Malware Posing As Official Google Play Store Evades Most Security Checks 100
DavidGilbert99 (2607235) writes Mobile malware on Android is nothing new, but now security company FireEye has discovered in the Google Play store a sophisticated piece of malware which is posing as....the official Google Play store. Using the same icon but a different name, the malware is not being detected by the vast majority of security vendors, is difficult to uninstall and steals your messages, security certificates and banking details.
Link? (Score:4, Interesting)
Dear submitter,
Link me to an article. I don't want to search for the company's announcement, and I don't want to just take your word for it.
Re:Link? (Score:5, Informative)
Re: (Score:1)
Good luck next time.
Re: (Score:2)
Here is the link: http://www.ibtimes.co.uk/malwa... [ibtimes.co.uk]
I submitted it to Slashdot but it failed to publish it.
Well, that is what editors for and instead we get timothy.
Uh... (Score:2, Insightful)
Re:Uh... (Score:4, Informative)
Re:Uh... (Score:5, Informative)
Umm.. (Score:1)
If you're dumb enough to download the Google Play store FROM THE REAL GOOGLE PLAY STORE THAT YOU'RE ALREADY ON... then you deserve to get some malware.
Re:Umm.. (Score:4, Insightful)
The malware is named "Googl app stoy".
If you're dumb enough to download something spelled that way, you deserve, well, almost anything.
Re:Umm.. (Score:4, Funny)
Citation required
"Apple manages to keen their app store malware free, why can't Google?"
-- BasilBrush, Slashdot comment #47273651
There ya go...
Re: (Score:1)
Re: (Score:2)
Google also allows Android to be set to allow installation from 3rd parties.
So, if you explicitly enabled that, and downloaded something from a shady source ... well, you may have shot yourself in the foot.
If this came from the Google Play store, then Google has a problem. If this came from a 3rd party store, then the user has a problem. And if this came from a vendor's proprietary store the vendor has a problem.
I think it comes down to "where did this package come from, and what did you need to do to in
Re: (Score:2, Informative)
TFA (Which the editor neglected to post) says it came from the official Google Play store.
http://www.ibtimes.co.uk/malwa... [ibtimes.co.uk]
Re: (Score:2)
We couldn't find anything for your search - "Googl app stoy".
Suggestions:
Make sure all words are spelled correctly.
Try different keywords.
Try more general keywords.
Try again.
Re: (Score:2)
Well of course they've taken the malware down now. Duh!
Re: (Score:2)
Isn't that exactly what's supposed to happen?
Malware discovered and removed. News at 11.
Re: (Score:2)
No, removing malware after it's been news on the internet is not what's supposed to happen. What's supposed to happen is that it doesn't get on the store in the first place.
Re: (Score:2)
The sophisticated piece of malware - called "Googl app stoy" - was discovered in the official Google Play store by security company FireEye who then worked with Google to remove the app.
RTFA.
Re: (Score:2)
Re: (Score:2)
Never knew anybody with dyslexia, did you?
Re: (Score:2)
How much does it take before you decide a person has no responsibility in their own problems?
More to the point though. Why are people so interested in things not being their fault? My children are taught that the only place you should look when things go bad is to yourself. What could I do differently to get the outcome I desire? When you have no responsibility in the problems in your life you have no power over their solution. With responsi
Re: (Score:2)
I'm explaining why "Googl App Stoy" might look reasonable to somebody, for perfectly legitimate reasons.
More to the point: why do you want such consequences for people who do something stupid? Bank account pwned, email taken over, that sort of thing. It isn't going to stop people (including dyslexics) from doing stupid and trusting things. You seem to be hoping that bad things happen to people who make mistakes.
Re: (Score:2)
Bad things should happen to people who do not are thoughtless.
Bad things should happen to people that take out a speculative loan on their home hoping the can always refinance.
Bad things should happen to motorcycle riders in tank tops and shorts pulling wheelies.
Bad things should happen to people that get tattoos on their face.
Bad things should happen to a lot of people.
Re: (Score:1)
Citation? My references attribute this to Buddha.
Re: (Score:1)
It did. But let me state right off the bat. For each individual that downloaded and ran Google App Stoy ... Good. Let your bank account be pwnd. Let your email get taken over. I am ok with your life being ruined because you are an unthinking being. Bye.
So when you get older, and maybe get Alzheimers, it's OK if you get ripped off as an easy target, because you are an unthinking being? Or if you travel and end up getting ripped off because you don't read the foreign language very well. In fact it's not just OK, we should all celebrate because you have lost a lot of money.
You know something, by posting what you did there, you've made a pretty good case for you not being a thinking being now. Or at least not a mensch.
Re: (Score:2)
Take a look at the backing crisis. Now given the banks are mostly pieces of shit and should never have been bailed out but ...
Some asshole who took out loan on a house that says you will pay $X for Xmonths then we will raise it to $X for Xmonths on the speculation that the housing market will go up forever and he can make a bunch of money is ok by me. If he wants to speculate to make money I am fine with that. But we need to do HARP for these fucke
Re: (Score:1)
I hope that age will bring you peace.
Re: (Score:1)
So blame the user rather than the Google Play store for listing the app?
Apple manages to keen their app store malware free, why can't Google?
Well, who'd be dumb enough to think that "googl app stoy" is a legit app?
Re: (Score:1)
So blame the user rather than the Google Play store for listing the app?
Apple manages to keen their app store malware free, why can't Google?
Well, who'd be dumb enough to think that "googl app stoy" is a legit app?
Just noticed someone else mentioned it's name as well.. Well, I suppose if downaroder have rearry bad engrish it's possible...
Re: (Score:2)
That's wooly thinking. If your security relies on you spotting a badly spelled app name, you have no security against all those malware authors that didn't misspell their malware.
Furthermore, why did Google not notice the app name and icon ripped off from their own app? Because there is no security on their store. Google will sell anything anyone uploads. Again this cannot happen on the Apple App Store.
Re: (Score:2)
We couldn't find anything for your search - "Googl app stoy".
Suggestions:
Make sure all words are spelled correctly.
Try different keywords.
Try more general keywords.
You mean the malware isn't Google Play itself (Score:5, Insightful)
I mean, with the recent dumbing down of fine-grained authorizations when installing apps, it's Google Play itself that feels like a security liability.
Re: (Score:2)
Because there are 1100 total apps on f-driod, and, at most, a couple dozen are useful and not redundant?
Find me free alternatives to these (Score:2)
I've never gotten an Android app anywhere but F-Droid. I don't know why anyone would.
Because F-Droid carries only free software [gnu.org], and there are several categories of application that aren't going to be free any time soon [pineight.com]. These include (for example) games, applications to view rented movies, and applications to prepare a tax return. What's the free alternative to, say, Sonic the Hedgehog or the Netflix or H&R Block app?
Re: (Score:2)
Re: (Score:1)
That's part of the stupid issue. The 'fine grained permissions' were NOT fine enough and some were grouped in odd places. And of course, App Devs being lazy or intrusive, they ask for exceptionally broad permissions often enough. At least with the fine-grained permissions, you could use a third party tool to revoke individual permissions before running the app.
Really, you're making the main valid point here though: App Devs are making mandatory a lot of permissions that ought not be mandatory. That's bad de
Re: (Score:2)
Perhaps an app dev can answer one question: If I install with a particular permission set, but an optional feature some users might want would require an additional permission, could I not prompt the user for that permission when they want to enable the optional feature? If this is possible, not doing it is not excusable on behalf of the App Devs. If it isn't possible, it is not excusable on the Android Devs part.
It's not possible on Android.
On iOS it's the way it always works. You are only asked for a given permission at the time the app tries to do the privileged thing.
Helper apps (Score:2)
Re: (Score:2)
Re: (Score:2)
I feel for you, I really do. I think that is a true shame that you were allowed to grow up in an environment that made you such an entitled person. One day if you are lucky life will step in and teach you w
Re: (Score:2)
Re: (Score:2)
it tells me what permissions the app wants immediately
Except that lately, Google Play Store has "simplified" apps' permissions to make them less fine-grained.
Why more Android apps are $0.00 (Score:2)
Pretty much every app I try to install wants access to everything to function. I try to install a simple game, it wants access to my phone history, contacts, email, google accounts, and fuck knows what else.
Android phones were sold in some countries before Google Checkout (now Google Wallet). In countries without Google Checkout, Android Market (now Google Play Store) showed only freeware apps. In order to derive revenue from users in those countries, developers had to put ads in their apps. And in order to compete for users with developers that had embraced adware, other developers had to make their apps free as well. Google Wallet has since expanded to far more countries, but the expectation of a freeware p
Re: (Score:2)
Part of the problem is Google itself - when Android was released, the only place you could buy apps was in the US, which mean everywhere else trying to hit Google Marketplace was restricted to seeing free apps. Which means developers end up writing free apps loaded with advertising and having to request
Re: (Score:2)
Some Android devs are trying to do their best to work around it. It requires root, but I highly recommend the XPrivacy tool, which will allow you to restrict what apps can actually contact. I also like using a DroidWall successor as a thing of last resort, especially with apps that are bandwidth hungry, so they get forced to Wi-Fi only and not on the cellular network.
LBE Privacy Guard used to be a good tool, but the successor has yet to be officially translated to English yet.
The bad thing is that apps fr
Shameful what's happened to Android in general (Score:1)
This kind of thing probably wouldn't happen if Android were Free/Libre Open-Source Software. As Google quietly effectively close-sources Android piecemeal, by making it so that parts of the OS, as provided are Google-PROPRIETARY, like the store itself, security problems will abound. It's only natural. To save time, money, and ink, Google's shortened it's motto by one word, and didn't tell anyone. The one word, in case you didn't already guess, is "Don't". They're every little bit as bad as M$ ever was,
Link? (Score:5, Informative)
Exposes a defect in Android (Score:5, Informative)
Android Security (Score:2)
Why doesn't Android have a permissions structure that allows the user to explicitly manage the permissions for each app?
If I want to disable access to the contacts for any given app, I should be able to do that. If it breaks functionality of the app, then that is MY problem, but in most cases, it wouldn't cripple the app; I don't need my shopping list to be able to read my contacts and send premium text messages on my behalf.
Re: (Score:3, Insightful)
Because Google values their ability to sell advertising over user security would be my guess.
Remember, it's their phone, you're only using it under license -- because Google has long since given up any pretense of the whole "do no evil" thing.
I see so many things list their permissions and think "WTF would you need these permissions for, and why on Earth would I give them to you?" And then I cancel the download.
Re: (Score:2)
So, all I have to do is enable apps from outside the official store, download from an unknown site, and then I'll have full access to 1,100 apps!, which almost all also exist in the Play store, which I don't have to enable outside apps and download from an unknown source?
Re: (Score:2)
Google Play doesn't. Go ahead. Provide the link to it -- you can't because it's not there.
Unless I install the developer tools on a separate machine, there's no telling if the downloadable .apk on f-driod matches the provided source on f-droid.
Using f-droid requires lowering your machine's security, and trusting another source -- f-droid, just because you said so.
How to protect yourself (Score:1)
Easy: Don't. Fucking. Install. It.
This is yet another piece of software which the user needs to download, enable installation of third-party apps, and install. Or the user might've installed it from a dodgy app store (in which case their device is likely already a teeming mess of malware).
Either way, the user needs to do something we've spent the last umpteen years trying to indoctrinate people against.
Wake me up when someone starts injecting this stuff through advertisements in web pages.
Re: (Score:1)
This is yet another piece of software which the user needs to download, enable installation of third-party apps, and install.
What do you mean "third party apps"? The summary and TFA claim that this one is in the official Google Play store.
Re: (Score:2)
Good point. Mind you, that kinda makes anyone who installs it even dumber than I would have thought.
Re: (Score:2)
Maybe it came already installed... sounds awfully like one that does (just buy the phone from the ad in the web page...):
http://www.theguardian.com/tec... [theguardian.com]
Banking on Android no way!!! (Score:2)
I've been sticking to my Linux distro for that and felt that it's the best way to function with some security on my end.
Install vector? (Score:3)
So I R'd TFA, and I can't see anything which says *how* you get this. Or if it's in there I can't find it.
I assume it either piggy backs on something else downloaded from the app store, or comes in from someone enabling apps to come from other places.
The fact that an application can even disable the uninstall feature is pathetic.
And, sadly, Google has removed even more permissions control, so this will only get worse.
I still maintain I should be able to go in at any time and remove permissions from apps -- because, quite frankly, why something like a Flashlight needs access to my messages and contacts has always been a mystery.
Re: (Score:2)
LOL, you expect that, in a story about malware on Android that I'm going to trust a link to install software on Android from outside of the Play store?
I think not.
Re: (Score:3)
Yes. And an Android customer. And a Microsoft customer. And a VMWare customer. I've also been a Solaris customer in the past. I've also got Linux and FreeBSD boxes.
And I have a really awesome collection of tin-foil hats.
Did you have some kind of point?
Re: (Score:2)
Clearly you've never heard of the F-Droid project. Go read up on it. [f-droid.org]
FireEye link (Score:2)
"difficult to remove" (Score:2)
Nahh, installing Cyanogenmod is quite easy and can get rid of this malware almost instantly.