Wow, FireEye are upto date - Nexus 7 running 4.3 and *they* say *you* should always run the most upto date version of Android. Humour or irony ?
Ad-slinging rootkit nasty permanently drills into Android mobes, tabs
Security researchers have uncovered malware that infects deep inside Android devices, spams screens with pop-up adverts, and obeys commands from its masters across the internet. The software nasty, likely crafted by Chinese crims, has already spread to over 20 countries across all continents, security firm FireEye warns. The …
COMMENTS
-
Wednesday 7th October 2015 18:44 GMT Kraggy
"and keep up-to-date with the latest version of Android, if possible. "
Good luck with that given the utter indifference to their users' problems shown by nearly ALL Android phone manufacturers in their lack of any urgency to supply Android updates, if they ever do at all .. and Google is as bad in that they refuse to provide updates to older models.
Android is a great idea, hobbled to virtual uselessness by those providing phones using it.
-
Wednesday 7th October 2015 18:51 GMT asdf
wrong
>To avoid an infection, don't download software from unofficial app stores,
Compared to the F-Droid unofficial app store (be smart, get from official site only, check md5 etc) the official Google Play is a den of thieves. Many of which Google even consider legitimate (as opposed to the thousands that aren't but they don't kick out) but if anyone looked at their source code (which you can do on with all F-Droid apps) they would probably strongly disagree.
-
Wednesday 7th October 2015 20:07 GMT Doctor_Wibble
Re: wrong
And this is on the assumption that a dodgy app from an unofficial place is somehow worse than a dodgy app from an official place, because obviously the official place has never ever served up dodgy apps. I think you get the same level of apology too.
p.s. good summary, full writeup definitely worth a visit.
-
Wednesday 7th October 2015 23:03 GMT asdf
Re: wrong
>And this is on the assumption that a dodgy app from an unofficial place is somehow worse than a dodgy app from an official place
I think their assumption is you are still less likely to get dodgy apps from Google play (who do some checking) than the Chinese app store specials. The thing is like I say as far as I know F-Droid has never served up straight up malware (unlike Google) and with all app source available and neck beards who use it if they did it would only live for a few hours more than likely. Now the one type of semi dodgy app on F-Droid is apps like Newsblur whose client is open source but who knows (can check privacy statement but those change) what they do with the server side information they collect on you (stories you read, how long, when, etc).
-
-
-
Wednesday 7th October 2015 18:58 GMT Andy Non
Another day, and more Android malware...
with no chance of the hardware suppliers offering any updates or patches. This is making me paranoid. I only have a (no brand) android tablet and only use it for Kindle and playing music MP3s and a few games but it will remain in flight mode until I need to download another book; then back into flight mode again.
Android is getting like my old XP computer, it still works and it is great to use, but I don't dare go anywhere near the internet with it! Kinda sucks if you are using an Android phone though!
-
Wednesday 7th October 2015 19:02 GMT asdf
Re: Another day, and more Android malware...
Honestly its not the malware you have to install that scares me as much as blatant platform weaknesses like a baddy being able to get root on your phone by sending a simple MMS requiring no user intervention (actually requires nerd intervention to prevent by default). But I will agree Android does seem a lot more vulnerable to drive by stuff than it should be so airplane mode only might have merit.
-
Thursday 8th October 2015 09:40 GMT Anonymous Coward
Re: Another day, and more Android malware...
It's not msjware that scares me, its idiots that can't see when you are being played.
This "news" turns out to be nonsense when you drill into the finer details. A device deliberatly held back from getting the latest OS, and then deliberately had its device security mechanisms disabled to allow visiting dodgy app stores, and then deliberately infected with a specific app...
Ever get the feeling you are bring cheated???
I culd infect a 3 year old apple device running the oringally shipping OS also, but where are the security "experts " with this "news". It's as if apple are somhow funding these research reports with their billions of cash reserves....
-
-
Wednesday 7th October 2015 19:05 GMT Steve Davies 3
Yet still you can buy a 'new' phone
running 4.0 let alone 5.0 and anything newer.
I feel a bit sorry for unsuspecting users (viz the majority) who get their new toy and it is vunerably to all sorts of nasties as soon as they take it out of the box and get it going.
I'd like to do thie (see Icon) to the manufacturers and retailers of this clearly shoddy kit.
-
Wednesday 7th October 2015 20:39 GMT cyrus
Any dolt
That thinks their mobile is safe gets what they deserve. I think we can all agree that it really does not matter what platform you use. iPhone or Android (or one of you 5 kids with Windows Phones) are all vulnerable. Never mind vulnerable to what. It is vulnerable to something and that's food for thought.
Mine's the one with tin foil body condom in the waist pocket.
-
Thursday 8th October 2015 08:27 GMT Mike Bell
Re: Any dolt
There's vulnerable. And there's reckless.
Deploying software that gets security updates rarely (or never) is asking for trouble. Android has a pretty good foothold now. That being the case, it's about time Google updated their terms and conditions to insist on security updates being made available in a reasonable time, for a number of years.
-
-
-
-
Saturday 10th October 2015 09:36 GMT Planty
Re: so...
Congratulations.
You have walked into the idiot trap. Microsoft and Apple are pouring vast sums of money into these security researcher reports, so you are made to think Android has loads of security issues.
Step back from the internet a minute and take a look in the REAL world. have you EVER seen any evidence of this? Nope....
Nuff said.
-
Thursday 8th October 2015 01:03 GMT G R Goslin
What to do
Once again, we have a flood of verbiage about the latest peril. And as usual, it's the same sort of advice as how not to catch pneumonia (Wrap up warm and do. Surely the abnormal IO should paint a picture?n't go out in the cold). Why do we not have information regarding the carriers of the malware, specific occasions and places where it may be picked up, and information as to how to spot it. Yes, I have anti-virus, but that is about as opaque as the articles. How about some "do not use" lists, symptom lists. If you are part of a bot-net, why is there nothing that indicates that you have unusual traffic?
-
Thursday 8th October 2015 04:11 GMT Kevin McMurtrie
Google Play Store is a malware wasteland
I consider it great luck when I find something in Google's Play Store that isn't malware. Google doesn't take abuse reports seriously, if at all, and they still require G+ signup to rate apps. The author of the software might have good intentions but it's hooked up to an ad service that hijacks the app. First launch shows "This application needs an update for media library v2" or "This application is no longer supported. Please use the current version." then starts installing more crap if you don't decline or uninstall. That's followed by endless half-assed phishing ads like "This iPhone is infected. Click here to repair."
-
Thursday 8th October 2015 08:16 GMT Tech Hippy
Re: Google Play Store is a malware wasteland
I'm curious as to what apps you are installing to find so much malware?
I've been using Android since it was first released and have never yet had a problem - I install apps only from the Google Play Store and pay attention to the publishers, the permissions and the reviews.
I realise that as a platform it has issues (some of which will probably never be addressed by manufacturer updates), but I've yet to encounter an issue.
-
-
Thursday 8th October 2015 16:52 GMT JLV
confused
Now, the full-on malware phase I get, but I've never quite understood what massive ad injections are supposed to achieve in cases like this.
What kinda muppet is gonna be like:
"Oh, sweet, lots of popup ads all of a sudden"
"I know let's click on one of, they must be reputable"
The mark's already infected, so there is no use for javascript drive-by pownage. Are these guys really hoping for a sell???