Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.



77 posts

Master Geek
+1 received by user: 1


Topic # 114038 5-Feb-2013 21:34 Send private message

If you don't think security is important on your smartphone/tablet ... think again
There’s a new type of Android malware out there that is masking itself as a “cleaner” app, but what it’s really doing is infecting both your smartphone and your PC. Kaspersky researchers discovered the “cleaner” apps, called Superclean and DroidCleaner, in the Google Play store which makes it all the more scarier. The apps are supposed to free up memory in Android, but instead does an extensive feature set of other harmful things. Here’s a list:[list][*]   Sends SMS messages
[*]Enables WiFi
[*]Gathers information from the device
[*]Opens random links in the browser
[*]Uploads the entire content of your SD card
[*]Uploads arbitrary files and folders to the master’s server
[*]Uploads all of your SMS messages
[*]Deletes all of your SMS messages
[*]Uploads all of your contacts, photos, and coordinates to the master[/list]Once the “cleaner” app is installed and running, it begins listing processes on your device and restarts them in the foreground to make it appear as if it’s really “cleaning” your device. However, in the background, the app downloads three files (autorun.inf, folder.ico, and svchosts.exe) to the root of your SD card.

When you connect your smartphone to your Windows computer, the SVhosts.exe file (Backdoor.MSIL.Ssucl.a) will automatically execute itself onto your PC. It then takes control of your microphone and records you. It encrypts those recordings and sends them back to the master.
It seems older Android versions are especially susceptible
It is those users who use outdated OS versions that are targeted by this attack vector.
With Android, you are often 2-3 releases behind the latest release, and then you are dependent on the manufacturer and then the carrier to release any updates. 
[size=1]Compared to its chief rival mobile operating system, namely iOS, Android updates are typically slow to reach actual devices. For devices not under the Nexus brand, updates often arrive months from the time the given version is officially released. This is caused partly due to the extensive variation in hardware of Android devices, to which each update must be specifically tailored, as the official Google source code only runs on their flagship Nexus phone. Porting Android to specific hardware is a time- and resource-consuming process for device manufacturers, who prioritize their newest devices and often leave older ones behind. Hence, older smartphones are frequently not updated if the manufacturer decides it is not worth their time, regardless of whether the phone is capable of running the update. This problem is compounded when manufacturers customize Android with their own interface and apps, which must be reapplied to each new release. Additional delays can be introduced by wireless carriers who, after receiving updates from manufacturers, further customize and brand Android to their needs and conduct extensive testing on their networks before sending the update out to users.

The lack of after-sale support from manufacturers and carriers has been widely criticised by consumer groups and the technology media. Some commentators have noted that the industry has a financial incentive not to update their devices, as the lack of updates for existing devices fuels the purchase of newer ones, an attitude described as "insulting". The Guardian has complained that the complicated method of distribution for updates is only complicated because manufacturers and carriers have designed it that way. In 2011, Google partnered with a number of industry players to announce an "Android Update Alliance", pledging to deliver timely updates for every device for 18 months after its release. As of 2012, this alliance has never been mentioned since.[/size]
This 'model' is unacceptable in this growing market, where 'smart-phones/tablets' are the becoming the 'normal' way for people to interact with technology and replace their antiquated PC/Laptops over the coming years and decade.

NOTE: The 'l33t' people on this forum will unlikely to be affected, because they know how to 'root' theirs and install the latest firmwares or anti-virus programs.  However, I ask these same people to be cognisant of the danger the 'non-l33t' people are going to be exposed to in the coming years, by being unable to update their phones.

Create new topic
2439 posts

Uber Geek
+1 received by user: 501

Subscriber

  Reply # 756330 5-Feb-2013 21:39 Send private message

nothing new and no surprises its on android been on pc's for years. Interesting an anti virus software manufacturer finds this type of thing, again.

Be interesting to see those that thought you could have a virus free operating system such as android




Galaxy S5 G900F
Samsung (custom)  KITKAT 4.4.2 

Galaxy Gear 2  Smart watch (great gadget )





BDFL
49620 posts

Uber Geek
+1 received by user: 4465

Administrator
Trusted
Geekzone
Subscriber

  Reply # 756333 5-Feb-2013 21:47 Send private message

jeffnz: nothing new and no surprises its on android been on pc's for years. Interesting an anti virus software manufacturer finds this type of thing, again.


Why wouldn't they find? After all they are in the business of finding malware - and selling a solution.

Are they acting in self interest when bringing the problem to the mainstream? Sure. It helps their business. But if they don't, then we risk having a situation where a lot of people have no idea these things exist and will be carrying a pocket full of nasty things.

jeffnz: Be interesting to see those that thought you could have a virus free operating system such   as android


Like those who say Mac OS can't have malware, these people will just say nothing, or accuse the security industry of  being biased.

Most malware these days aren't installed because of OS problems, but mainly because people click [YES] when asked "Do you want to install this software (YES/NO)?" and mainly because there are people too cheap to pay $0.99 for a legit copy of an app.






2439 posts

Uber Geek
+1 received by user: 501

Subscriber

  Reply # 756335 5-Feb-2013 21:56 Send private message

my apologies, silly me to infer that such a company would actually put malicious apps and programs out there so they could make money from it ;)

thank you for the lesson in how such software is installed, I do pay for apps when required as they are so cheap nowadays.




Galaxy S5 G900F
Samsung (custom)  KITKAT 4.4.2 

Galaxy Gear 2  Smart watch (great gadget )





BDFL
49620 posts

Uber Geek
+1 received by user: 4465

Administrator
Trusted
Geekzone
Subscriber

  Reply # 756338 5-Feb-2013 22:01 Send private message

jeffnz: my apologies, silly me to infer that such a company would actually put malicious apps and programs out there so they could make money from it ;)

thank you for the lesson in how such software is installed, I do pay for apps when required as they are so cheap nowadays.


Read this book then you will understand why people are so keen to develop malware. And no, it's not coming from the companies developing anti-malware. It tells the story of Max Butler, how he collected millions of credit card numbers, how he sold these, how he made money out of that. He was sentenced to 13 years, and surely you wouldn't be laughing and coming with conspiracy theories if you had known that bad people are behind malware...








77 posts

Master Geek
+1 received by user: 1


  Reply # 756341 5-Feb-2013 22:04 Send private message

Interestingly AVAST linked me to this article and they offer free AV for Android.

Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Moment of Truth?
Created by BarTender, last reply by joker97 on 20-Sep-2014 11:54 (405 replies)
Pages... 25 26 27


Festival of Democracy
Created by gzt, last reply by sdav on 21-Sep-2014 08:38 (116 replies)
Pages... 6 7 8


Mr. Key to extradite Kim Dotcom?
Created by TimA, last reply by SaltyNZ on 18-Sep-2014 09:20 (126 replies)
Pages... 7 8 9


Will My VDSL gets better?
Created by coconuts, last reply by hio77 on 20-Sep-2014 21:32 (28 replies)
Pages... 2


New On Account mobile plans - Red+
Created by NikT, last reply by kawaii on 20-Sep-2014 20:55 (45 replies)
Pages... 2 3


IOS8 - Network Load
Created by FireEngine, last reply by raytaylor on 20-Sep-2014 16:55 (45 replies)
Pages... 2 3


Computer Lounge's Zen Radical
Created by JayADee, last reply by JayADee on 19-Sep-2014 14:51 (15 replies)

Maybe some politicians should go back to school?
Created by jarledb, last reply by DarthKermit on 18-Sep-2014 18:27 (31 replies)
Pages... 2 3



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.