Just one more reason to stay away from Farcebook then. Crikey.....
Facebook: A new command and control HQ for mobile malware
Researchers have shown off a new way to evade the security mechanisms in Android and iOS – by using social networks as command and control servers. The team, from Israeli security firm Skycure, said Google and Apple have made great strides in keeping malware out of their official software stores by scanning submitted code for …
COMMENTS
-
-
Friday 4th March 2016 00:40 GMT Crazy Operations Guy
Not having a Facebook account would do exactly jack and shit to stop these attacks, and jack just left town.
The malware is only getting its command and control data from Facebook profiles under the botnet master's control. That profile would be made public so that any device with an internet connection can go grab the data, no need for a Facebook login.
The point of the attack is that Google/Apple block apps that communicate with suspicious domains, but ignore requests to Facebook as that domain is assumed safe.
-
-
Friday 4th March 2016 00:35 GMT Crazy Operations Guy
There is only one app that should be talking to Facebook
And that would be the Facebook app itself. I have never seen an app that actually needs to communicate with Facebook, most of the ones that do only do so to post a user's scores and achievements (Which no one gives a rat's nuts about)
Apps should be set to communicate through a proxy run by the company hosting the app store. Users should be protected from malicious and exploited apps during the entire lifecycle of the app, not just at install. This could also be used to protect users from over-zealous apps grabbing too much data about the user.
-
Friday 4th March 2016 13:45 GMT e^iÏ+1=0
Re: There is only one app that should be talking to Facebook
"And that would be the Facebook app itself. I have never seen an app that actually needs to communicate with Facebook"
What about a web browser? I can't see the point of a bazillion apps instead of just using the browser.
Case in point, I visited tripadvisor.com on my mobile browser today and was repeatedly prompted to install the app when I clicked on a link, with the option to 'continue with mobile site' tucked away out of sight beneath. It didn't remember my previous choice just a couple of click later. Bleagh.
-
Friday 4th March 2016 06:16 GMT DCLXV
"There have been examples of "time bomb" apps that include unactivated malicious code hiding from scanning engines in kosher-looking software; this bad code will unpack and run once the app has been used for a set period of time. The Skycure team said that this could also be activated by a target's location, or if they'd reached a certain point in a game."
Sounds like something Sony could have cooked up...