Skip to main content

Android hit by rogue app viruses

Android hit by rogue app viruses

More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times.
The malicious apps were copies of existing applications, such as games, that had been repackaged to include the virus code.
All the apps found to contain the malicious code have now been removed from the Android Marketplace.
Remove and recall
The virus-laden apps were discovered by a Reddit user called Lompolo who realised that one program was listed under the name of a publisher he knew had not written it.
He found that the app, which let people play guitar on their handset, was the same as the original but for a name change and some virus code buried within it.
Lompolo said the rogue apps had been downloaded between 50,000 and 200,000 times since they were placed on the Marketplace.
Lompolo initially found 21 apps bearing the viral code but, according to an investigation by mobile security site Android Police, the final tally is believed to involve more than 50. The apps are also known to be available on unofficial Android stores too.
Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server.
It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
The latest version of the Android operating system, known as Gingerbread, is not vulnerable to the exploits DroidDream uses.
Open access
As well as removing the applications from the Android Marketplace, Google has also suspended the three accounts being used by the developer behind the apps.
It also has the option to use a security tool that can recall and uninstall rogue applications from phones. It is not thought to have yet done this as its investigation continues. Google has yet to issue a formal statement about the rogue applications while it completes the investigation.
Writing on the Trend Micro security blog, Rik Ferguson, pointed out that remote removal of the booby-trapped apps may not solve all the security problems they pose.
"...this remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection," he wrote.
He advised anyone who believed they had installed one of the malicious apps to find out whether they need to get a new handset or re-install the operating system on the one they have.
The open nature of the Android platform was a boon and a danger, he warned.
"This greater openness of the developer environment has been argued to foster an atmosphere of creativity," he wrote, "but as Facebook have already discovered it is also a very attractive criminal playground."

 

Comments

Popular posts from this blog

The 101 Most Useful Websites

Kingston Launches HyperX Plug and Play RAM for Intel PCs

Kingston has released its new HyperX plug and play (PnP) series which is a collection of memory kits that utilize modules which are capable of working at frequencies of either 1,600 MHz or 1,866 MHz. This memory module is designed specifically for use with desktops and laptops powered by the latest generation of Intel Core i5 or Core i7 central processing units.

There are six kits in total, all of them composed of two kits, meaning that modules of 2 GB and 4 GB are used. There are two Dual in-line Memory Module (DIMM) kits, while the other four come in the Small Outline In-line Memory Module (SODIMM) form factor.

The modules are programmed using Joint Electron Devices Engineering Council (JEDEC) compliant settings, allowing 1600MHz and 1866MHz frequency support. It is as simple as plugging in the memory and turning on the machine, as the system automatically recognizes faster memory speed with no further basic input/output system (BIOS) settings required.

Mark Tekunoff, …

Reliance Jio Republic Day Offer: Per day data limit hiked by 500 MB on popular plans

Jio revised its plans earlier this month to offer more data with its popular 1GB data per day recharge packs, and launched new plans with 1.5GB daily data allocation as part of the Happy New Year 2018 offer. However, Jio plans to rejig its plans once again as part of a Republic Day 2018 Offer that it will announce in the next couple of days, Gadgets 360 has learned. Under the new offer, Jio users will get up to 50 percent more data on plans priced Rs. 149 or above. The changes will come into effect at 12am on January 26, 2018. The company’s 1GB data per day plans are priced at Rs. 149, Rs. 349, Rs. 399 and Rs. 449, with validities of 28 days, 70 days, 84 days and 91 days, respectively. However, with the Jio Republic Day Offer 2018, customers will get 50 percent more data as the daily high-speed data cap will be raised to 1.5GB per day. This means the 1GB data per day plans are effectively phased out, at least till the Republic Day offer continues. Similarly, the 1.5GB data per day pla…