver badge

All devices are abandoned at some point, but there's a big difference in selling devices that get updates for 3-4 years (the 3gs was introduced in late June 2009 and received its most recent update earlier this spring, 6.1.3) and selling devices that are permanently stuck with whatever they came with, or get a one and done update.

Granted, some of the features in newer iOS versions aren't supported on older hardware (like Siri, for instance) or can't possibly be supported (like a fingerprint reader) But there are bug fixes and security fixes that do help these older devices that almost every iPhone owner takes advantage of, but which many Android owners don't have the opportunity to receive.

2
0
Anonymous Coward

@DougS

I agree, new phones bring new features which didn't exist before.

However, android handset manufacturers, and this means pretty much all of them, are only interested in selling more handsets. It has never been in their interests to update the software on older phones because that does not make them any money.

So why is it surprising they don't bother to roll out any updates. What is surprising is that the customer puts up with this crap and carries on buying stuff they make.

They see the android handset as a disposable item, like a Bic razor, when they lose their edge throw them away. The problem is a Bic razor costs pennies, a smartphone costs a lot more.

0
0
Bronze badge

first linux distro to need anti virus?

Is Android the first linux distribution to *really* need (good) anti virus? As a Linux user on both servers and desktops for more than 15 years now I can never recall ever needing to worry about viruses on Linux. Some folks liked to have AV on linux to prevent it from distributing windows viruses (file servers and stuff), but nothing that really impacted Linux itself (or at least my own personal/corporate systems).

I have only ever used Android for a few minutes but all of these news items about things exploiting Anrdroid are interesting.. I just did a search for Android Antivirus and saw mixed results (I also recall reading something recently saying how poor most of the Android AV was at catching stuff).

I'm thinking I'm going to be jumping from my WebOS-powered Pre3 to a Samsung Galaxy Note 3 in the next month or so.. so would be nice if El Reg could write, or someone to link to an article that talks about the *current* state of Android AV/Security (especially given this El Reg report comes from an AV vendor).

One of the advantages I suppose of being on WebOS (and Linux on the desktop) is of course it's a less attractive target for attacks given smaller market share obviously.. I've never really bought the argument that Linux doesn't need anti virus(desktop) for any reason other than that - really has little to do with how the OS is built since so much stuff(malware) runs unprivileged anyway (and has for a long time).

I can't honestly remember the last time I had a computer virus, even on Windows - I think the last time one of my computers was *infected* was probably 1992. I've encountered the occasional virus here and there since but nothing that seems to have caused an infection.

0
0
Bronze badge

Re: first linux distro to need anti virus?

Nope. Don't trust Kaspersky and whoever establishes their business on the grad flaw of the Microsoft design to OS. MS approach to security was always an afterthought. So ensuing strategy for it is "contract the disease and then start thinking about swallowing a lot of (sometimes totally innocuous for this disease) medication".

This alleged super-pooper trojan still has to be installed by the user!

No need for AV to prevent it, just don't brainlessly approve everything, do not try to install outside of Google play, and more importantly, look into the permissions first, before installing anything.

3
1
Bronze badge

forgot to add

errata:

s/grad/grand

s/ensuing/the ensuing/

Forgot also to tell that my only cheapo 7'' Android tablet has been turned into a Bodhi Debian Linux tablet.

0
0
Anonymous Coward

That chart sucks!

Where is the Y-axis scale and units?

-- The Tufte Patrol

0
0

Malware hitching a ride on mobile botnet.

"The malware cannot be installed unless users then run it".

http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed_via_mobile_botnets

0
0
Anonymous Coward

"Kaspersky Lab has reported the first sighting of mobile malware (Android, of course) "

If you can't scan for malware, does that really mean it doesn't exist?

Proof of concept malware has been created for a certain phone OS, and was only removed when the researcher announced it to the world. The OS supplier didn't know, users didn't know, anti-virus people didn't know. If one researcher can do it, there is absolutely no reason to believe that organised hackers and crime rings have not managed to do the same thing.

0
0
This topic is closed for new posts.