Forgot your password?
typodupeerror
Android Cellphones China Handhelds Security IT

Android Botnet Infects 1 Million Plus Phones 92

Posted by timothy
from the click-here-to-download dept.
Trailrunner7 writes "Up to a million Android users in China could be part of a large mobile botnet, according to research unveiled by Kingsoft Security, a Hong Kong-based security company, this week. The botnet has spread across phones running the Android operating system via Android.Troj.mdk, a Trojan that researchers said exists in upwards of 7,000 applications available from non-Google app marketplaces, including the popular Temple Run and Fishing Joy games." Update: 01/19 12:54 GMT by S : Changed summary to reflect that these apps didn't come from Google Play.
This discussion has been archived. No new comments can be posted.

Android Botnet Infects 1 Million Plus Phones

Comments Filter:
    • by sjwt (161428) on Saturday January 19, 2013 @06:59AM (#42632875)

      And excellent wording for FUD... after all "up to 1 million aliens *could* be controlling the worlds governments"

    • by SternisheFan (2529412) on Saturday January 19, 2013 @07:00AM (#42632881)

      Thank you! These 7000 plus apps were 3rd party apps that were not downloaded from Google Play.

    • by AmiMoJo (196126) * <mojo AT world3 DOT net> on Saturday January 19, 2013 @07:20AM (#42632917) Homepage

      Since most people are too lazy to RTFA the malware infected apps are actually on China Mobile's own app store, not Google Play.

      It looks like another case of a company thinking "everyone has an app store, we should get one!" but not realizing there is a need to actively police it.

      • by rjr162 (69736)

        The original article they linked to iirc was some smaller website that did list Google play

      • It looks like another case of a company thinking "everyone has an app store, we should get one!" but not realizing there is a need to actively police it.

        Yet, in the past, Slashdot has held that's not a bug, but rather is a key *feature* of the Android ecosystem - the ability to leave the walled garden and wander in the wilds.

        • by Anonymous Coward

          And it still is?

          Consider there are plenty of application stores like GetJar, Amazon, MiCandy that have never suffered an infection because they're reputable...

          It's like you go to a drug dealer cartel and not expect them to have drugs or weapons. Some people can't be trusted to keep you safe.

      • by Clsid (564627)

        In this case, either China Mobile provides the store or they include a third party since Google Play does not work in China. I would actually feel safer to use something from China Mobile given they are the largest carrier, but this incident proves that if you are in China, you are better off using a Windows Phone or an iPhone, even if they are outrageously expensive over there.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      Everybody knows Chinese people always download from Chinese pirate sites. You can get everything for free. Including infected.

      • by mysidia (191772)

        The virus/malware authors though, might not appreciate you pirating their software, and may sue as a result....

      • by koxkoxkox (879667) on Saturday January 19, 2013 @09:02AM (#42633177)

        Chinese users often have no choice, as Google Play is often not present in the phone. Manually installing it is quite complicated.

        • I love it! I'm sure they made damn sure apps like orbot (tor) are not available, but they could care less if malware gets through.
    • by Anonymous Coward

      Not in Google Play at all.

      Not this time.

      But there were cases of malware in the official Google store as well.

    • Considering those are all Chines phones, that's not really surprising. Most "Android" phones sold in China don't have access to Google Play.

      Which is the real problem here: Google has walled them out of their garden and forces them to go to even unsafer places.

  • Not from Google Play (Score:3, Informative)

    by Anonymous Coward on Saturday January 19, 2013 @07:00AM (#42632879)

    Actual BBC story:"Trojan had been found in more than 7,000 apps downloaded from _non-Google-owned_ stores."

    It's a bit weird that neither the submitter nor the threatpost author thought it strange that thousands of popular apps on Google Play would include a trojan that has been known about for over a year?

    • Re: (Score:1, Insightful)

      by Savage-Rabbit (308260)

      Actual BBC story:"Trojan had been found in more than 7,000 apps downloaded from _non-Google-owned_ stores."

      It's a bit weird that neither the submitter nor the threatpost author thought it strange that thousands of popular apps on Google Play would include a trojan that has been known about for over a year?

      It's a bit ironic that fAndroids, who have been criticising Apple's walled garden for years, are now criticising other Android users for making full and enthusiastic use of the freedom of the Android platform to download apps from anywhere they damn well please rather than only dealing exclusively with Google owned or Google sanctioned stores. Not to say that walled gardens are a good thing but this discussion is nevertheless quite amusing since it tacitly admits that walled gardens, for all their other fau

      • by berashith (222128) on Saturday January 19, 2013 @08:48AM (#42633143)

        This is a simple case of "just because you can, doesnt mean you should". I like the OPTION of loading apps from anywhere. I also pay attention to what gets installed and where. I turn off the alternate installation locations unless I am actively installing something. The people who want pay apps for free just pay a price that isnt money, and their stupidity should have no impact on my ability to be allowed to use my device as I want. No need to force your draconian bliss on the rest of the planet.

        • by peragrin (659227)

          As was shown in the 70's you never know that the source your using is actually trusted.

          Just because the source is good doesn't mean the compiler was.

          many an infected and ultimately untrustworthy app was been downloaded from google play. Google like apple though monitor them and updates get pushed through so widespread failures are rare.

          Draconian bliss can be used for good. The trick is balancing out the Draconian rules with fairness.

          • by berashith (222128)

            this is true, but there is a big difference in the monitored stores and the bootleg stores that people are getting infected in. The google owned store could have junk inserted from a bad compiler, where the chinese free stores have intentional malware inserted.

      • by Anonymous Coward

        fAndroids...are now criticising other Android users for making full and enthusiastic use of the freedom of the Android platform to download apps from anywhere they damn well please

        I haven't seen anyone doing that.

        Not to say that walled gardens are a good thing but this discussion is nevertheless quite amusing since it tacitly admits that walled gardens, for all their other faults, are an efficient way to filter out malware.

        And a sledgehammer is also an amazingly efficient way of cracking a walnut. "All th

        • by Cinder6 (894572)

          And a sledgehammer is also an amazingly efficient way of cracking a walnut. "All their other faults" is a nice way of glossing over glossing over the fact that the cons of a walled garden outweigh the pros.

          That's rather subjective, isn't it? I would imagine that Apple's "walled garden" approach works just fine for most of its users. You do see a lot of complaining, but keep in mind that people are more likely to go to a forum to complain than to say everything's great.

          For myself, as an iOS user, I have only been miffed with Apple's policies three times. The first was MyWi, but that is probably due more to the carrier; the second was Swype, but now that Siri's out I pretty much use voice dictation for my ph

      • There's a difference between curated and walled.

  • by MassiveForces (991813) on Saturday January 19, 2013 @07:03AM (#42632891)
    Imagine if botnets were put to benevolent uses, like distributed computing projects. Seriously forget credit card data - nobody has any money these days. Process some folding at home and collect some Nobels.
    • I thought for a minute you wrote forge Credit cards: The I remembered the Search for Expoitable Transaaction Information project. Yes, botnets really can work for the dark side!
    • Imagine if botnets were put to benevolent uses, like distributed computing projects.

      Distributed computing botnets would run up a CPU bill, causing the user to click "What has been using my battery?". That's why, for example, the Distributed.net client didn't get ported to PDAs and the like.

    • Imagine if botnets were put to benevolent uses, like distributed computing projects. Seriously forget credit card data - nobody has any money these days. Process some folding at home and collect some Nobels.

      Yeah, sure. Drain some million Chinese guys phone battery, so somebody else can get a Nobel Prize.

  • Alright, not exactly dialup. But close enough for making the comparison on slashdot.

    Should be interesting, trying not to make too much of a mess to avoid running the bots out of traffic allowance and/or running up the punters' bills enough to notice something is amiss.

  • If it was china I wouldn't be surprised if those rootkits were backed by chinese officials.

  • Microsoft VIA Member [kingsoftsecurity.com]

    "Kingsoft Internet Security 9 Plus is a complete package with Anti-Virus, Anti-Spyware, and Firewall applications, providing a complete solution to protect your computer system against the latest online threats. link [kingsoftresearch.com]

A committee is a group that keeps the minutes and loses hours. -- Milton Berle

Working...