Android Trojans and Security Concerns

Discussion in 'Android General Discussions' started by qat, Jan 3, 2011.

  1. qat

    qat New Member

    Joined:
    Apr 22, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Ratings:
    +0
    I'm sure everyone is aware of the very real privacy and security concerns associated with downloading and installing new applications that aren't verified, so on and so forth. Has anyone else seen that China is a breeding ground for malware for this platform? It'll be in our backyard before you know it.

    I'm interested if you guys have more insight into how this stuff works and how it proliferates the phone!

    PC Magazine - Article on 'Most Sophisticated' Android Trojan
    CNET - Article on SMS Spamming Malware
    Gizmodo - First Droid Trojan Found

    Share your insight. If you're a phone oriented technical person, don't dumb it down, please.
     
  2. UrbanBounca

    UrbanBounca Rescue Squad
    Staff Member Rescue Squad Premium Member

    Joined:
    Sep 25, 2010
    Messages:
    2,732
    Likes Received:
    196
    Trophy Points:
    143
    Location:
    Virginia
    Ratings:
    +237
    I posted it the other day, and everyone blew it off. It will become a serious issue, but people can't see the big picture.
     
  3. Quicksilver7714

    Quicksilver7714 Super Moderator
    Rescue Squad Premium Member

    Joined:
    Jul 2, 2010
    Messages:
    2,437
    Likes Received:
    60
    Trophy Points:
    113
    Ratings:
    +60
    All I have to say is be careful of what you download. When you start downloading apps from third parties, and third party apps, that's when problems start to occurr at higher rates.

    Sent from my Droid using DroidForums App.

    1.)http://www.droidforums.net/forum/re...-dummies-guide-android-terminoligy-lingo.html
    2.)http://www.droidforums.net/forum/rescue-squad-guides/70875-what-you-need-know-about-rooting.html
    3.)http://www.droidforums.net/forum/re...08-multiple-phones-root-them-unroot-them.html
     
  4. qat

    qat New Member

    Joined:
    Apr 22, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Ratings:
    +0
    Well, lets start with some of the information that these people can grab from your phone:

    • Phone Number
    • E-Mail Address
    • Installed Applications
    • Ring Tones
    • Pictures
    • Contact's Phone Numbers
    • Web Browser History
    • Incriminating Text Messages (blackmail)
    • Saved Account Passwords (Twitter, Facebook, GMail, Flickr, Tumblr, and anything that's stored in your phone's web browser)
    • GPS Tracking of everywhere your phone goes....
    They can then sell all of this information to other people to market other products to you. Those pictures of your girlfriend/wife could end up on one of my websites, or if you bring your phone with you to work, there's an opportunity for network infiltration by using your phone as a tunnel to the network....

    Nobody cares? Really?

    Sorry, call me paranoid pete, but a mobile device that has been hijacked is a much greater concern than a stationary computer to me.
     
  5. IanG

    IanG Member

    Joined:
    Dec 26, 2009
    Messages:
    224
    Likes Received:
    1
    Trophy Points:
    18
    Ratings:
    +1
    I understand you're more concerned about malware and whatnot on your phone rather than your PC but...

    There are THOUSANDS and THOUSANDS of malware/spyware programs for your PC where you have pictures/perform banking transactions/make purchases/search personal information, but you don't freak out.

    There is like 2-3 malware/spyware programs for your phone and you're crapping bricks.

    Just relax IMO, don't be an idiot and download a wallpaper app that has access to *EVERYTHING* on your phone, and you won't have anything to worry about.
     
  6. vatothe0

    vatothe0 Member

    Joined:
    Dec 9, 2009
    Messages:
    611
    Likes Received:
    6
    Trophy Points:
    18
    Ratings:
    +6
    If only you were told what parts of your phone you're giving an app access to before you install it... oh wait, you do.

    Don't be a lazy idiot and you won't get malicious software on your phone.

    Sent from my DROIDX using Tapatalk
     
  7. Martin030908

    Martin030908 Super Moderator

    Joined:
    Nov 1, 2009
    Messages:
    8,773
    Likes Received:
    0
    Trophy Points:
    151
    Ratings:
    +0
    As others have stated.... there are thousands of threats for you PC but only a handful for Android (and for now they're geographically centralized).... nothing to panic over.

    Pay attention to application permissions upon install and be especially alert when installing 3rd party applications.
     
  8. qat

    qat New Member

    Joined:
    Apr 22, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Ratings:
    +0
    This thread was started initially as an awareness thread, but it seems you guys are far more naive than I anticipated, so I will address your points.

    I'm not referring simply to apps that have been installed. This malware can be installed drive-by style when you access certain websites, particularly if you're using an alternate internet browser, alternate applications that query data from a remote web server (nearly every android app on your phone), or if your phone is rooted.

    This is not as simple as 'Oh, I just won't install apps from untrusted sources'. That's the most risque method of installation, but not the only.

    I run a Linux based OS where malware in general is much less prevalent and logging of inbound/outbound connections is easier and enabled by default. My home network is secured through a router. I don't do banking from home, and I have a bank that is willing to reimburse me for unauthorized transactions.

    None of this is the case with a mobile phone.
     
  9. Martin030908

    Martin030908 Super Moderator

    Joined:
    Nov 1, 2009
    Messages:
    8,773
    Likes Received:
    0
    Trophy Points:
    151
    Ratings:
    +0
    'drive by style' apps?

    Nothing gets installed without you 'ok'ing it.
     
  10. qat

    qat New Member

    Joined:
    Apr 22, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Ratings:
    +0
    Not 'drive by style apps', Malware installed 'drive by' style, or 'on the fly'. If there's a flaw, memory leak, or other fault in the software you're using, it can be used as a backdoor access to your phone (definitely if your phone has been rooted. Proof of concept examples are out for factory default settings).

    Example: Flash Player's LSO's, more commonly referred to as "flash cookies" are currently being installed on Android based phones that have the Flash player installed. Granted, they can be cleared, but there's a long standing history of them being used maliciously, and the only way to clear them is to go to Adobe's page to clear them (https://settings.adobe.com/flashplayer/mobile/).

    Again, the point of this thread is to bring awareness to stuff, so that stuff like this doesn't happen:

    http://www.net-security.org/secworld.php?id=10160
    http://www.infosecurity-magazine.co...lishes-proofofconcept-google-android-malware/ <--Worth reading
    http://www.informationweek.com/news/hardware/handheld/showArticle.jhtml?articleID=225300284 and this one is particular to those of you installing ROMs willy nilly, just because they brag about cool features. I'm sure those of you who are doing this won't be reading this thread, though.
     
    #10 qat, Jan 3, 2011
    Last edited: Jan 3, 2011
  11. Martin030908

    Martin030908 Super Moderator

    Joined:
    Nov 1, 2009
    Messages:
    8,773
    Likes Received:
    0
    Trophy Points:
    151
    Ratings:
    +0
    These are issues any machine connected to the internet faces... it's nothing to panic over.

    Kaspersky and many other anti-virus providers are aware of the Android market and working hard at creating concern and cause for anti-virus apps. There will always be risks and those who exploit them.

    I appreciate the concise explanation from you btw!
     
  12. qat

    qat New Member

    Joined:
    Apr 22, 2010
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    1
    Ratings:
    +0
    With regards to the Kaspersky comment, I agree, and i've seen quite a few 'security' related applications popping up. I'm glad they're aware, but it's not just them who needs to see this stuff for what it is.

    Also, with corporate espionage on the rise (and Government/State level espionage for that matter), a mobile device could be a walking microphone.

    I'll leave it there until someone else wants to chime in. I'm not as concerned about the more acquainted user of the Android phone, but the person who thinks they know more about what they're doing than they really do!

    Sarcasm or legitimate response? If it was legitimate, you're welcome.
     
Search tags for this page

galaxy s3 hijacked tunneled

,

window popped up and said i had trojan virus on android bion