We've seen our fair share of Android malware hit the scene, but the guys over at Kaspersky Labs have stumbled upon something rather alarming: the first IRC bot for Android. For those unaware, an IRC bot is a tool that provides automated function inside of an IRC channel. While very useful in many scenarios, IRC bots are also often used for malicious intent, such as the case at hand. It's worth noting here that, with the way this attack works, remote commands could be sent via any medium - SMS, webserver, etc. The attacker has just chosen IRC as the platform for this exploit. Read More
Google continues to be admirably quick to react to DroidDream, the nasty Android Trojan we helped uncover on Tuesday. After removing the offending apps from the Market in just a few minutes of finding out about them, a new post on the Google Mobile Blog reveals that they're now ready to take further steps.
: The tool Google is using to bulldoze DroidDream malware off your phone has surfaced in the Android Market: Android Market Security Tool
. From the app's description:
"There is no need to download and install this application on your own.
This is an Android Market security update that undoes exploits caused by the malicious applications that were removed from Android Market on 03/01/2011.
Update: After having a back and forth with Android Security, there's some disagreement as to just how malicious these apps we linked in this post are. We may have jumped the gun here, so hold tight, and we'll keep you informed.
First off, no, we're not trying to be sensationalist. And I'll admit up front that we're a bit light on details at the moment, but we've got a guy who is a professional, seasoned coder, and that's not the type of guy whose opinion you ignore. With that said: yes, we really think that we found something worse.
Among the flood of (mostly) related security/piracy tips we received in the wake of the DroidDream discovery was something that was worth a closer look: two more developers who were putting up more stolen apps. Read More
Wow - from our perspective, it's almost like the world exploded overnight. We have more information and details on the virus - which Lookout has named "DroidDream" (the word was consistently used in package names by the malware developers) - and some updates on where things stand.
First, we're absolutely amazed at how quickly Google reacted. As mentioned last night, our own Justin Case pinged a contact and the apps were pulled from the market within minutes. Read More
Openness - the very characteristic of Android that makes us love it - is a double-edged sword. Redditor lompolo has stumbled upon a perfect example of that fact; he's noticed that a publisher has taken "... Read More
I've been avoiding this one for a few days because it doesn't really seem like much of an issue to me, but it hasn't gone away, so I've changed my tune. Maybe this post will help somebody from getting a Trojan - and that has to count for some brownie points or something, right?
For the past few days, security-app maker Lookout (who you may remember for their App Genome Project) has been warning folks about a new AndVirus (yeah, just made that up) they've found called Geinimi. Word on the street is that this bad boy steals user data, and shows signs of "botnet-like capabilities." Scary stuff, indeed. Read More
It’s been an interesting week so far… Steven Slater decided to set the bar ridiculously high for those looking to make dramatic exits from their workplace, we learnt that school is in fact spelt ‘shcool’ in North Carolina, and Android got a wake up call in the security department.
It was bound to happen at some point; as Android proves to be as popular as ever, it will be targeted by more malicious developers looking to exploit users of the platform. This particular trojan, identified as Trojan-SMS.AndroidOS.FakePlayer.a, is being spread around by text message.
How does it work? According to Kaspersky, users who receive the text message are prompted to install a 13kb application, which claims to be a media player. Read More