Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Android Security News

SMS-Controlled Malware Hijacking Android Phones 94

Posted by samzenpus from the Taking-over dept.
wiredmikey writes "Security researchers have discovered new Android malware controlled via SMS that can do a number of things on the compromised device including recording calls and surrounding noise. Called TigerBot, the recently discovered malware was found circulating in the wild via non-official Android channels. Based on the code examination, the researchers from NQ Mobile, alongside researchers at North Carolina State University said that TigerBot can record sounds in the immediate area of the device, as well as calls themselves. It also has the ability to alter network settings, report its current GPS coordinates, capture and upload images, kill other processes, and reboot the phone. TigerBot will hide itself on a compromised device by forgoing an icon on the home screen, and by masking itself with a legit application name such as Flash or System. Once installed and active, it will register a receiver with a high priority to listen to the intent with action 'android.provider.Telephony.SMS_RECEIVED.'"
This discussion has been archived. No new comments can be posted.

SMS-Controlled Malware Hijacking Android Phones More

SMS-Controlled Malware Hijacking Android Phones

Comments Filter:

  • Re:Not News (Score:0, Informative)

    by Anonymous Coward on Monday April 09, 2012 @12:45PM (#39620067)

    Downloading things from backwater websites has a higher risk of malware being present than downloading from reputable sources

    And yet we hear constantly that the ability to do this is one of the major features of Android - its openness.

    Can't have it both ways, sport. If you want to crow about your openness, you can't downplay the existence and risk of malware like this.

  • Re:NQ Mobile link (Score:5, Informative)

    by tlhIngan ( 30335 ) <slashdot.worf@net> on Monday April 09, 2012 @01:01PM (#39620279)

    I'm having a hard time understanding why anyone would install the typical greyware apps from a random source outside of the android market... seems pretty risky.

    Easy - piracy. It's the same reason people will happily torrent new release games and applications and run them on their PCs, or download Windows 7 to install on a brand new PC. Hell, malware infested versions of OS X and Photoshop abounded a couple of years ago (they installed a botnet client during the install).

    And face it - a large number of places do not support Google Wallet/Checkout/whatever, especially in places like China. They might now, but once a habit is ingrained, it tends to stay such.

    These sites popped up because of that (you couldn't get the app otherwise) and the end result is they florished and people pretty much got used to the idea of "apps are free" - why pay $2 at Play when your favorite app site has it for free within hours? And if you didn't know of any, your friends who told you what phone to get will steer you in the right direction.

    Even Google's DRM thing isn't that effective - I have seen many DRM-cracker apps available on the torrents that remove it from an APK file.

    And let's not even begin to talk about AOSP-based phones which have to be rooted/hacked to run Play - it's often easier to just download the damn app for free than hack in Play or hope that whatever market came with the device (if any) will carry it.

    For those, perhaps many of these stores have their own market apps and they get preloaded, so users don't know any better. Especially if normal developers also use those stores

    Heck, you should see the iOS piracy sites sometimes - they get overrun with people who buy the latest Apple iDevice and plead "HOW DO I INSTALL?!?!? I NEED IT NOW!!!" long before jailbreaks are released (you have to jailbreak to install the modified installer binary to allow unsigned stuff to run). Of course, without that 15-minute Google refund thing, new apps actually have to be bought and paid for, so app selection is far more limited.

    That, and Apple tends to ensure everywhere they can officially buy devices to access the App Store, Apple is right there willing to sell. (The biggest news is that Apple finally allowed Chinese customers pay in Yuan instead of US dollars).

  • Re:So.. How Does it Record Calls? (Score:4, Informative)

    by robmv ( 855035 ) on Monday April 09, 2012 @01:22PM (#39620509)

    ohh please stop trolling and use the Market/Play search box [google.com]

  • Re:NQ Mobile link (Score:5, Informative)

    by mean pun ( 717227 ) on Monday April 09, 2012 @03:12PM (#39621759)

    I've used both platforms, and both seem to have an 'approved' appstore and both can access others by jailbreaking (sic). Even the android phones I used were locked down by the carrier to only use the 'real' appstore. I don't see what the substantive difference is in those kinds of cases.

    Apart from what others have posted: the apps in the Google App store are hardly vetted: any developer can post whatever s/he likes, and it is immediately available in the store. Google may remove the app later on if it breaks some of the rules, and I don't think that happens very often. In contrast, Apple checks every version of every app, and only when it is approved it is published.

  • Re:Missing key information (Score:4, Informative)

    by Critical Facilities ( 850111 ) on Monday April 09, 2012 @03:50PM (#39622121)

    2) How to tell if you are infected

    3) What to do about it if you are infected

    This [avg.com] would probably be a good place to start.

Slashdot Top Deals

Stellar rays prove fibbing never pays. Embezzlement is another matter.

Close