Mobile malware exploding, but only for Android

13567

Comments

  • Reply 41 of 136
    alfiejralfiejr Posts: 1,524member


    of course it would be best to have some actual stats on how many Android units are in fact compromised.                                

  • Reply 42 of 136
    os2babaos2baba Posts: 262member
    Quote:
    Originally Posted by sflocal View Post


    Not thesis-level.  While apps on Google's Marketplace are (laughably) better, Android's ability to side-load apps not associated with any kind of verifiable rating system opens up a can of worms.

    At least on iOS, I don't necessarily even have to look at the reviews, # of stars etc.  If I want to do an impulse download of a free app, there's little (if any) worry I will have that it's rogue.  I have Apple to delegate that authority to.

    I just remembered the countless Android responses here and on other forums stating "Stupid users should know better than to download an app from an unknown site." and they honestly thought it was still the best way to do it because they hated Apple's walled-garden approach.  What's even funnier are the fandroids that proudly say "That's why I have anti-virus running on my phone!"... A/V??!!  Really??!!  On a phone??!!

    Now Google is seriously considering a more curated approach too.  That still won't stop sideloaded rogue apps.

     


    I have now been using Android for 5 years. And I have no malware on my phone. Yes, I check the permissions before installing, and if I find anything suspicious, I don't install the app. Not really all that difficult. I also side load a lot of apps, but only from trusted sources. eg. I side loaded Swype while it was being beta tested. I side load adaway now that Google has decided to be evil about it. Most of this "research" is conducted by snake oil security firms. And every once in a while, I download them, run their scans, find no malware and promptly delete them. Here are a couple of screen shots of recent scans.


    https://www.dropbox.com/s/3yprz32jjmywku2/Screenshot_2013-04-22-01-38-00.png


    https://www.dropbox.com/s/uh07uhnpzff1ww7/Screenshot_2013-04-22-01-50-02.png


    Don't get me wrong. There are plenty of real dangers. But it's really not that difficult to prevent getting a single malware on your phone. And as far as iOS apps are concerned. How do you know they are safe? The reason that malware is discovered on Android is precisely because the OS is open.


    A while ago, the Camera+ app which used the Volume buttons for taking snaps was rejected from the AppStore *after* it was approved. How did it get the hidden feature through the approval process? It was discovered and rejected because it violated AppStore policies. How do you know how much malware has made through and not been discovered?


    Charlie Miller snuck in a prototype malware program into the App Store. Apple did not discover it until he publicly announced it and got the app rejected. How do you know hoe much malware there really is floating around in the App Store?


    Give me the choice of checking the permissions any day. I let Google's Bouncer do the grunt work, but still search myself. Likewise Apple may well be getting *most* of the malware out, but if something slips through, there is no second line of defense.

  • Reply 43 of 136
    slurpyslurpy Posts: 5,316member
    Wait, but why do all the Android apologist keep insisting that Android malware is an outdated "myth" that is only used as propaganda and that the OS is "no worse" in that regard than the other platforms?

    Oh right, they're shamelessly lying, like everything else that they spout. The worst are the ones that proudly proclaim that they have an antivirus installed, and in the next breath they bash iOS for not having "the option" to install antivirus apps. Incredible.
  • Reply 44 of 136

    Quote:

    Originally Posted by os2baba View Post


    Don't get me wrong. There are plenty of real dangers. But it's really not that difficult to prevent getting a single malware on your phone. And as far as iOS apps are concerned. How do you know they are safe? The reason that malware is discovered on Android is precisely because the OS is open.


    A while ago, the Camera+ app which used the Volume buttons for taking snaps was rejected from the AppStore *after* it was approved. How did it get the hidden feature through the approval process? It was discovered and rejected because it violated AppStore policies. How do you know how much malware has made through and not been discovered?


    Charlie Miller snuck in a prototype malware program into the App Store. Apple did not discover it until he publicly announced it and got the app rejected. How do you know hoe much malware there really is floating around in the App Store?


    Give me the choice of checking the permissions any day. I let Google's Bouncer do the grunt work, but still search myself. Likewise Apple may well be getting *most* of the malware out, but if something slips through, there is no second line of defense.



     


    So your argument is: Android's 136 threats must be less than iOS's ___ threats, because we don't know what ___ equals, despite F-Secure saying it was zero? So to "prove" F-Secure is wrong about iOS having zero threats, you use the Camera+ app as an example of "how much malware has made it through and not been discovered." LOL. Camera+ is not malware. It was pulled for violating Apple's Human Interface Guidelines. F-Secure would not classify that as malware, trojan, or PUA. And yet you do as part of your FUD campaign against iOS? Why don't you count ALL of the iOS apps that have been rejected for violating Apple's HIG rules as evidence of malware on iOS? That might add up to a high number, LOL.

  • Reply 45 of 136
    enzosenzos Posts: 344member
    Nice post SFLOCAL! I set up two XP Pro (SP3) machines for the office a couple of years ago (Windas coz of a small budget and the workers only knew MS shite), and tried to run them without AV software for a couple of weeks as a experiment to see (as a curious Mac user) how they stood up: was XP really that vulnerable? Both hopelessly infected via the browser in three days of occasional use on the internet! Reinstalled with Kaspersky and worked OK for a few months but then got slower and slower. What a farce!
  • Reply 46 of 136
    os2babaos2baba Posts: 262member
    Quote:
    Originally Posted by Suddenly Newton View Post

     

    So your argument is: Android's 136 threats must be less than iOS's ___ threats, because we don't know what ___ equals, despite F-Secure saying it was zero? So to "prove" F-Secure is wrong about iOS having zero threats, you use the Camera+ app as an example of "how much malware has made it through and not been discovered." LOL. Camera+ is not malware. It was pulled for violating Apple's Human Interface Guidelines. F-Secure would not classify that as malware, trojan, or PUA. And yet you do as part of your FUD campaign against iOS? Why don't you count ALL of the iOS apps that have been rejected for violating Apple's HIG rules as evidence of malware on iOS? That might add up to a high number, LOL.

     

    I don't think you got what I was trying to say about the Camera+ app or Charlie Miller's apps. Not that they were real malware. In fact Camera+ actually was very useful. What I'm saying is that those two apps made through the App approval process without Apple realizing the first one had the hidden feature and the second one was a malware prototype. Both were discovered after the fact due to publicity. You have no way of knowing how many real malware apps are in the App Store that are obviously not going to be public about their behavior. What you have is a false sense of security.

    Here's a malware that affects Windows iTunes in an iOS app. http://reviews.cnet.com/8301-13727_7-57478793-263/windows-malware-slips-into-apples-ios-app-store/

    And do you think this is not malware? http://arstechnica.com/apple/2011/11/safari-charlie-discovers-security-flaw-in-ios-gets-booted-from-dev-program/
  • Reply 47 of 136

    Quote:

    Originally Posted by VL-Tone View Post


    Sideloading enables those who know about it to do "cool things" that others can't do on their phone. 


     


    Which leads to bragging and explaining to friends how to do it, who then show it to other friends etc.


     


    At the end of the day, a lot of Android users end up side loading apps because someone told them to. And a lot of them don't have the knowledge to be able to discern what is a so-called "trusted source".



     


    Jailbraking enables those who know about it to do "cool things" that others can't do on their phone. 


     


    Which leads to bragging and explaining to friends how to do it, who then show it to other friends etc.


     


    At the end of the day, a lot of iOS users end up side loading apps because someone told them to. And a lot of them don't have the knowledge to be able to discern what is a so-called "trusted source".

  • Reply 48 of 136
    chiachia Posts: 710member


    Originally Posted by dasanman69 View Post

    Not entirely true. The apps I have sideloaded were recommended on XDA, and various other sites. Side loading by default is off and many devices do not allow the user to change it, and the vast majority of users don't even know how to do it or are unaware that they can.


    Originally Posted by KDarling View Post

    1) Newbies cannot accidentally sideload an app.  They have to first go find and purposely turn on "Load from unknown sources" and on some phones, also turn off "Disallow or warn before installation of apps that may cause harm."


     


    I suffered the mercifully brief misfortune of owning a Samsung Galaxy Y phone.


    Samsung's own in-house apps prompted the user to enable "Load from unknown sources" to allow further updates of its own software to be installed.


     


    The Galaxy Y runs Android 2.3 gingerbread and can't be updated to Android Jelly Bean, so it's wide open to security flaws that have since been patched.


    I replaced it with a Xperia tipo running android 4.0.4.   It was released by Sony in early 2012 but can't be officially upgraded to 4.2.1!


    Yet the iPhone 3GS I bought in 2009 has been updated to the current iOS 6.1.


     


    OS improvements include security updates, the large proportion of Android handsets which can't be patched remain potentially vulnerable.

  • Reply 49 of 136
    caliminiuscaliminius Posts: 944member

    Quote:

    Originally Posted by Suddenly Newton View Post


     


    So your argument is: Android's 136 threats must be less than iOS's ___ threats, because we don't know what ___ equals, despite F-Secure saying it was zero?



     


    It's weird. The last time a security firm issued an alert for OS X, the general theme here was that they were blowing it out of proportion. That they were only interested in selling AV software to Mac users. And over half a million Macs got infected. But anytime malware on Android gets mentioned, it's, "Aha, see Android is a virus ridden piece of sh-t!!!" What reason does F-Secure have to really look for malware on iOS since they KNOW they aren't going to allowed to sell any form of AV software for iOS? If trying to sell their software negates their warnings for OS X, why doesn't it affect any opinions on Android malware?


     


    And as someone tried to point out, it DOES matter both where these Android viruses are coming from and where they are targeted. As someone living in the US, why would I be concerned with malware showing up on 3rd party app stores in China or India? Similarly, how many apps have been found that actually contain these malware vectors? One per type? Twenty? These things matter when you're going to start making claims that Android is more or less secure than iOS.

  • Reply 50 of 136
    pk22901pk22901 Posts: 152member
    kdarling wrote: »
    Oh for goodness' sake.

    1) Newbies cannot accidentally sideload an app.  They have to first go find and purposely turn on "Load from unknown sources" and on some phones, also turn off "Disallow or warn before installation of apps that may cause harm."

    2) Look at the list of threats.  Almost all affect a small, targeted group that sideload an app in China or India, etc.  They include sideloaded apps aimed at Tibetan human rights activists, and my favorite,  "A fake "job offer" Android app in India informs that the user is being considered for a position at TATA Group, an Indian multinational company. To arrange the interview, the app asks for a refundable security deposit."    

    Sorry, but if you're that gullible, it doesn't matter if the "threat" came from an app or a website or an email.

    What about this? Is this a side load?

    "As Sean Sullivan, Security Advisor at F-Secure Labs stated in the report, ?I?ll put it this way: Until now, I haven?t worried about my mother with her Android because she?s not into apps. Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone.?

    Stels, an Android trojan delivered via fake U.S. Internal Revenue Service-themed emails, uses "an Android crimeware kit to steal sensitive information from the device," and also makes calls to premium numbers. Sullivan said the new threat ?could be a game changer.?"

    Tell me how your grandmother will be smart enough to avoid this stench. And then tell me how much of your brain is dedicated to safe computing.
  • Reply 51 of 136
    dasanman69dasanman69 Posts: 13,001member
    pk22901 wrote: »
    What about this? Is this a side load?

    "As Sean Sullivan, Security Advisor at F-Secure Labs stated in the report, ?I?ll put it this way: Until now, I haven?t worried about my mother with her Android because she?s not into apps. Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone.?

    Stels, an Android trojan delivered via fake U.S. Internal Revenue Service-themed emails, uses "an Android crimeware kit to steal sensitive information from the device," and also makes calls to premium numbers. Sullivan said the new threat ?could be a game changer.?"

    Tell me how your grandmother will be smart enough to avoid this stench. And then tell me how much of your brain is dedicated to safe computing.

    Because it'll most likely end up in his grandmother's spam folder.
  • Reply 52 of 136
    stniukstniuk Posts: 90member


    I think a big part of the problem is that Android users tend to use more pirated apps than others and this is an easy way to infect an android phone.

  • Reply 53 of 136
    stniukstniuk Posts: 90member

    Quote:

    Originally Posted by caliminius View Post


     


    It's weird. The last time a security firm issued an alert for OS X, the general theme here was that they were blowing it out of proportion. That they were only interested in selling AV software to Mac users. And over half a million Macs got infected. But anytime malware on Android gets mentioned, it's, "Aha, see Android is a virus ridden piece of sh-t!!!" What reason does F-Secure have to really look for malware on iOS since they KNOW they aren't going to allowed to sell any form of AV software for iOS? If trying to sell their software negates their warnings for OS X, why doesn't it affect any opinions on Android malware?


     


    And as someone tried to point out, it DOES matter both where these Android viruses are coming from and where they are targeted. As someone living in the US, why would I be concerned with malware showing up on 3rd party app stores in China or India? Similarly, how many apps have been found that actually contain these malware vectors? One per type? Twenty? These things matter when you're going to start making claims that Android is more or less secure than iOS.



    If you are not concerned they are targeted at the US then you are making a mistake. They soon will be as that is where the money is and that's what these guys are after. 

  • Reply 54 of 136
    dasanman69dasanman69 Posts: 13,001member
    stniuk wrote: »
    If you are not concerned they are targeted at the US then you are making a mistake. They soon will be as that is where the money is and that's what these guys are after. 

    How do you know that they haven't already and that Americans haven't fallen prey?
  • Reply 55 of 136
    hill60hill60 Posts: 6,992member

    Quote:

    Originally Posted by dasanman69 View Post





    You act like one has to write a thesis on a app before installing it. No research needs to be done. Think of it like ebay, you search a item you want to buy and 2 sellers pop up, one with a high rating and another with few or none. Who are you going to buy from? You probably do the same exact thing in the app store. This data is really worthless without data on how many devices have gotten infected. More malware does not mean more infected devices.


     


    Not buy from anyone, drive by link in email.

  • Reply 56 of 136
    hill60hill60 Posts: 6,992member

    Quote:

    Originally Posted by dasanman69 View Post





    Not entirely true. The apps I have sideloaded were recommended on XDA, and various other sites. Side loading by default is off and many devices do not allow the user to change it, and the vast majority of users don't even know how to do it or are unaware that they can. Very much like the app store most users don't go past the highly downloaded or recommended apps. I won't deny malware is a problem with Android but I think most users especially in the US have little to none to worry about.


     


    So, the Kindle Fire and all those "hub" equipped galaxies, how do their repositories work, given they are not Google Play?


     


    Some of the most popular Android devices rely on breaking their users away from Google Play.


     


    Making them vulnerable.

  • Reply 57 of 136
    hill60hill60 Posts: 6,992member

    Quote:

    Originally Posted by dasanman69 View Post





    I loved and hated XP, it was the mother magnet of malware. My friend would get malware without ever visiting any questionable sites. Vista along with Chrome has all but eliminated malware.


     


    On our work XP systems, the IT department briefly flirted with Chrome.


     


    They removed it due to trojans infecting our PC's.


     


    IE 8 and Firefox are used, along with virtual IE 6 running critical legacy software.

  • Reply 58 of 136
    hill60hill60 Posts: 6,992member

    Quote:

    Originally Posted by KDarling View Post


    Oh for goodness' sake.


     


    1) Newbies cannot accidentally sideload an app.  They have to first go find and purposely turn on "Load from unknown sources" and on some phones, also turn off "Disallow or warn before installation of apps that may cause harm."


     


    2) Look at the list of threats.  Almost all affect a small, targeted group that sideload an app in China or India, etc.  They include sideloaded apps aimed at Tibetan human rights activists, and my favorite,  "A fake "job offer" Android app in India informs that the user is being considered for a position at TATA Group, an Indian multinational company. To arrange the interview, the app asks for a refundable security deposit."    


     


    Sorry, but if you're that gullible, it doesn't matter if the "threat" came from an app or a website or an email.


     


    3) Many of these "security firms" include, as potential threats, apps like log viewers which people download on purpose.  Anything to boost the numbers.


     


    Security reports try to scare people into buying security software.  That's their primary purpose.



     


    So why isn't iOS also being targeted?


     


    Is that because "gullible people" as you call them, are only sucked in by Android?

  • Reply 59 of 136
    hill60hill60 Posts: 6,992member

    Quote:

    Originally Posted by d4NjvRzf View Post


     


    You know, I've sometimes wondered why sideloading is considered unacceptable on smartphones and tablets when it has almost always been how one installs programs on laptops or desktops. Is installing a third party app inherently riskier on a mobile device? Or is the perceived danger of side-loading due to users tending to install more apps on their mobile devices, thereby exposing themselves more often?



     


    Well, from what kdarling says, it's because Android users are more "gullible".

  • Reply 60 of 136
    gatorguygatorguy Posts: 22,896member

    Quote:

    Originally Posted by hill60 View Post


     


    On our work XP systems, the IT department briefly flirted with Chrome.


     


    They removed it due to trojans infecting our PC's.



    Trojans unique to Chrome? First I'd heard of it. Any example or are you mistaking it for this recent story?


    http://thenextweb.com/insider/2013/03/21/new-os-x-trojan-injects-ads-into-pages-browsed-by-chrome-firefox-and-safari-even-targets-apples-website/


     


    EDIT: Chrome automatically disables 3rd-party extensions, even "silent" ones. Users have to actively choose to individually enable them.

Sign In or Register to comment.