Alert!

TECHNOLOGY
11 August 2010 Last updated at 03:35 ET
Virus writers hit Google Android phones
A malicious application that can steal cash via phones running Google's Android operating system has been found.
The program poses as a media player but once installed starts sending premium rate text messages.
The service being sent messages is operated by the malicious app's creator, who scoops up the fees.
Discovered by Kaspersky Labs, it is believed to be the first booby-trapped application for Android.
In a security advisory Kaspersky said that the virus - Trojan-SMS.AndroidOS.FakePlayer.a - is being spread by text message. The message prompts users to install an application, 13KB in size, which purports to be a media player.
The virus was most prevalent among Russian Android users. The risk to Android owners worldwide is believed to be low.
'Trusted model'
In its advisory it said that the huge growth in the number of Android applications was likely to make the phones tempting targets for criminals.
"We can expect to see a corresponding rise in the amount of malware targeting that platform," said Denis Maslennikov, mobile research group manager at the firm.
Simeon Coney, spokesman for mobile security firm AdaptiveMobile said booby-trapped applications that run up big bills via premium rate numbers were very common on other platforms such as Symbian.
Symbian is the most popular smartphone operating system, commonly used on handsets built by Nokia and Sony Ericsson.
"There are a significant number of Java based mobile viruses that do exactly the same malicious activity of sending out premium rate (i.e. reverse charge) SMS," he said.
Like other mobile application stores, Google has a system in place that can revoke malicious applications and stop them running on handsets.
"Our application permissions model protects against this type of threat," said a spokesperson for Google.
"When installing an application, users see a screen that explains clearly what information and system resources the application has permission to access, such as a user's phone number or sending an SMS.
"Users must explicitly approve this access in order to continue with the installation, and they may uninstall applications at any time.
The spokesperson said the firm advises users to "only install apps they trust".
"In particular, users should exercise caution when installing applications outside of Android Market."
More Technology stories
Virus writers hit Android phones
A malicious application that racks up premium rate charges on phones running Google's Android operating system is found.
Speedy solution to Rubik's Cube
UK game developers turn to phones
BBC © MMX The BBC is not responsible for the content of external sites. Read more.
 
And there-in-lies the problem with "Constant Warning Messages". Eventually someone quits reading them after the 30th or so install of software from the market.

The Android OS is truly a marvel for cell phones.

The average user, unfortunately, is the is the major hurdle for the Android OS.
 
Just because you are not Russian does not mean you are immune to the possible repercussions of this information.

Remember, guys, that there are other people, not just Russians, who will try and find ways to hack your information and what not and it also helps if people take the time to look at the applications they install.
 
just saw this on tv.

careful about downloading media players everyone!
 
The Android OS is truly a marvel for cell phones.

The average user, unfortunately, is the is the major hurdle for the Android OS.

Well put, Skull.

I have a similar phrase in my line of work "The great thing about DSP is it's easy to use. The worst thing is it's even easier to misuse".
 
You're totally right!

And there-in-lies the problem with "Constant Warning Messages". Eventually someone quits reading them after the 30th or so install of software from the market.

That granting privileges screen when you install apps needs to teach the user about whether they should be trusting the app. At least when granting sensitive privileges like access to SD card or contacts, the font should be bold. I sometimes don't notice exactly what privileges I'm granting. It's up to the user in the end, but the interface could be improved...maybe even educate users instead of relying on google to police the market after the fact.

The Android OS is truly a marvel for cell phones.

The average user, unfortunately, is the is the major hurdle for the Android OS.

I'm probably an "above average" user and I'm still an obstacle for something as complex as Android/Linux. I like your sentiment, though, and totally agree.

***

Careful when downloading anything.
 
Last edited:
Back
Top