• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

New Malware

There's a lot of spooky android malware out there.

Android has a feature that allows one app to pull focus from another. So, if I make, say, a popular game application and include this focus call... it can jump into the foreground.

So say you play my awesome game, and decide that you need to check facebook or do some Amazon shopping. Well, luckily, my app calls itself to the foreground with a ripped off log in screen for those apps... now I've got your credentials.

I was at a talk the other day, and one of the researchers mentioned this. He said that when the warned google about this risk, google was like, 'oh, that's a feature, we can remove that.' </facepalm>

Sure there are legit apps that could use this, but so could malicious apps.

They also mentioned that there is an app that you can buy that is basically a rootkit of the device with botnet capabilities. So it can record your conversations and then be used for a ddos. OUCH!

All the more reason to be vigilant of what we install I'd say. :D

--

I really liked the author's disclaimer at the bottom. (My podcast app quit downloading over wifi. ;))
And it was developed by a guy who works for the navy with surface warfare, yep. I'm thinking this has some cool cyberwarfare implications. :D
 
Install smart. It is not rocket science? I hear and see people stress over crap. If you got a virus on your Windows you might get one with Android.

No one can protect you from yourself better than you.
 
Stressed, no. Concerned, most definitely with every right to be.
Viruses & malware have grown from just an annoyance to big problems over the years for systems & phones/tablets. And they have gotten more sophisticated every time one turns around.
So paranoia is not called for now, but vigilance certainly is, both proactive & reactive.
 
Trooper said:
All this aside, I still do not see a reason to run AV on Android phones.
Click to expand...

Maybe not yet, but soon. It's only a matter of time before those people that have too much time on their hands and no respect for others, make it necessary.
 
^ is that the zeus botnet?
Ahh, I'll just check it out in a minute. Man in the browser is so genius. One of my favorites. So long as it's not on *my* computer. :D ;)

EDIT:

Okay, so it doesn't go into details really. Instead of just going for specific fields, it'll grab everything and parse it on the spot. Cool. But the researches say it isn't in the wild yet. Well, that's probably because it is in beta. ;) I'm guessing that it's just too expensive for the criminals to buy from the authors at this point.... and the MitB is working wonders as is.

Very cool article. You're getting a 'thanks' and a 'like' for that. :D ;)
 
You must log in or register to reply here.
Back
Top Bottom