Over 60% of Android Malware Hides In Fake Versions of Popular Apps 111
An anonymous reader writes "Like any popular platform, Android has malware. Google's mobile operating system is relatively new, however, so the problem is still taking form. In fact, it turns out that the larger majority of threats on Android come from a single malware family: Android.FakeInstaller, also known as OpFake, which generates revenue by silently sending expensive text messages in the background. McAfee says that the malware family makes up more than 60 percent of Android samples the company processes."
McAfee is trying hard to get into this market (Score:5, Insightful)
Meh...
If you are not smart enough to install non-market Android apps, you have no problem.
If you are smart enough to install non-market Android apps, you know what you are getting into.
With great power comes great responsibility. I think these pieces keep surfacing because the Anti-Virus companies desperately need to get into this market. They see it is the future and they want a piece of it.
Re: (Score:3)
If you are smart enough to install non-market Android apps, you know what you are getting into.
Unfortunately, that is not true. If it did require smarts there wouldn't be a problem.
There are far too many people that are duped into downloading from other than trusted sources.
And it doesn't take a rocket scientist to check that box in settings that allows installation from untrusted sources. Most of these dodgy websites explain exactly what to check and uncheck to get their malware to install. Your average 14 year old teenager as well as your mom can make this change with four screen taps, and inst
Re: (Score:2)
Well, what you mean is "piracy". It's just people pirating apps, just like they pirate movies, music, software, etc.
And piracy always exists, though the extent of which is debatable. Figures tossed around can easily be 90% on PCs and Androids, while "walled garden" devices like consoles, iOS, and Steam are far lower - 10% or so by other estimates. (Though, given that the Wii and PS3 are completely "open" at this point, how
Re: (Score:1)
Re: (Score:3)
The Amazon App Store app isn't on Play so you have to sideload by checking the box in the first place. I haven't seen anything from Amazon saying you should uncheck it after installation for your own protection.
Re:McAfee is trying hard to get into this market (Score:4, Informative)
I haven't seen anything from Amazon saying you should uncheck it after installation for your own protection.
that's because if you uncheck it, amazon app store won't be able to install any amazon app store apps. amazon app store is not a privileged app. all of the apps you install via amazon app store are side loaded.
Re: (Score:2)
And it doesn't take a rocket scientist to check that box in settings that allows installation from untrusted sources.
checking the box in android puts up a sufficiently scary warning first. if you aren't going to read that or choose to ignore it, then you'll get what's coming to you. in the same way you will if you enter your root / admin password every time it pops up in windows / mac / linux.
Re: (Score:2)
checking the box in android puts up a sufficiently scary warning first. if you aren't going to read that or choose to ignore it, then you'll get what's coming to you. in the same way you will if you enter your root / admin password every time it pops up in windows / mac / linux.
Yup, another click thru message that nobody reads, and fewer understand.
The claim was made:
If you are smart enough to install non-market Android apps, you know what you are getting into.
And nothing you've said convinces me that statement is true.
All evidence suggests you don't need to be smart to install non-market apps, and the warning solves nothing.
In fact intelligence is contraindicated for the installation of non-market apps.
Re: (Score:2)
Re: (Score:2)
So Android is becoming the next Windows with regards to user intelligence?
Android at least assumes user intelligence, even if it fails to materialize.
Apple just denies the possibility of user intelligence and spoon feeds you. For their customer base, they are probably correct.
Re: (Score:2)
Re: (Score:2)
I wonder if any developer has released the same IQ testing app on both iOS and Android. It's be very entertaining to see the stats for each platform. I'm sure we all have our own biased perception of which way that would go!
Re: (Score:2)
The IQ test is performed at the sales counter.
Re: (Score:2)
Shame they don't apply an IQ test for /. posters.
Re: (Score:2)
Or you are doing it because your technical friends have touted this as a must have feature that clearly makes Android superior to "walled gardens".
Re: (Score:2)
... or you believe in the statement "those who would trade freedom for security deserve neither".
Re: (Score:1)
Because Google make it awkward (Score:1)
Well...
I'm on a boat with no WiFi and no admin to tether via USB. I could plug in an access point and get myself in trouble but I'd rather not. There's a similar problem when travelling in general.
I'd like to be able to go to Google Play, get the .apk, scan it online or using a PC rather than using battery power on the phone itself and transfer it across to my phone. Google make it difficult to do that.
So then we look at alternative app stores but how safe are they?
Then, finally we cave and after finding it
Re: (Score:2)
Any action by the app which could cost a user money or reveal private data should be tested against the trust. For example, perhaps SMS messages are outright banned for untrusted apps and are put in a quarantine queue, but for Play store apps maybe domestic SMSs are permitted but not international ones and so on. Certain actions like dialling numbers could b
Re: (Score:2)
That's what I was thinking. Many of the posts are trying to tell me that I'm stupid because I just want something to work for a change.
if there was no malware (Score:1)
Re: (Score:2)
then there is no need for McAfee and CO. Makes you think!
McAfee is that nag-ware that comes pre-installed with all those new computers, right? So what does that have to do with malware?
It does slow down your machine, but you can usually uninstall McAfee without needing any anti-malware tools.
Wow (Score:2)
Thank you Captain Obvious! Who would have thought to hide malware in a known program? [wikipedia.org]
NOT apps on Play (Score:5, Informative)
Top of article:
End of article:
So in essence this article is a nearly-worthless scare piece. Unless you're downloading "pirated" versions of (presumably) commercial apps from a shady source, this article isn't relevant. But then, it's a McAfee article, so surprise.
Re: (Score:2)
Re: (Score:2)
Exactly. As long as you stick to Google's walled garden, you're safe.
what about Amazon's app store?
How does an expensive SMS make them money? (Score:3)
Someone help me with that one. So it tricks users into sending an expensive SMS. So how in the world does that enrich the hackers? I pay my SMS fees to AT&T. Are we saying that AT&T is behind these attacks?
Re:How does an expensive SMS make them money? (Score:4, Informative)
Premium messaging services. Like those "text "joke" to 55555 for a joke of the day" ads on TV or donate-via-text things. The carrier pays them, and tacks that charge onto your bill.
Re:How does an expensive SMS make them money? (Score:5, Funny)
Premium messaging services. Like those "text "joke" to 55555 for a joke of the day" ads on TV or donate-via-text things. The carrier pays them, and tacks that charge onto your bill.
Hmm.. The malware dials a premium number, and the carrier charges you and sends the money to the holder of that premium number. If we could just track down who that is, we could find out just how much ill-gotten gains they've received. If there was just a way to identify them.
Re: (Score:2)
Or turn the problem around: if one provider of telecom services is ever condemned without any other proof than the fact they benefit from a hack, the bad guy just change their business model to extortion.
Re: (Score:2)
You would still have to prove that they are responsible for the hack. The fact that their legitimate (if silly) business benefits from some hacked code does not prove they are responsible for the hack.
Mebbe. But in the US, much property is seized without any proof of a crime. Google "asset seizure" [duckduckgo.com]. Once that happens, it's "guilty until proven innocent", or sometimes "guilty even if you are proven innocent." Of course it's abuse, but law enforcement agencies do it all the time (for one thing, it's very lucrative for the agencies). Why should this be any different?
Of course, I'm now going to have to go on the run from Google's lawyers, for using the word as a generic verb.
Re: (Score:2)
Typically the number is in a foreign country. The domestic carrier has a duty to pay the foreign carrier, who then pays the fraudster. The domestic carrier has no right to know the identity of the fraudster. The only way to make progress is to deal with the foreign carrier. They might shut down the premium rate number due to complaints, but they'll tend not to because they are making money from it too. There's almost no chance they'll refund you. There's always the possibility of taking legal action in the
Re:How does an expensive SMS make them money? (Score:4, Interesting)
The malware sets the phone to use third party SMS gateways
Those gateways deliver the SMS message to the recipient's carrier, and bills that carrier for the service [tutorialspoint.com]. You might be none the wiser, but your carrier is paying for that incoming message via bilateral agreements or "Hubbing [wikipedia.org]".
Re:How does an expensive SMS make them money? (Score:5, Informative)
And you can block these too. Call your carrier and ask from them to disable Third Party Billing. I know AT&T and Verizon do it for you, when you ask. No more "premium sms charges", no more "premium sex line charges"
Re: (Score:1)
Seeing as 99% of consumers Don't use these premium services anyway third party billing should be opt~in, no?
Re: (Score:2)
Think 900 numbers, but for SMS.
Think those "donate to Obama, send a text to XXXXX", or "donate to the Red Cross for Haiti"
What a beat up (Score:1)
You can tell a beat up a mile away when it attacks one thing as the problem when the issue is an attribute shared by many things. The problem here is the stupid app store model. It means you get a core of apps ranked by popularity. It goes out information on which apps to attack. Then it provides a distribution vector for the malware that hides chaff amongst the grain. The problem isn't android, or the stores it uses, or android manufacturers but its the entire app store model. Android or apple or blackberr
Re: (Score:2)
Your conclusion doesn't match with reality. There has been virtually no malware for iOS. Yet for Windows, which doesn't use the app store model, viruses have been a perennial problem.
The solution, of course... (Score:3)
The solution, of course, will be to buy Macafee's Android security offerings.
Re: (Score:2)
An excellent product. It works by slowing the system down and draining the battery. A phone that can't be powered on can't rack up premium SMS charges.
Yet another reason SMS should die (Score:4, Insightful)
It's 2012 - most phones can connect to a mail server over 2G, 3G or wifi.
Why are we still messing around with a 140-character hack that belongs in the 1990s and which requires the recipient to be using a phone?
Just send an e-mail.
Re: (Score:3)
Because email is pull based and sms is push based.
Re: (Score:3)
email and IM are pushed based as well. it's push based at a higher level in the software stack but the end user doesn't care. well, they care because the email is free and the text is not (often, in the US).
Re: (Score:1)
It is 2012 - landline phones don't know what 2G or wifi is.
Re: (Score:1)
It is 2012 - landline phones don't know what 2G or wifi is.
It is 2012 - What is this landline phone you speak of?
Legitimate app store is much better? (Score:2)
Some of the legitimate apps at the legitimate app store have messed up policies as well:
Mass Effect Infiltrator: needs to be able to change network connectivity, modify system settings, read phone status and ID and be able to read my contacts. Why?
Order & Chaos online: needs to be able to edit text msgs, read txt msgs, receive txt msgs, change network connectivity incl connecting+disconnecting from wi-fi, disable my screen lock, send SMS messages, read phone status and ID, and run at startup. Why?
I sk
Re: (Score:1)
I wish google would stand its ground on this issue and deny those apps with messed up policies until the developers fix that. If it is not required for the core functionality of the application then it should be blocked at OS level.
Re: (Score:1)
Google does not have a human review the apps before they go on the store. There are pluses and minuses to this.
The application will tell you if it wants various policies, and you need to determine if you want to install the application based on that. It requires a degree of personal responsibility on your part, of course.
Plah Plah (Score:1)
[quote]"Like any popular platform, Android has malware. Google's mobile operating system is relatively new, however, so the problem is still taking form. [/quote]
Code user base size doesn't have any effect for amount of malware in software, because the amount of malware is about code quality.
If you have perfect code, you can not write anykind malware code against it.
Now in Android case, what by the way isn't operating system but a software system what uses the Linux operating system, the problem is on troja
So the "walled garden" is OK then (Score:1)
Google will clamp down on app approval and everyone on Slashdot will cheer Google as the savior, yet these same people will hypocritically bash Apple for taking the correct approach all along.
Re: (Score:2)
No, it will not cheer. Nice strawmen you got there. If you are talking about apple fans and them cheering when Jobs (hypothetical Jobs) decides to open up Apple market, I would agree, but not about Android Fanbois (not because I dont like apple or I like Android, but just based on the past responses of both Fanbois)
Re: (Score:2)
RTFA? this, and every other android malware report is with apps "side-loaded", which means installed from non-google play sources.
what a headline! (Score:2)
Its partly Google's fault (Score:1)
Many of the applications I need are labeled as "not available in your country"! or falsely labeled "incompatible with your phone".
The only solution is to find a copy from elsewhere on the internet, some of which are bundled with malaware. I am not talking about pirated apps. I am talking about free apps. Many paid apps are also not available but their free counterpart is.
Opensource my ass. Android is the swiss cheese of security and not much different from the old Windows OS in that sense. Add to that that
Thoughts of an Android developer (Score:2)
Some say they first try the pirated versions for any problems before buying the real ones... Here's the thing:
- most Android apps don't cost more than a cup of coffee. Pretty cheap, considering the long hours of work needed to get some type of decent software on that platform.
- at Google Play, you can try an app for
Re:Not a problem iOS users have. (Score:4, Insightful)
And there is less crime we we force everyone to never go out.
But, you enjoy your shiny toy and take whatever the deem you worthy of having.
Re: (Score:1, Troll)
There's certainly less crime if you live in a decent neighbourhood, with police who can take action against the occasional wrong-doing.
Android is living in a ghetto.
Re:Not a problem iOS users have. (Score:4, Informative)
Rooting an iphone and installing apps from strange sources in Android are both like living in the ghetto. Using an unrooted iPhone is like living in a jail (mmm, I wonder where I got this analogy from.). Using Android and installing apps only from Play Store, Amazon store, and app you write/your friends write, is the real equivalent to living in a decent neighborhood.
Re: (Score:3)
"The answer is a single walled garden" is the part that amazes me. Walled gardens, or peer reviewed software are good answers, but a single one? I'm utterly amazed that people will voluntarily pay a lot of money to be locked into a single software market on hardware from a single supplier. It very rarely ends in a happy consumer in the long run. Why not allow alternative markets? Make people *want* to use your software market, don't force them to.
Re: (Score:1)
Re: (Score:2, Funny)
Android is living in a ghetto.
Honest question:
Does describing Android this way make you feel better about your iPhone purchase?
--Jeremy
Re: (Score:2)
would you rather have a door with a lock, or a brick wall protecting you from the outside? clear enough?
Re: (Score:2)
When criminals break in, do they come in through the locked door, or through the wall?
Answer: Almost always they smash down or pick the lock of the door.
Conclusion, the wall is safer than the door.
Re:Not a problem iOS users have. (Score:4, Insightful)
Re: (Score:3)
You can't have it both ways. You can't cite the multiple stores of Android as an advantage, and then say that it's the user's fault they get viruses when they use these multiple stores.
Re: (Score:2)
You can't cite the multiple stores of Android as an advantage
He didn't, but nice strawman anyway :P
Re: (Score:1)
... their app submission guidelines are fairly open and transparent, ...
That is simply not true. Apple submission guidelines are ambiguous and their official interpretation of it is a secret. Once you are refused you have no way of knowing why or how to fix it. There are plenty of examples in the media of developers who, after having an app rejected, try in vain to get an answer from Apple on why exactly the app was refused. Most of those cases the developer simply loses all hope and abandon the app, losing months of development.
Re: (Score:2)
Your comment is false. Apple has clearly stated the vast majority of their app rejections are due to quality issues (bugs, mostly). And their guidelines are published, as GP stated (me, actually, just didn't bother to log in at the time).
Controversial cases, like you suggest, are actually rare and in those cases we almost never publicly receive Apple's POV.
Re: (Score:1)
As I said before, their guidelines are published, but their interpretation of the guidelines are not. So that is not an open and transparent process.
It would be the equivalent of a country having public laws, but having all case records and jurisprudence sealed for everyone but the judge and the prosecutor. Then, if you lose in court, they just say “you lost” without giving you details, so you have no base to mount your appeals.
Re: (Score:2)
It's a store, not a national justice system. How many stores make public their deliberations about what products to stock? The Apple App Store is exceptional in having a published list of reasons for rejection, and an individual reason for rejection given to each developer who's product was rejected.
For sure it's not easy to engage them in an email dialog on the finer points of what's acceptable and what's not on the fringe of the rules. But they are still pretty much the most open and transparent store in
Re: (Score:2)
Once you are refused you have no way of knowing why or how to fix it.
Actually, once you are rejected, usually you get a pretty straightforward explanation of why, and how to fix it. You just don't hear of those. You hear about the tiny fraction where something went wrong.
Re: (Score:3)
Actually, it's what you are saying that isn't true. It's clear you have never been an iOS developer.
I've had apps rejected 3 times. Once it was a crasher bug that the reviewer spotted that I hadn't. (Mea culpa). Once was a wording issue. And one was a button that in a certain edge case should have been disabled and wasn't.
In each case the problem was spelled out clearly. Clearly I had to stop that crash, disable that button in that certain circumstance, and change the wording. Now of clearly they didn't tel
Re: (Score:2)
A platform with lots of viruses. How quaint. Android truly is the Windows PC of mobile phones. The answer is a single walled garden.
Actually, the answer is reading comprehension.
But, yes, this is slashdot, so nobody reads TFA, and even fewer comprehend.
Re: (Score:2)
"When a victim requests an application from a fake market"
Guess *you* didn't read it.
Re: (Score:2)
The answer is a single walled garden.
Just one iDevice? I expect that someone who feels that a walled garden is the way to go would own at least 3 iDevices.
Re: (Score:2)
A platform with lots of viruses. How quaint. Android truly is the Windows PC of mobile phones.
Well, if by that you mean that Android has a vast majority of the market share (>80%), and thus is a much, much bigger target, then yes.
Remember those "PC vs Mac" commercials from way back when, where the "Mac" guy kept droning on and on about not having viruses? Whatever happened to those? Oh, that's right, OSX finally reached a point where it had a less-than-insignificant market share, so it became worthwhile to write malware for the platform.
The answer is a single walled garden.
If the question is, "What's a really good way to keep funn
Re: (Score:3)
Android does not have >80% market share. It's something just over 50%. Windows had more than 95% at it's peak. So no, that wasn't the point of similarity. The point of similarity is it's a Typhoid Mary platform.
iOS isn't prone to malware and it's because of it's walled garden and app sandboxes, not because of marketshare.
Re: (Score:2)
Okay, idroid, I'll bite. Android sales are 8.4:1 over iPhones. That's 84 android devices sold for every iPhone. The iPhone has lost and no amount if fudging figures like that to be merely 'over 50%' will hide the fact the iPhone has been relegated to the place of the 1997 macintosh.
Just curious, what's your source on this, and does it include iPhone 5 sales?
Re: (Score:2)
Re: (Score:2)
Android does not have >80% market share. It's something just over 50%.
Whoop, you're (kinda) right, shoulda RTFA'd my own link:
— Android (Google Inc.) — 104.8 million units, 68.1 percent share (46.9 percent a year earlier)
— iOS (Apple Inc.'s iPhone) — 26.0 million units, 16.9 percent share (18.8 percent a year earlier)
— BlackBerry (Research in Motion Ltd.) — 7.4 million units, 4.8 percent share (11.5 percent a year earlier)
— Symbian (mostly used by Nokia Corp.) — 6.8 million units, 4.4 percent share (16.9 percent a yea
Re: (Score:2)
Hmm... IDC market share stats are improving. As a one time Symbian engineer, I've followed mobile market share for over a decade, and found Canalys to be much more reliable than IDC. But this time the stats are very, very similar.
http://www.canalys.com/newsroom/stellar-growth-sees-china-take-27-global-smart-phone-shipments-powered-domestic-vendors [canalys.com]
Re: (Score:1)
Re: (Score:2)
Be confident--you never have to check for security updates. After all, your in your new magical garden. It will magically stop all security vulnerabilities. No need to follow any security news.
It's rather amusing that what you meant as sarcasm is actually literally correct. Sysops for enterprise systems need to follow security news and check for security updates. But there is something seriously wrong with a phone platform that would require you do do that. For phones, security improvements should be just rolled up in OS updates, and those should be got on to the users phones in the most trouble free way possible. That's exactly what happens with iOS.
But all that is parallel to the major security
Re: (Score:1)
wow your retarded.. you know this is all caused by users leaving googles walled garden? I feel sorry for you being stuck in yours...
It has been stated before, if your dumb enough to install from unknown untrusted sources, you get what you deserve... its not the devices fault because the user was stupid..
The irony, it burns!
Are there grammar apps in the Google Play store or do you have to sideload them?