• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

WARNING - SMS-controlled malware TigerBot in the wild

BirdWithBowtie

BirdWithBowtie

Member
From Slashdot today:

wiredmikey writes

"Security researchers have discovered new Android malware controlled via SMS that can do a number of things on the compromised device including recording calls and surrounding noise. Called TigerBot, the recently discovered malware was found circulating in the wild via non-official Android channels. Based on the code examination, the researchers from NQ Mobile, alongside researchers at North Carolina State University said that TigerBot can record sounds in the immediate area of the device, as well as calls themselves. It also has the ability to alter network settings, report its current GPS coordinates, capture and upload images, kill other processes, and reboot the phone. TigerBot will hide itself on a compromised device by forgoing an icon on the home screen, and by masking itself with a legit application name such as Flash or System. Once installed and active, it will register a receiver with a high priority to listen to the intent with action 'android.provider.Telephony.SMS_RECEIVED.'"

SMS-Controlled Malware Hijacking Android Phones - Slashdot
 
BirdWithBowtie said:
From Slashdot today:

wiredmikey writes

"Security researchers have discovered new Android malware controlled via SMS that can do a number of things on the compromised device including recording calls and surrounding noise. Called TigerBot, the recently discovered malware was found circulating in the wild via non-official Android channels. Based on the code examination, the researchers from NQ Mobile, alongside researchers at North Carolina State University said that TigerBot can record sounds in the immediate area of the device, as well as calls themselves. It also has the ability to alter network settings, report its current GPS coordinates, capture and upload images, kill other processes, and reboot the phone. TigerBot will hide itself on a compromised device by forgoing an icon on the home screen, and by masking itself with a legit application name such as Flash or System. Once installed and active, it will register a receiver with a high priority to listen to the intent with action 'android.provider.Telephony.SMS_RECEIVED.'"

SMS-Controlled Malware Hijacking Android Phones - Slashdot
Click to expand...

Thanks for posting this. A lot of people have the misconception that phones are protected from such attacks. When in fact phones lately are just as sophisticated and powerful as using a PC. If hackers and virus writers are truly determined they can cause some damage. This includes iPhone, Android, and Blackberry devices. There is no fool-proof electronic unless you completely remove it from the internet and all outside sources.

A good way to protect yourself is to download a malware/virus protection app. Wetbiker7 posted a good link to an article detailing them. With Avast being on the top as the best performer.

Source from Wetbiker7:
The Best (and Worst) Antivirus Apps for Android
 
Agreed. And for Pete's sake people please don't click on links in messages you are not expecting and/or don't recognize the sender!! Same safety precautions you'd use for your own computer, if not more heightened because of SMS.
 
@makeshiftpat: I hope someone who knows the answer to your question can help you - that person is not me (yet). I'm still learning Android stuff. If you don't get an answer here you may want to post a separate thread in the 'all things root' section. Very helpful people in there.

On a separate but related topic, The Verge ran an article about a zero-permission app that for no good reason captures and stores your physical address unencrypted on your SD card - this being the first step in a possible exploit of the data. The info is stored in the cache of com.cooliris.media in a file called Chunk_0. I'd certainly like to hear from folks whether this is something we should be concerned about - for instance, do different custom roms we use negate this problem for some of us?

How an Android app could transmit your personal data without any permissions | The Verge
 
makeshiftpat said:
Downloaded avast to my sd card. I assume that will not be a problem. Any thoughts?
Click to expand...

Get yourself a proper rom and kernel like all the cool kids... :p

But seriously, I just checked out the Avast Mobile Security users guide from their website, and it didn't mention anything about where you can and cannot install it. I know most app widgets will not work if the app is on the SD card, but there's no avast widget, so you should be good

Keep in mind, without root access some features won't work, like the firewall and some of the anti-theft stuff.
 
Yeah. I didn't think it would be a problem.
I am rooted. When I get internet again after I move into my new house then I'll download a new rom.
I'm hoping it'll make this thing run faster. It would be nice to be able to watch a 5 minute video without having to let it download for 5 minutes or more when not using wifi. Hoping that will help.
 
You must log in or register to reply here.
Back
Top Bottom