With a great plugin comes great responsibility - to avoid malicious Flash files, that is. A zero-day exploit has been discovered in Adobe Flash that affects all Android versions of the software, Adobe announced today.
The most common vessel for the exploit is (fortunately) a Microsoft document (.doc) email attachment with an embedded Flash file (.swf) - and I'm not aware of any Word document viewers/editors in Android that support embedded Flash. Read More
With all of the recent concern about malware in the Android Market, it may lead one to make the generalization that the Android OS is nothing but a big loser in the mobile security department. It looks like that may be a faulty conclusion, if the results from hacking competition Pwn2Own are any indication. In this year's contest, held at the CanSecWest Security Conference, Android and Windows Phone 7 both survived unscathed, while iOS and Blackberry fell to the hackers. Read More
It seems evil-doers' depravity knows no bounds: we've just heard word from Symantec that an infected version of Google's Android Market Security Tool March 2011 is floating around the "black markets" - meaning it's not in the Android Market, but it is floating around the 'net in APK form. Luckily, it's not nearly as bad as DroidDream (the malware it was designed to remove), but it's malware nonetheless.
Specifically, Justin says it's closely related to (or possibly the same as) "Fake 10086" malware. Read More
Google has responded to the alarm raised by an Android security expert of a bug related to the Android Market that could have caused a lot of trouble. The security hole was related to the recent implementation of the Android Web Market, and would have given hackers the ability to install malicious software fairly easily.
Co-founder and chief technology officer at Duo Security Jon Oberheide discovered the flaw last month and notified Google, who fixed it within "the last week or so." Users would have merely had to click on a malicious link on either their phones or on their desktops to activate the unwanted installation of rogue software. Read More
Google continues to be admirably quick to react to DroidDream, the nasty Android Trojan we helped uncover on Tuesday. After removing the offending apps from the Market in just a few minutes of finding out about them, a new post on the Google Mobile Blog reveals that they're now ready to take further steps.
Update: After having a back and forth with Android Security, there's some disagreement as to just how malicious these apps we linked in this post are. We may have jumped the gun here, so hold tight, and we'll keep you informed.
First off, no, we're not trying to be sensationalist. And I'll admit up front that we're a bit light on details at the moment, but we've got a guy who is a professional, seasoned coder, and that's not the type of guy whose opinion you ignore. Read More
Wow - from our perspective, it's almost like the world exploded overnight. We have more information and details on the virus - which Lookout has named "DroidDream" (the word was consistently used in package names by the malware developers) - and some updates on where things stand. Read More
As Android's market share continues to grow, it is inevitable that it will become a target for viruses and other malware. Indeed Steve Chang, the chairman of Trend Micro, a provider of security software, cautioned that Android is far more susceptible to malware attacks than iOS.
In an interview with Bloomberg, Chang claimed that Android's open source infrastructure allowed hackers to better understand the underlying architecture and source code. Read More
Lookout Mobile Security, a free Android app that secures your device from viruses in addition to backing it up and allowing you to remotely locate it, yesterday launched a premium service that we've been expecting for a while. The Premium version is offered as an optional upgrade to a fully functional free base version for an annual fee of $29.99 or a monthly fee of $3. That's a pretty hefty price to charge, especially since regular, free accounts already have access to so many features, so let's take a look at the extras that you get:
- Privacy Advisor protects your privacy.