30
Sep
virus

According to Kaspersky, seller of the $10 Kaspersky antivirus app for Android, Android viruses are getting worse. Well, not really worse, just different. The latest attack vector comes in the form of malicious QR Codes. When you scan a QR code, your phone turns those funky squares into a URL. Just like any other form of URL obfuscation (eg, shorteners), that URL can go to a naughty place. Said naughty place could give you a virus.

Oh, I'm sorry, are you used to a little more hyperbole in your Android virus stories? ZDNet can help with that: "Hackers using QR codes to push Android malware ... Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their phones."

That's sounds scary, but lets go over the parts they left out.

  • Naughty QR Code starts a download of Virus.APK
  • You pull down the notification bar and click on the downloaded APK to install it
  • The APK presents it's list of (probably ridiculous) permissions
  • You ignore the permissions and click install
  • You now have a virus

If this sounds like something you just can't avoid doing, Kaspersky will be happy to take your 10 dollars.

Source: Kaspersky via ZDnet

Ron Amadeo
Ron loves everything related to technology, design, and Google. He always wants to talk about "the big picture" and what's next for Android, and he's not afraid to get knee-deep in an APK for some details. Expect a good eye for detail, lots of research, and some lamenting about how something isn't designed well enough.
  • Telik

    Not to mention that many barcode scanners show you the URL and require you to push "Visit website" before taking you there...

    • Tarek El-Eter

      Shhhh. They don't know that lets just play along for now

      • https://market.android.com/search?q=kaushal+dalvi&so=1&c=apps Kaushal

        HAAHAHAHHAAH !!!!

    • Joseph Bass

      It could just link to a shortened URL.

      • m33p

        Which in that case, don't browse to it.

  • Draconis2941

    Hackers using QR codes to push Android malware ... Once a user scans the QR code, the user can elect to go to a malicious site that will ask them to download and install a Trojan while ignoring all warnings on their phones."
    There I fixed it

  • Hary Ayala

    This is going to be difficult to avoid... we're gonna be needing an IT department just to keep our phones safe, because god knows we can't possibly notice something is amiss on our own...
    Kapersky, please come save us!!!

  • Jim

    Anyone know which Android versions are affected?

    • OperationHorror

      This guy is going to get a virus

      • Hary Ayala

        or Seven thousand...

        • FX111

          Now that's funny

    • Draconis2941

      Just the ones with idiots for users

  • Michael

    Only phones using Ice Cream Sandwich or Samsung Fascinates on Gingerbread, so we're safe for a few years.

  • Flippy125

    You could always...not install shady apk's?

  • http://cafe-ti.blog.br Alroger Jr

    Reminds me of TinyURL.

    Unfortunatly:
    Not always as obvious as Virus.APK, but a regular user might even click on that.
    Once downloading started you can't cancel it, and if winds hit, you might touch the wrong spot.
    Sometimes the CANCEL button is not so obvious. (then someone bumps into you in the bus)
    We are already used to ridiculous permissions for any game we download (phone identity? damn it)
    Now repeat what I said backwards and it's also true.
    Now relate to Windows users that are already used to all kinds of AdWares and potential trojans...

    I hope AVs like KMS will help. I use KMS mostly for anti-theft.

    Cheers courageous world!

  • http://www.AndroidPolice.com Artem Russakovskii

    They could be talking about exploiting vulnerabilities in unpatched versions of the OS. I'm not aware of one that silently installs trojans, but there are some that steal your data. There could also be something that is not discovered yet.

    http://www.androidpolice.com/2010/11/23/new-vulnerability-affecting-all-versions-of-android-allows-unauthorized-remote-sd-card-access/

    http://www.androidpolice.com/2011/01/29/yet-another-android-data-stealing-vulnerability-uncovered-affects-all-versions-of-the-os/

  • http://androidgist.com Doro

    Viruses for Android phones! Now that's something I never thought would appear. Anyway, I guess with a little precaution (and by precaution I mean not scanning every damn QR code you find), you can easily avoid being infected.

  • http://www.qrpal.com Rebecca

    Great article, as QR Codes are becoming more commonly used, this is going to become an increasing problem!

    I came across a great QR Code scanner for android which has a inbuilt "SafeScan" features, to ensure all QR Codes scans are safe and secure. Its free to download also, check out QR Pal @ https://market.android.com/details?id=com.qrpay.qrpal

    • Dan

      Soooo... you've now illustrated Ron's point. The devs of QR Pal are using fear as a marketing tactic in attempt to get you to use their product rather than something like QR Droid. It's an ad supported product, so the more people they can scare, the more money they can make.

      QR Pal = less than 10,000 downloads. Only 36 reviews with an average review of 3.6.

      QR Droid = more than 5,000,000 downloads. Over 38,000 reviews with an average review of 4.5.

      With only 36 reviews, how many of those came from the QR Pal devs or their friends? Every dev tries to pad their early reviews, so the average of 3.6 is even more dismal than it seems.