Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.



79 posts

Master Geek
+1 received by user: 1


Topic # 114038 5-Feb-2013 21:34 Send private message

If you don't think security is important on your smartphone/tablet ... think again
There’s a new type of Android malware out there that is masking itself as a “cleaner” app, but what it’s really doing is infecting both your smartphone and your PC. Kaspersky researchers discovered the “cleaner” apps, called Superclean and DroidCleaner, in the Google Play store which makes it all the more scarier. The apps are supposed to free up memory in Android, but instead does an extensive feature set of other harmful things. Here’s a list:[list][*]   Sends SMS messages
[*]Enables WiFi
[*]Gathers information from the device
[*]Opens random links in the browser
[*]Uploads the entire content of your SD card
[*]Uploads arbitrary files and folders to the master’s server
[*]Uploads all of your SMS messages
[*]Deletes all of your SMS messages
[*]Uploads all of your contacts, photos, and coordinates to the master[/list]Once the “cleaner” app is installed and running, it begins listing processes on your device and restarts them in the foreground to make it appear as if it’s really “cleaning” your device. However, in the background, the app downloads three files (autorun.inf, folder.ico, and svchosts.exe) to the root of your SD card.

When you connect your smartphone to your Windows computer, the SVhosts.exe file (Backdoor.MSIL.Ssucl.a) will automatically execute itself onto your PC. It then takes control of your microphone and records you. It encrypts those recordings and sends them back to the master.
It seems older Android versions are especially susceptible
It is those users who use outdated OS versions that are targeted by this attack vector.
With Android, you are often 2-3 releases behind the latest release, and then you are dependent on the manufacturer and then the carrier to release any updates. 
[size=1]Compared to its chief rival mobile operating system, namely iOS, Android updates are typically slow to reach actual devices. For devices not under the Nexus brand, updates often arrive months from the time the given version is officially released. This is caused partly due to the extensive variation in hardware of Android devices, to which each update must be specifically tailored, as the official Google source code only runs on their flagship Nexus phone. Porting Android to specific hardware is a time- and resource-consuming process for device manufacturers, who prioritize their newest devices and often leave older ones behind. Hence, older smartphones are frequently not updated if the manufacturer decides it is not worth their time, regardless of whether the phone is capable of running the update. This problem is compounded when manufacturers customize Android with their own interface and apps, which must be reapplied to each new release. Additional delays can be introduced by wireless carriers who, after receiving updates from manufacturers, further customize and brand Android to their needs and conduct extensive testing on their networks before sending the update out to users.

The lack of after-sale support from manufacturers and carriers has been widely criticised by consumer groups and the technology media. Some commentators have noted that the industry has a financial incentive not to update their devices, as the lack of updates for existing devices fuels the purchase of newer ones, an attitude described as "insulting". The Guardian has complained that the complicated method of distribution for updates is only complicated because manufacturers and carriers have designed it that way. In 2011, Google partnered with a number of industry players to announce an "Android Update Alliance", pledging to deliver timely updates for every device for 18 months after its release. As of 2012, this alliance has never been mentioned since.[/size]
This 'model' is unacceptable in this growing market, where 'smart-phones/tablets' are the becoming the 'normal' way for people to interact with technology and replace their antiquated PC/Laptops over the coming years and decade.

NOTE: The 'l33t' people on this forum will unlikely to be affected, because they know how to 'root' theirs and install the latest firmwares or anti-virus programs.  However, I ask these same people to be cognisant of the danger the 'non-l33t' people are going to be exposed to in the coming years, by being unable to update their phones.

Create new topic
2478 posts

Uber Geek
+1 received by user: 542

Subscriber

  Reply # 756330 5-Feb-2013 21:39 Send private message

nothing new and no surprises its on android been on pc's for years. Interesting an anti virus software manufacturer finds this type of thing, again.

Be interesting to see those that thought you could have a virus free operating system such as android




Galaxy S5 G900F
Samsung (custom)  KITKAT 4.4.2 

Galaxy Gear 2  Smart watch (great gadget )





BDFL
49992 posts

Uber Geek
+1 received by user: 4645

Administrator
Trusted
Geekzone
Subscriber

  Reply # 756333 5-Feb-2013 21:47 Send private message

jeffnz: nothing new and no surprises its on android been on pc's for years. Interesting an anti virus software manufacturer finds this type of thing, again.


Why wouldn't they find? After all they are in the business of finding malware - and selling a solution.

Are they acting in self interest when bringing the problem to the mainstream? Sure. It helps their business. But if they don't, then we risk having a situation where a lot of people have no idea these things exist and will be carrying a pocket full of nasty things.

jeffnz: Be interesting to see those that thought you could have a virus free operating system such   as android


Like those who say Mac OS can't have malware, these people will just say nothing, or accuse the security industry of  being biased.

Most malware these days aren't installed because of OS problems, but mainly because people click [YES] when asked "Do you want to install this software (YES/NO)?" and mainly because there are people too cheap to pay $0.99 for a legit copy of an app.






2478 posts

Uber Geek
+1 received by user: 542

Subscriber

  Reply # 756335 5-Feb-2013 21:56 Send private message

my apologies, silly me to infer that such a company would actually put malicious apps and programs out there so they could make money from it ;)

thank you for the lesson in how such software is installed, I do pay for apps when required as they are so cheap nowadays.




Galaxy S5 G900F
Samsung (custom)  KITKAT 4.4.2 

Galaxy Gear 2  Smart watch (great gadget )





BDFL
49992 posts

Uber Geek
+1 received by user: 4645

Administrator
Trusted
Geekzone
Subscriber

  Reply # 756338 5-Feb-2013 22:01 Send private message

jeffnz: my apologies, silly me to infer that such a company would actually put malicious apps and programs out there so they could make money from it ;)

thank you for the lesson in how such software is installed, I do pay for apps when required as they are so cheap nowadays.


Read this book then you will understand why people are so keen to develop malware. And no, it's not coming from the companies developing anti-malware. It tells the story of Max Butler, how he collected millions of credit card numbers, how he sold these, how he made money out of that. He was sentenced to 13 years, and surely you wouldn't be laughing and coming with conspiracy theories if you had known that bad people are behind malware...








79 posts

Master Geek
+1 received by user: 1


  Reply # 756341 5-Feb-2013 22:04 Send private message

Interestingly AVAST linked me to this article and they offer free AV for Android.

Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

How good is your general Science Knowledge?
Created by Aredwood, last reply by joker97 on 31-Oct-2014 23:44 (39 replies)
Pages... 2 3


Government Limos
Created by networkn, last reply by Bung on 31-Oct-2014 12:39 (94 replies)
Pages... 5 6 7


Snap refuses to replace faulty gear
Created by Brendan, last reply by MadEngineer on 28-Oct-2014 19:07 (92 replies)
Pages... 5 6 7


Sky will be 'upgrading software' of My Sky to connect to internet. What does that mean?
Created by Geektastic, last reply by NonprayingMantis on 31-Oct-2014 23:55 (27 replies)
Pages... 2


Shutup and take my money (via NFC on my mobile phone)
Created by sxz, last reply by sonyxperiageek on 31-Oct-2014 22:34 (24 replies)
Pages... 2


Speed limit when overtaking? Teach me please.
Created by nakedmolerat, last reply by joker97 on 28-Oct-2014 17:13 (123 replies)
Pages... 7 8 9


Uber: a cheaper taxi ride?
Created by kingdragonfly, last reply by livisun on 31-Oct-2014 14:47 (34 replies)
Pages... 2 3


OneDrive code giveaway - go!
Created by freitasm, last reply by pgsheng on 1-Nov-2014 01:50 (33 replies)
Pages... 2 3



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.