New Android "RAT" infects Google Play apps, turning phones into spyware zombies

1456810

Comments

  • Reply 141 of 186
    bondm16bondm16 Posts: 141member
    Quote:
    Originally Posted by SockRolid View Post

     

    Get ready for some Android Apologist knee-jerk reactions:

     

    1. But most Android users don't even know about Google Play, so they're safe.  Oh wait...

    2. But it only affects the latest 4.4 KitKat release, and almost nobody has that yet.  Oh wait...

    3. So yeah, the RAT affects other releases.  It proves that fragmentation isn't really all *that* bad. Oh wait...

    4. But most Android devices are Chinese no-name knockoffs that don't connect to Google Play anyway.  Oh wait...

    5. But lots of Android devices are Kindle Fires, which are running a non-Google Play fork of Android.  Oh wait...

    6. But 99% of all mobile malware is on Android already, so what's one more little bad app?  Oh wait...

    7. etc.


     

    Sorry, I am not going to apologise for this. Android, like Windows, is an open platform and very popular around the world. If you are going to make malware or a virus, you might as well do it on a platform which will have the biggest impact. 

  • Reply 142 of 186
    solipsismx wrote: »
    RAT has got to be the best acronym for malware.
    Sure, they have gotten some security updates with the lateral move Google implemented, which is good, but does that mean that all the holes that are in version 2.3 are now closed as if they were running 4.4? And why have the different versions if the actual OS version doesn't mean anything? And what about the different API versions? 2.3 "Gingerbread is API Level 10 while 4.4 "Kit Kat" is API Level 19. Those have to mean something otherwise why have them at all?
    yes these do mean something you know windows 7 vs windows 8 (I know you do (8sucked)) that's same as G.B. 2.4.x vs. Ics 4.0.x vs Kitkat 4.4.x there updates, features added, ui improvement... they take that data eveyone has been giving google for the last 10yrs and using it to target market phones the api levels are strictly for developers its a easy way to catalog the different codes n presets for each version think win xp it can not run software made for win8 unless certain commands or scripting functions are used same with android. I could confuse more by adding there's different software levels like the kernel which is based heavily on the current Linux kernel this is a amazing feature that allows easy cross platform coding the end user can still enjoy the experience with being 100% ignorant to all these versions and APIs
  • Reply 143 of 186
    You missed out a full stop at the end of the sentence. There should be a semi-colon after 'incorrect' instead of a comma.

    Its a pleasure
    wow internet police someone stone this guy before I vomit geez I wasn't gonna dirt slang but your demeanor has change mine .2nd the person that said windows is a open platform almost stroked me out nothing about windows Apple or any software devices etc are open none Linux and google android are open lol Windows is almost as priotory as your apples not quite but might as well be I can't stand using windows n ever time iOS user try to act like they know computers I want to cry use a Linux box for 3months. If you can figure it out it will open your eyes to what is possible n you'll notice its anything you can think of nobillion $ corp. Forcing its point of view on you.
  • Reply 144 of 186
    froodfrood Posts: 771member
    Quote:

    Originally Posted by SolipsismX View Post



    RAT has got to be the best acronym for malware.

    Sure, they have gotten some security updates with the lateral move Google implemented, which is good, but does that mean that all the holes that are in version 2.3 are now closed as if they were running 4.4? And why have the different versions if the actual OS version doesn't mean anything? And what about the different API versions? 2.3 "Gingerbread is API Level 10 while 4.4 "Kit Kat" is API Level 19. Those have to mean something otherwise why have them at all?

     

    I agree with DED and your point in this post- if you buy an old inexpensive Android device, you are prone to the 97% of malware that does not apply if you buy one of the newer phones.  I do take it with some humor as to whether DED thinks those phones should, or should not, be included in the 'smartphone' discussion.  The prevailing rule of thumb for DED seems to be 'include or do not include them based on what makes a better argument for Apple.'   To be fair, that is in fact his job, but it is a little humorous how many people just willfully go along with whichever pro-Apple method he chooses on any given day.

     

    2.3 does have many vulnerabilities and Google is never going to fix them.  The iPhone 3gs has many vulnerabilities, and Apple is never going to fix those.  I'm good with both of those, except for one thing.  Google continues to sell devices running 2.3 in large numbers.  So why is that?   The answer is pretty simple, and it is why Apple really *can't* enter the booming low end device market even if they wanted to.  iOS 7 and updated Android versions like Ice Cream Sandwich and Jelly bean are so feature laden, that they force higher specs be built into a device.  That's obviously not a problem for the iPhone, Ones, and Galaxies out there, but is a very real problem for the countries where people can't afford them.

     

    So that is why Gingerbread continues to be a success and sell in large numbers.  It is vulnerable as hell.  My advice is obviously don't buy a Gingerbread phone.  Unfortunately to those that can't afford a Galaxy or iPhone caliber device that translates into 'don't buy a smartphone.'  It is obviously a problem Google needs to address.  Fortunately, Google *is* addressing the issue and in a way that is far better than trying to set up a 'legacy' team to improve Gingerbread.  In Kit Kat they are dramatically lowering the device requirements to run it and instead delivering more akin to a kernel, where phones will get certain functionality only if they are capable of them.  With that strategy low end devices can start to be built and shipped with Kit Kat instead of Gingerbread and everyone moving forward will be able to get the respective updates to whatever bits apply to their particular device.

     

    I think its a win/win solution if the specs of the devices can be brought down to Gingerbread levels.  If it can't, I say keep selling Gingerbread and let users know it is vulnerable.  It is still a better solution than offering nothing, because users can then make up their own minds.  DED still wins because he can continue to write articles comparing Apple favorably to four year old Android versions for quite a few years to come.

  • Reply 145 of 186
    charlitunacharlituna Posts: 7,215member
    Guess this is what Eric meant by "pretty sure"
  • Reply 146 of 186
    Quote:
    Originally Posted by kingsblend420 View Post





    wow internet police someone stone this guy before I vomit geez I wasn't gonna dirt slang but your demeanor has change mine .2nd the person that said windows is a open platform almost stroked me out nothing about windows Apple or any software devices etc are open none Linux and google android are open lol Windows is almost as priotory as your apples not quite but might as well be I can't stand using windows n ever time iOS user try to act like they know computers I want to cry use a Linux box for 3months. If you can figure it out it will open your eyes to what is possible n you'll notice its anything you can think of nobillion $ corp. Forcing its point of view on you.

    hey!! lets require all peeps in the world to take classes to learn how to use a system such as linux. That would be awesome!! Forget just picking up a device and easily putting it to use. It should be a struggle, with the outcome only realized after many semesters technical classes and lots of sweat. That would definitely make the world a better place. Besides, so many of us have nothing better to do but sit in our parents basement and learn how to make a complex system do the most mundane processes... please jerk me off in another direction.

    I figured out a long time ago that I will never need to **** around with linux to be the most productive person I can be. Just give me an iDevice and the world is mine. And my ? world pwns linux and android world.        pwned , no doubt about it 

     

     

    You are so full of infinite wisdom.

    Quote:

    Originally Posted by Bondm16 View Post

     

     

    Sorry, I am not going to apologise for this. Android, like Windows, is an open platform and very popular around the world. If you are going to make malware or a virus, you might as well do it on a platform which will have the biggest impact. 


    Windows is open huh??? wow

    it may have an impact, but it would impact the low life, no money scum dogs of the world. Who cares if the droid dorks lose everything to a virus. Whats a couple dollars to anyone?? No droid dork has money, so nothing to lose for the losers. Besides that, their only $ card they use on their devices would be the state issued welfare debit card they use...

    So the biggest impact may be in users infected, but the financial impact would comparable to stealing gum from the corner sundry.

    So no, you don't have to apologize for that at all

  • Reply 147 of 186
    Hmm your so ignorant and brain dead its no wonder you have to use an apple product you prob have to call tech support to turn a PC on I wouldn't trust you tie my shoe let alone pass judgement on to others do us a favor go kill yourself give me 30sec I'll own both your iPhone n Mac with nothing more then the finger print you left from posting I'm the dick this article highlights I will take your digital life n make u wish u were dead n I'm self employed 4kids and have a 350,000 house I love Linux n that's not how I make my living either your post has no ground to stand on unless I'm some crazy smart person n I don't hold myself up on somehigh ground that I'm better then you...well u not ppl here in a whole
  • Reply 148 of 186

    A malware program that spies and records? What's new about that?

     

    FaceBook...

  • Reply 149 of 186
    bondm16bondm16 Posts: 141member
    Quote:

    Originally Posted by snova View Post

     

    you can put toothpaste back into the tube, it just isn't pretty or very productive. It cheaper and less hassle to buy a new tube.   Not sure what this means for Google, but at least we have the toothpaste myth covered. ;-)


     

    Quote:

    Originally Posted by RogueDogRandy View Post

     

    hey!! lets require all peeps in the world to take classes to learn how to use a system such as linux. That would be awesome!! Forget just picking up a device and easily putting it to use. It should be a struggle, with the outcome only realized after many semesters technical classes and lots of sweat. That would definitely make the world a better place. Besides, so many of us have nothing better to do but sit in our parents basement and learn how to make a complex system do the most mundane processes... please jerk me off in another direction.

    I figured out a long time ago that I will never need to **** around with linux to be the most productive person I can be. Just give me an iDevice and the world is mine. And my ? world pwns linux and android world.        pwned , no doubt about it 

     

     

    You are so full of infinite wisdom.

    Windows is open huh??? wow

    it may have an impact, but it would impact the low life, no money scum dogs of the world. Who cares if the droid dorks lose everything to a virus. Whats a couple dollars to anyone?? No droid dork has money, so nothing to lose for the losers. Besides that, their only $ card they use on their devices would be the state issued welfare debit card they use...

    So the biggest impact may be in users infected, but the financial impact would comparable to stealing gum from the corner sundry.

    So no, you don't have to apologize for that at all


    You sir are a true idiot. I happen to use a Galaxy S3 and have a pretty good paid job thank you very much. You may want to think a bit more before you spout such utter crap.  I very much doubt you were being sarcastic and if you were....it is still highly insensitive.

  • Reply 150 of 186
    "it looks as if Dendroid was designed with evading Play Store security in mind." 'looks as if...'
    "2014 anti-emulation detection code that helps it evade detection by Bouncer" 'that helps it evade...'
    Notice the wording in these two quotes. They are not the language of fait accompli and certainty.
    "includes not installing apps from untrusted sources and installing third party malware scanner tools"
    As one Poster above opined: Wonder why infection rates and geography of them not in Article?
    Again and again I see dire, spooky warnings of impending doom for Android users.
    By following a few safe rules of practice, as referenced in the Article and quoted by me, I and myriads of others don't encounter malware in years of constant Android use in the wild where we live and work.
    I keep pointing this out. And surely true to form the scaremongering Article will have the obligatory AV to promote/sell as a main feature.
  • Reply 151 of 186
    "it looks as if Dendroid was designed with evading Play Store security in mind." 'looks as if...'
    "simple %u2014 yet unusual %u2014 anti-emulation detection code that helps it evade detection by Bouncer" 'that helps it evade...'
    "includes not installing apps from untrusted sources and installing third party malware scanner tools"
    As one Poster above opined: Wonder why infection rates and geography of them not in Article?
    Again and again I see dire, spooky warnings of impending doom for Android users.
    By following a few safe rules of practice, I and myriads of others don't encounter malware in years of constant Android use in the wild where we live and work.
    I keep pointing this out. And surely true to form the scaremongering Article will have the obligatory AV to promote/sell as a main feature.
  • Reply 152 of 186
    hungoverhungover Posts: 602member
    Quote:

    Originally Posted by Bondm16 View Post

     

     

    You sir are a true idiot. I happen to use a Galaxy S3 and have a pretty good paid job thank you very much. You may want to think a bit more before you spout such utter crap.  I very much doubt you were being sarcastic and if you were....it is still highly insensitive.




    The irony is that I have seen him recommend that others consider buying a $50 4S...

  • Reply 153 of 186
    sockrolidsockrolid Posts: 2,788member

    Originally Posted by Bondm16 View Post

     

     

    Sorry, I am not going to apologise for this. Android, like Windows, is an open platform and very popular around the world. If you are going to make malware or a virus, you might as well do it on a platform which will have the biggest impact. 


     

    No need to apologize.  It's not your fault.  It's Google's fault.

    All Google cares about is ad revenue.  97% of Google's revenue comes from ads.

    Everything Google does makes perfect sense with that little fact in mind.

  • Reply 154 of 186
    gatorguygatorguy Posts: 20,752member
    sockrolid wrote: »
    No need to apologize.  It's not your fault.  It's Google's fault.
    All Google cares about is ad revenue.  97% of Google's revenue comes from ads.
    Everything Google does makes perfect sense with that little fact in mind.

    It dropped to around 90% by the end of last year. I'd expect ads to be Google's primary revenue source for a long time to come but they're gradually creating new ones.
  • Reply 155 of 186
    d4njvrzfd4njvrzf Posts: 797member
    Quote:
    Originally Posted by b9bot View Post

     

    Android like Windows is surely open, but just like Windows its open for malware,spyware, viruses, trojans, and denial of service attacks and it goes on and on. Open is good to a point. But no security, then it's a real joke. And with so many variants of Android OS and modified android from carriers it makes it even worse. Most of these phones will never see updates because the carriers are to lazy and don't want to create the patches and also want you to buy the next new phone they have waiting in the pipeline. 

    This is what separates Apple from Android. Apple wants you to enjoy your phone and apps and also be safe doing so. That goes for your iPad and iPod touch as well. Everyone complains about the App store approval of developed apps and such. Well without it the same thing would be going on with IOS. But thankfully it's not. Sure Apple misses things but is always good at making those things right and pretty quickly. The media likes to dramatize when IOS has a security flaw 200% but never does so with Android which I find very annoying. Especially since Android is running at about 80% unpatched with malware and such going on all the time. Not to mention those carrier phones that will never see a security patch or OS update ever!

    Open is good, NOT!!!!!!


    The problem with windows was not that it was "open".  Windows' problem was that prior to Vista, the OS was not designed with security in mind. Thus a large chunk of Windows malware in the old days consisted of viruses, which exploited bugs to hijack other processes. From a technical point of view, Android is at least as secure as OS X, although perhaps somewhat less so than iOS because Android provides more system-level APIs than iOS does. But just like with OS X, nothing will stop you if you choose to run a program that uploads your photos to some shady server. In some ways, Android actually does more than OS X to help the user avoid mislabeled programs (which ultimately is what most malware boil down to), since all programs are sandboxed and the user can see exactly what privileges a program has.

  • Reply 156 of 186
    Quote:

    Originally Posted by Bondm16 View Post

     

     

    You sir are a true idiot. I happen to use a Galaxy S3 and have a pretty good paid job thank you very much. You may want to think a bit more before you spout such utter crap.  I very much doubt you were being sarcastic and if you were....it is still highly insensitive.


    no, using a galaxy s3 and spouting off about it would make you a true idiot.

  • Reply 157 of 186
    Quote:

    Originally Posted by hungover View Post

     



    The irony is that I have seen him recommend that others consider buying a $50 4S...


    if all you have is $50, then a 4S is a no brainer

  • Reply 158 of 186
    bondm16bondm16 Posts: 141member
    Quote:

    Originally Posted by RogueDogRandy View Post

     

    if all you have is $50, then a 4S is a no brainer


    Or why not get another phone that has better features and is actually FREE?

  • Reply 159 of 186
    tallest skiltallest skil Posts: 43,399member
    Originally Posted by Bondm16 View Post

    Or why not get another phone that has better features and is actually FREE?

     

    No phone fits that description.

  • Reply 160 of 186
    micronixmicronix Posts: 46member

    In other news, it has been found that people downloading PC software for free from pc4freesoftware.ru have PCs that have become infected.  

     

    You Apple fanboys are hilarious when you start your FUD machine about Android Malware.  In fact, the title to this article proves that.  The malware doesn't infect Google Play apps, it infects Android apps.  Apps that normally appear in Google Play but were actually downloaded from 3rd party sites mostly in Russia and China.  Android by default has the ability to install these turned OFF.  One has to make an effort to actually get these installed.  And I'll bet if a poll was taken, most infections are from kids trying to get something for nothing.

     

    I guess that when folks jailbreak their iDevices and install software from 3rd party sites there is no malware there, right?  Yeah, because iOS automatically can't be infected, right?  



    < facepalm >

Sign In or Register to comment.