Warning: Creating default object from empty value in /home/ict-forward/www-apps/wp-svn/wp-includes/ms-load.php on line 138
android « The FORWARD project blog

Posts Tagged ‘android’

Malicious Android apps double in 6 months

Tuesday, January 10th, 2012

Lookout mobile security has identified 1000 malicious applications in less than six months.
Previously the most of the malicious apps where located on third-party app stores, and alternatives to the official Android Market.
Lookout mentions that the likelihood of an Android user encountering malware increases from 1 to 4 percent yearliy and the U.S. is placed in the middle of mobile malware, compared to other countries.
Another malware action is when Android users are convinced to click on untrusted links that lead to malware and phishing sites.
The global yearly likelihood of an Android user clicking on an unsafe link is much higher and reaches 36 percent (6 percent higher than July 2011) and the likelihood in the U.S. is 40 percent.
Another issue that Lookout detected is “mobile pickpocketing”, which is applications and malware that charges the phone owner without his knowledge.
There are also the RuFraud applications that pretend to be free wallpapers finder and popular games, but hide terms that allow the service to charge the phone owner, without his knowledge.
Lookout believes that many of these incidents will be reported, and also botnets, malware that exploits weaknesses in mobile operating systems, browser-based attacks , malware hiding in mobile advertisements and tools that allow automatic repackaging of legitimate applications to add malware.
Lookout finally suggests to avoid using third-party application stores, avoid clicking on in-app advertisements, and beware when clicking on apps that ask you to click “OK”. Users should first check any reviews before downloading any application, and mainly those related with games, ulitities and porn, which are most likely to contain malware.

Sources :
cnet.com
RuFraud Apps

iPhone Safer from Hackers than Android

Friday, January 14th, 2011

Android-based smartphones are more vulnerable to attacks by hackers and electronic viruses than the iPhone, according to the chairman of the world’s largest provider of security software for corporate servers. The remarks were made less than a week after the company, Trend Micro, released its Mobile Security software for Android devices.

“Android is open source, which means the hacker can also understand the underlying architecture and source code”, Chairman Steve Chang told Bloomberg Businessweek.

“We have to give credit to Apple, because they are very careful about it,” he added. “It’s impossible for certain types of viruses”to operate on the iPhone.”

Google didn’t exactly refute Chang’s claim in its response to Bloomberg. “On all computing devices, users necessarily entrust at least some of their information to the developer of the application they’re using,” it said in an email. “Android has taken steps to inform users of this trust relationship and to limit the amount of trust a user must grant to any given application developer.”

In the iPhone universe, the amount of trust a user must cede to a developer is less than in the Android realm because Apple reviews all apps before it allows them to be sold through its App Store. Although that kind of quality review doesn’t exist in the Android world yet, some vetting of apps will occur when Amazon launches its Android apps store later this year.

As smartphone usage grows in corporations, they’ll become more tempting targets for hackers. “Smartphones are the next PC, and once they’re adopted by enterprises, data loss will be a very key problem,” Chang said.

Trend Micro’s Mobile Security app for Android, which it’s selling for $3.99, will block viruses and malicious viruses, as well as unwanted calls, on smartphones running the operating system. It also installs parental controls on a phone’s web browser. According to the company, the app is the only mobile tool that uses cloud-based security intelligence to protect Android devices from the latest cyber threats.

source: PCWorld

New Trojan affects Android devices

Friday, January 7th, 2011

A new sophisticated Android Trojan, dubbed “Geinimi”, emerged in China compromising devices, bundling with botnet-style functionality.

The malware sends personal data of a user’s phone to a remote server and is also capable of receiving commands from, controlled by hackers, remote servers, in order to control the phone. Mobile security firm Lookout describes the malware as the most sophisticated to appear on Android devices wich has been uploaded onto third-party Chinese Android app markets, poses as gaming applications(Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense, Baseball Superstars 2010).

When Geinimi is launched, collects significant information like location coordinates, unique identifiers for the device (IMEI) and SIM card (IMSI) and attempts to connect to a remote server to transmit the collected device information.

The security firm already updated both free and paid versions of its software to protect against Geinimi.

source:http://blog.mylookout.com/2010/12/geinimi_trojan/

Analysis of Android Froyo uncovers 88 flaws exposing users’ data

Sunday, November 28th, 2010

A study by Coverity unveils 88 flaws exposing users’ data. The study examined the publicly disclosed version of the Android kernel. Among the discovered defects in Android there where memory corruptions, memory illegal accesses and resource leaks. All mentioned defects are considered high-risk.
Coverity said it won’t release details until January. This way it allows Google and handset vendors to issue fixes.
While Android is the OS of about 26% of the smart-phones worldwide[2] and  companies are supplying their employees with smart-phones for mixed business and personal use, malicious software could be deployed to extract informations from companies.

[1] http://www.coverity.com/library/pdf/coverity-scan-2010-open-source-integrity-report.pdf

[2] http://en.wikipedia.org/wiki/Usage_share_of_operating_systems#Mobile_devices