Feeds

back to article Android nasty sends your texts to CHINA

Security researchers have discovered an Android botnet that masquerades as a benign settings app for carrying out administrative tasks on mobile devices. Once authorised by the user, the malicious app surreptitiously steals SMS messages from the infected device and emails them to a command-and-control (C&C) infrastructure hosted …

COMMENTS

This topic is closed for new posts.
Bronze badge

Last week I chose between an Android phone and a Q5

Looking like the Q5 was the correct choice, and it hasn't even arrived yet.

0
7

Re: Last week I chose between an Android phone and a Q5

Why not get a "nothing at all"?

It has all the features of a Q5 without any of the drawbacks, and as a bonus zero chance of infection

3
1
Bronze badge

Re: Why not get a "nothing at all"?

Because I hate windows phone

6
4

Re: Last week I chose between an Android phone and a Q5

I can see your concern. After all, it would be so easy to download an app that said it was a "vaccine killer" and that wanted access to your SMS messages.

3
0

Re: Last week I chose between an Android phone and a Q5

Something I could never slate blackberry for with the playbook, choose what access you want the app to have and even with less privileges still works (some times less functionality! but why would an alarm clock need to be able to make phone calls ?)

0
0
Anonymous Coward

Another week another Android mishap

When will it end?

0
1
Anonymous Coward

Love it

When Fandroids claim their phones are secure on the premise that they check their permissions before they download the App.

They certainly do live in a happy bubble.

0
1
Bronze badge

I suspect the chinese might find

"Darling fascist bully boy, give me some more money, you bastard. May the seed of your loins be fruitful in the belly of your woman" somewhat less than useful.

3
0
Silver badge

Re: I suspect the chinese might find

This before or after they hatched the nuke?

0
0
Bronze badge

Free app hosted elsewhere?

It's probably an IT / cautious person thing to do but I check all permissions for apps before downloading them even when they're on the Play Store. If I'm downloading from somewhere else I'm even more careful to check into it first. Sadly it seems I'm in the minority with a lot of people just blindly installing apps from anywhere and ignoring the very clear warning about installing apps from unknown sources.

3
0
Silver badge

Re: Free app hosted elsewhere?

And what good does that do you? Or do you look at the requested permissions for each app (that performs a specific function) and then install the one with the least permissions? What about updates? If the permissions change with a new version, do you blindly allow the update to complete? Or do you uninstall the app and start over?

0
0
Bronze badge

Re: Free app hosted elsewhere?

do you look at the requested permissions for each app (that performs a specific function) and then install the one with the least permissions?

->yes.

if the permissions change … do you uninstall the app and start over?

->yes, if I don't like them.

Any more questons?

4
0

Re: Free app hosted elsewhere?

The "extra permissions on update" seems to be a common trick, has prompted me to uninstall quite a few.

I would prefer when ticking a box like "Access to microphone" or "send SMS"

I had the choice of "When app is in focus only" (alarm at any other time.)

So program X enables voice prompts, why the hell should that mean access to the microphone as and when it likes?

give me "access to microphone for ten seconds after condition Y" like double tap, visible button etc.

I guess some will now tell me that is all there, but the developers don't enable such choices because thick users wouldn't understand the question.

0
0
Bronze badge

Re: Free app hosted elsewhere?

@theodore Chairo here has already answered pretty much what I would have answered. I take the app type into consideration when I see the permissions and if it's extreme then it doesn't get installed, simple as that. Some apps that add extra permissions will explain why the new permissions are needed and again, if I agree that it's necessary and don't mind I'll allow it. If I don't agree then I either stay on the current version or uninstall if it requires the latest version.

Examples? A camera app will obviously need access to the camera and storage but it might also have an account permission. First glance you might wonder why but if it integrates with a service then that's easy to understand. However, if it asks for permission to send email without my permission it gets removed. Yes that permission actually exists and showed up in a recent app updates for something, Blipar I think it was.

0
0
Anonymous Coward

Android nasty sends your texts to CHINA

Because the NSA outgrew Fort Meade and needed to expand.

0
0
Anonymous Coward

Ok, so which ap?

Why don't they post which aps they have found the botnet in?

The way Permissions are handled is ambiguous...

Of course some apps will have to look at your contacts. Of course some will have to access your WiFi... or access your email - in order to help you send one... the question is can they do it with out your knowing... amongst others. (Not wishing to go into a deeper level of complexity.) We, the users, need to demand a more clarified level of detail on permissions. They, the programmers need to give the users a way to block access. (Without having to root phones.) (And why would you trust rooted software more than the corporate which can be held accountable?)

Just saying.

0
0
This topic is closed for new posts.