Mobile Spyware Conferences Into Your Calls 105
wiredmikey writes "Reports of Multiple Variants of Android Virus 'Hong Tou Tou' are showing up, which has mainly been working its way onto smartphones via alternative app marketplaces.
Today, we saw reports of a new variant of spyware "Spy.Felxispy" targeting Symbian devices, identified by the National Computer Virus Emergency Response Centre of China. More than a dozen variants of the spyware have emerged since the first was spotted, and the latest has affected 150,000+ devices. Once installed, the spyware will turn on the Conference Call feature of the device without users' awareness. When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation."
Re:I hate to say it (Score:4, Insightful)
Nope.
Non-techy users can still use Android marketplace. If you believe yourself to be a tech user and want to try something else, you can feel free to do so. But its your risk.
Also there are tons of other reasons why a closed up marketplace sucks. If you don't want to pay the 30% to apple and sell the product from your own website - tough luck! Amazon is planning their own app store - they can't do it with apple.
Re:Well... (Score:4, Insightful)
Say what you will about Apple's "walled garden" but I don't hear of such things on their AppStore.
It happens just by businesses rather than "cybercriminals" http://www.readwriteweb.com/archives/dear_iphone_users_your_apps_are_spying_on_you.php [readwriteweb.com] And of course all platforms have had some sort of remote exploit http://news.cnet.com/8301-27080_3-10299378-245.html [cnet.com] Conclusion: "walled gardens" for apps just provide a feeling of security, while giving up the user-freedom of installing any app. Personally I prefer the freedom and am (so far) very happy with the homebrew community support offered by Palm (and now HP) http://www.precentral.net/hp-donates-server-homebrew-webos-internals-group [precentral.net]
But... why? (Score:5, Insightful)
When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation.
To what end? Does it record the call and then transfer the audio somewhere? or is there a whole army of hackers waiting to 'listen in' on the calls as they get conferenced to some central numbers. Oh, and what are these numbers and has anybody tried calling them?
Or does it just add costs to your call by turning it into a conference call? If so does one particular Telco benefit?
Re:Virus? (Score:5, Insightful)
I know most /.ers don't RTFA
I was just leading readers along a path that ends with questioning the alarmist nature of the SecurityWeek article.
Its not a Virus, it doesn't propagate itself. You only get this Trojan by going to a unsecured website (A Chinese one at that) website and downloading it from there.
In other news, iPhones are dangerous when eaten.
Re:I hate to say it (Score:4, Insightful)
Actually, non-techies can use alternative marketplaces as well, just as non-techies can jailbreak their iPhones and even use ssh.
Technology skill level is not a factor - if all you have to do is follow a bunch of steps to get what you want (free apps, free pr0n, whatever), you'll find the number of people who do it suddenly rise.
Why do you think a lot of jailbroken iPhones have default passwords set? The people jailbreaking them just followed instructions of "Download program X, run this, click that, click that, then wait 10 minutes. When you're done, reboot your phone, tap this icon, tap this thing, type this, tap that, blah blah blah". And before you know it, they've installed openssh, ssh'd into their phone and done a bunch of things, to get whatever they needed, but also left their phone vulnerable.
Androids are no different. They may tell their friends that they got some new cool Android phone, and their friend tells them "hey, follow this link, it'll tell you how ot get some great apps for free", and they'll just blindly follow the instructions.
It's even why all those people dismissing those trojans and botnets infecting chinese alternative marketplaces as irrelevant are wrong. If those chinese marketplaces are offering stuff people want (free apps - why pay for them?), you'll find people will do it. Even if you warn them "Don't ever use this app" or "that site contains nothing but viruses", you'll find them accessing it if some web page tells them to.
Anyone's who had to clean up their parent's PC or their kid's PC for the Nth time already know this, and it seems if you put a block up, they'd find a way around it. (Not unlike the behavior of tech savvy people when they encounter a block). Sure they won't ask you why they can't access their favorite virus-installing pr0n site anymore, they'll ask their friends who'll give them a bunch of proxy servers and crap.
There is no solution, either - it's fundamentally a social problem. People jailbreak because they seem some cool app not in the App Store. People install alternative marketplaces to get that 99 cent app for free.
No technological hurdle is too high if you have someone wanting something, and someone providing that thing they want. As long as someone somewhere has written a set of steps on how to do it, it will happen.
Even more annoying is these people will follow those steps to the letter while your steps and instructions are ignored.