There's been much talk about security on Android in recent months, and it seems likely that it's a subject we won't be dropping anytime soon. Recently, we discovered that Android is susceptible to simple email attachment attacks, and not long before that, Google detailed how it was keeping its Google Play store more secure with its App Scanning utility bundled with Android 4.2. It might be fair to say that Google puts more of an emphasis on security than most companies - recently, we learned about some creative technology that helps to protect users of its Chrome Web browser.
Yet, here we are, talking about yet another new attack that the company likely didn't consider before.
The latest incidents have been tracked by mobile security firm Lookout, which saw malware called "BadNews" bundled with 32 apps. Unfortunately, these apps were available right inside of Google's Play Store, allowing any Android user quick access to them. So why didn't Google's advanced security scanners catch anything? This is where it gets interesting.
Because Google's scanners are good, and thorough, BadNews' developers created an ad network that seemed legitimate, and then had that bundled with a variety of apps. Once the apps were approved and accessible through the store, the ad network turned malicious; it began sending install prompts to users and also took it upon itself to send your phone number and device ID to a remote server. In some cases, AlphaSMS was pushed through - malware which sends SMS to premium lines.
How Google will help prevent this sort of attack in the future, we're not sure. As of the time of writing, all of the affected developers have had their accounts suspended, and it's not clear whether or not they knew of what was going on, or if they were innocent. About 50% of the apps were based in Russia, and the majority of affected users seem to reside there also.
This incident does highlight the need for developers to keep on top of the backends their apps use, however, and also to be extremely choosey about the ones they ultimately go with. A new start-up could very well end up tarnishing your apps, and your reputation.
Im glad the only 3rd party apps (that arent forced on me from the factory) consist of facebook and kik. Save the gaemin for the compooper :v
We get bombing from Russians then cyber attacks on android devices from Russia. I think it adds up
Dont download sshit apps. Problem solved
russians are the new arabs.
Haha, I tend to agree.
hmmmm "been tracked by a mobile security firm".... really it has no name and its a mobile security firm. right so scare people into buying more useless antivirus. got it.
I wouldnt say that...I'm scared of Russians.but I'd piss on Arabs
That is the best idea yet. I am picky about what goes on my PC and my Nexus7. I delete 95% of the mail I get even from my wife. I do not open forwarded mail from any one.
Asus M4A79T deluxe,AMD Athlon II X4 620,SAPPHIRE R9 270X 4GB GDDR5 WITH BOOST & OC,Patriot Viper DDR3 1333 8gb,Creative Sound Blaster X-Fi Titanium Fatal1ty Pro,Diamond ATI TV Wonder HD 650 Comb,Plextor DVD-CD burner,Patriot PS-100 SSD 32gb ,WD 500gb 32mg,Antec Twelve Hundred Full Tower,Antec True Power Quattro 1000watts,Toshiba 40in 1080p for a monitor
The firm's name is in that same sentence, "Lookout". The URL under the post brings you to its site.
Man its just like your computer. Antivirus can help but you have to check what you are downloading. I haven't had a virus in forever by that simple rule. I run the free version of AVG and just keep tabs on what I am downloading and nothing ever happens. Even if I get prompted to download something for android I always check it out and don't let anything auto update unless I trust it like big companies such as facebook or something.
My rig - I7-4770K, ASUS Z87-A Mobo, 16 GB Corsair Ram, AMD 7990 GPU, CoolIT AiO Cooler, NZXT H630
NEWS TIPS |
This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or hisassociates. All products and trademarks are the property of their respective owners. All content and graphical elements areCopyright © 1999 - 2014 David Altavilla and HotHardware.com, LLC. All rights reserved. Privacy and Terms