We've seen our fair share of Android malware hit the scene, but the guys over at Kaspersky Labs have stumbled upon something rather alarming: the first IRC bot for Android. For those unaware, an IRC bot is a tool that provides automated function inside of an IRC channel. While very useful in many scenarios, IRC bots are also often used for malicious intent, such as the case at hand. It's worth noting here that, with the way this attack works, remote commands could be sent via any medium - SMS, webserver, etc.
We know, we told you our holiday giveaway series would feature some of our largest contests to date. And it did - we gave away over a dozen tablets and nearly as many phones to our readers. But we thought we'd start the new year off with our biggest giveaway yet (an international one, to boot) - 10 Samsung Galaxy Nexus smartphones, courtesy of our amazingly generous friends at AVAST Software.
What happens when Google's open-source program manager Chris DiBona reads one too many false claims about the nature of open source software? He takes to his soapbox on Google+ to put everyone in check.
That's exactly what happened a couple of days ago after DiBona read yet another article pounding the nature of open source, citing that it's "inherently insecure." Like any advocate for a cause would do, DiBona immediately set out to uncover the truth about security in an open source environment, paying particular attention to mobile operating systems, including Android and iOS.
Remember DroidDream - one of the worst malware apps that we've seen since Android's inception? Well, it appears that the developer of said malware is back at it again, with a reported 25 infected apps (so far) found in the Android Market. Dubbed DroidDreamLight by the Lookout Security team, this infection is a stripped down version of its predecessor. Make no mistake, though - that doesn't mean it's any less malicious.
With a great plugin comes great responsibility - to avoid malicious Flash files, that is. A zero-day exploit has been discovered in Adobe Flash that affects all Android versions of the software, Adobe announced today.
The most common vessel for the exploit is (fortunately) a Microsoft document (.doc) email attachment with an embedded Flash file (.swf) - and I'm not aware of any Word document viewers/editors in Android that support embedded Flash.
With all of the recent concern about malware in the Android Market, it may lead one to make the generalization that the Android OS is nothing but a big loser in the mobile security department. It looks like that may be a faulty conclusion, if the results from hacking competition Pwn2Own are any indication. In this year's contest, held at the CanSecWest Security Conference, Android and Windows Phone 7 both survived unscathed, while iOS and Blackberry fell to the hackers.
It seems evil-doers' depravity knows no bounds: we've just heard word from Symantec that an infected version of Google's Android Market Security Tool March 2011 is floating around the "black markets" - meaning it's not in the Android Market, but it is floating around the 'net in APK form. Luckily, it's not nearly as bad as DroidDream (the malware it was designed to remove), but it's malware nonetheless.
Google continues to be admirably quick to react to DroidDream, the nasty Android Trojan we helped uncover on Tuesday. After removing the offending apps from the Market in just a few minutes of finding out about them, a new post on the Google Mobile Blog reveals that they're now ready to take further steps.
First off, no, we're not trying to be sensationalist. And I'll admit up front that we're a bit light on details at the moment, but we've got a guy who is a professional, seasoned coder, and that's not the type of guy whose opinion you ignore.
Wow - from our perspective, it's almost like the world exploded overnight. We have more information and details on the virus - which Lookout has named "DroidDream" (the word was consistently used in package names by the malware developers) - and some updates on where things stand.