back to article Net scum lock ancient Androids, force users to buy iTunes gift cards

Blue Coat researcher Andrew Brandt says ancient Androids can be hijacked with persistent ads that force victims to buy US$200 worth of iTunes gift cards. Brandt considers the spam as ransomware since it traps infected Androids in a locked screen state until victims buy attackers gift cards which would presumably be later …

  1. John Tserkezis

    Sad, how very sad.

    You know what they say about those who want iTunes gift cards?

    They likely own Apple branded equipment.

    And that's the saddest thing of all. Shudder.

  2. Richard Jones 1

    That Ain't going to fly

    Quote '"In theory, it might be possible for Apple - or its iTunes gift card partners - to track who used the gift cards provided to the criminals, which may help investigators identify them."' End Quote

    Would apple give up the ID of crooks? I do not see that happening any time; ever. They would want to protect their identity - and likely keep them as customers.

    1. Adam 52 Silver badge

      Re: That Ain't going to fly

      Not sure if there was a joke icon on that post, but it's in Apple's interest to give them up.

      They could use the PR, they know that this time it's Android and next time it could be them and the crooks are going to want to liquidate not remain invested in Apple (ie they'll sell the vouchers on to real Apple customers who won't then be buying from Apple). Plus Apple might actually have some public spirited employees.

      1. Richard Jones 1
        Holmes

        Re: That Ain't going to fly

        Well it would be nice to think so but I have sever doubts that they would do the right thing. I can only hope you are right.

        Sherlock because he got the crook.

      2. Anonymous Coward
        Anonymous Coward

        Re: That Ain't going to fly

        Apple could always tell their new friends in the FBI ?

    2. DougS Silver badge

      The crooks won't use the iTunes gift cards

      They'll sell them, since it is so easy to do so, and you can't buy hardware with them so you can't launder them that way. Even if Apple tracked them in a matter of hours they'll have already flipped them - Buy it Now eBay auctions for iTunes cards at a discount go quickly.

  3. Anonymous Coward
    Anonymous Coward

    This:

    "Users can still copy their files from infected devices before entering recovery mode and flashing a clean - and preferably updated - Android operating system".

    Assuming the service providers actually release those updates into the wild.

    Which they dont.

    Just to keep you buying new shiny shiny because: security.

    Bullshit.

    Cars have to be updated and spares available for at least 10 years. Phones should have an update cycle of 5 years. If a 400 quid TV is expected to last 5 years then a 600 quid phone should also last.

    1. ZSn

      Tight

      5 years for a TV? My TV is a 20 year old CRT with a raspberry pi hooked up to it as a media centre. Works fine, better than these new 'smart' TVs that are obsolete as soon as they get home. My last phone lasted 10 years. Even Google doesn't keep the Nexus line up to date past a couple of years. Bah humbug.

      1. Jez Burns

        Re: Tight

        My TV is a 70 year old projector with a grandfather clock hooked up to it..

        1. John Brown (no body) Silver badge
          Coat

          Re: Tight

          "My TV is a 70 year old projector with a grandfather clock hooked up to it.."

          Tight arse! Proper TVs were available 70 years ago.

    2. DougS Silver badge

      Re: This:

      What sort of updates should be required? Should they require all new versions of Android be ported for five years? What if the hardware can't support it? If it is just security updates, is it all security updates or just 'important' ones, if the latter who decides what is important?

      Wouldn't it be easier to simply choose your phone based on their track record of providing updates? Android has been around long enough that it should be pretty simple for someone to look into this and see what the best/worst of the major brands via their update track record for the past few years.

      1. John Brown (no body) Silver badge

        Re: This:

        "What if the hardware can't support it?"

        I'd bet most 5 year old smartphones would happily run a vanilla android. Might not run the manufacturers version with all the enforced add-ons bolted on that you often can't even stop from running never mind uninstall.

    3. andrew.brandt

      Re: This:

      Users of older devices can do themselves a favor and stop using the built-in Browser app. Download the latest version of Chrome, which already incorporates the security updates needed to prevent this infection from happening.

      If you get infected, you don't have to flash over the operating system in order to get rid of the malicious files, in this case. A factory reset will do.

  4. Law

    A grandfather clock?! LUXURY!!

    1. allthecoolshortnamesweretaken

      Indeed. We had to take turns impersonating a sundial.

  5. hellwig Silver badge
    Paris Hilton

    How Ancient?

    My G1 is stuck on Android 1.6, what can I do to protect myself?

    1. gollux
      Joke

      Re: How Ancient?

      Smash it with a hammer, silly. Isn't that what everyone does? After all, you should be buying one a year to keep the OEM in the black.

  6. gollux
    Mushroom

    Users can still copy their files from infected devices before entering recovery mode and flashing a clean - and preferably updated - still vulnerable Android operating system because your major manufacturer never bothered with those silly updates.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019