Virusi cu gramada pe Android!

Vesti proaste pentru Android! Ce sa zic, imi pare rau pentru voi...

The Mother Of All Android Malware Has Arrived: Stolen Apps Released To The Market That Root Your Phone, Steal Your Data, And Open Backdoor
from Android Police

Openness – the very characteristic of Android that makes us love it – is a double-edged sword. Redditor lompolo has stumbled upon a perfect example of that fact; he’s noticed that a publisher has taken "… 21 popular free apps from the market, injected root exploits into them and republished." The really scary part? "50k-200k downloads combined in 4 days.

I asked our resident hacker to take a look at the code himself, and he’s verified it does indeed root the user’s device via rageagainstthecage or exploid. But that’s just the tip of the iceberg: it does more than just yank IMEI and IMSI. There’s another APK hidden inside the code, and it steals nearly everything it can: product ID, model, partner (provider?), language, country, and userID. But that’s all child’s play; the true pièce de résistance is that it has the ability to download more code. In other words, there’s no way to know what the app does after it’s installed, and the possibilities are nearly endless.
-------------------------------------------------------------------
Google spikes 21 malicious apps with big download counts from the Market
from Engadget

We're sure that the debate of a carefully controlled and curated environment like Apple's App Store versus a free-for-all like the Android Market will rage on for years to come, but here's something to chew on: Google just removed some 21 apps from the Market in the last day from a publisher going by Myournet for doing all sorts of naughty things to your device. Offenses include attempting to root your phone, uploading phone information (including IMEI) to who-knows-where, and -- most egregiously -- adding a backdoor that allows additional code to be pulled down and executed.

At least some of the apps are pirated versions of existing apps that have been re-uploaded at zero cost to the user, which makes them appealing... and the trick apparently works quite well, because the 21 managed to clock over 50,000 downloads before getting taken down. This isn't the first time malicious apps have shown up on smartphones -- far from it -- but it's probably the highest-profile case of a first-party app store being infiltrated by really bad stuff. If there's a silver lining, it's that Google was extraordinarily quick to respond once Android Police reported the situation -- the site says it took less than five minutes from the time they reached out to the time the apps actually went offline. Still, that's little consolation if you've already installed your "free" copy of Super History Eraser.
--------------------------------------------------------------------

The offending apps from publisher Myournet:

    * Falling Down
    * Super Guitar Solo
    * Super History Eraser
    * Photo Editor
    * Super Ringtone Maker
    * Super Sex Positions
    * Hot Sexy Videos
    * Chess
    * 下坠滚球_Falldown
    * Hilton Sex Sound
    * Screaming Sexy Japanese Girls
    * Falling Ball Dodge
    * Scientific Calculator
    * Dice Roller
    * 躲避弹球
    * Advanced Currency Converter
    * App Uninstaller
    * 几何战机_PewPew
    * Funny Paint
    * Spider Man
    * 蜘蛛侠

durere in sufletelul meu

Edited by Consigliero, 02 March 2011 - 16:40.

Avea dreptate "raposatul Steve" ?

Libertatea nu e pt prosti...

E bairam mare in Cupertino  

Acum ca sa fiu corect, nu e vina Android-ului. Nu e nimic in neregula cu Android-ul. Problema este Google, care NU VREA sa verifice aplicatiile inainte fie primite in Market. Lasa sa patrunda orice rahat in numele asa zisei "Libertati". Si NU VREA sa verifice aplicatiile, pentru ca asta ar insemna sa angajeze o armata de oameni care sa verifice aplicatiile si sa cheltuie bani, asa cum face Apple. Bani pe care Google nu-i are pentru ca da Android-ul gratis, free, moca! Asa ca Google, dupa ce iti da Android-ul gratis isi baga picioarele, nu-l mai intereseaza ce se intampla mai departe!

Concluzie: Androidul ar fi putut fi un bun sistem de operare daca... nu era gratis si "open"! Deocamdata vad ca e "open" la virusi! In curand o sa trebuiasca sa va instalati antivirusi si firewall-uri pe Androide ca pe Windows!


UPDATE:
Aha, uite si un update, cica Android 2.2.2 este imun:
Update: Android Central points out that the type of root exploit used in these apps was patched in Android 2.2.2 and up, so Nexus One and Nexus S owners should be fine; everyone else is left out in the cold, though, thanks to the vexing third-party update lag.

Cati dintre voi aveti Android 2.2.2? Stiti cui trebuie sa-i multumiti pentru faptul ca nu puteti avea ultima versiune de Android, nu? Traiasca fragmentatia!

Edited by walsy, 02 March 2011 - 17:31.

 walsy, on 2nd March 2011, 17:25, said:

Google n-are bani ? Ma rog... cum zici tu. Faptul ca e open nu inseamna ca e prost. Chiar iti place "ecosistemul" Apple ? Mie nu. Ei controleaza totul. Practic nu ai nimic in afara de hardware-ul din telefon. Daca Jobs vrea sa-ti curete telefonul o poate face.
Si pana la urma orice sistem poate avea virusi, chiar si iOS. Nu vreau o disputa Apple - Google sau iOS - Android. Se ajunge la flaming si nu are rost, ambele sisteme si (tipuri de) telefoane au punctele lor forte si slabe.
Ai dreptate intr-o privinta - verificarea aplicatiilor inaintea aparitiei pe App Market. Aici sunt perfect de acord cu tine. Numai ca, stii ceva ? Cel mai mare vinovat este utilizatorul. Cei care se reped cu capul inainte si instaleaza toate prostiile din orice sursa (ca doar se vede cine le-a publicat) si mai ales cand vad ca sunt clar jocuri piratate (vreo trei din lista asta sunt), isi cam merita soarta. Chiar daca Google ar verifica aplicatiile mai exista o gramada de alte "marketuri" plus aplicatii e aiurea.
Eu chiar mi-am pus antivirus pe Samsung Galaxy S si nu se cunoaste. Stiu ca poate e cam fara rost deocamdata, dar uite ce se intimpla...

Angajarea unor oameni care sa verifice toate aplicatiile din Android Market, nu este un raspuns. Pe langa faptul ca exista niste costuri care trebuiesc acoperite, mai luati in considerare si faptul ca orice aplicatii care nu le convin lor, vor disparea, incepand cu softurile de root.
Faptul ca Android e free, este un mare avantaj care contribuie exponential la dezvoltarea sa.

Lucrurile arata din ce in ce mai prost pentru Android!

'Trojanized' version of Google Android security tool found in China
from CNET

Suspicious code is lurking in a repackaged Chinese version of a tool Google released last weekend to remotely clean malicious apps off Android phones, Symantec said today.
This "trojanized" package was found on an unregulated third-party Chinese marketplace and not on the official Android Market, Symantec said in a blog post.
After 58 malicious apps were found on the Android Market last week and downloaded onto about 260,000 devices, Google removed the apps from the market and then wiped them from the phones too.
Now, Symantec says someone appears to have taken the "Android Market Security Tool" used to clean up the devices infected with the malware, repackaged it and inserted code in it that seems to be able to send SMS messages if instructed by a command-and-control server.
It also looks like the code used in the new threat is based on a project hosted on Google Code and licensed under the Apache License, according to Symantec.
A Google spokesman provided this statement when asked for comment: "We encourage Android users to only install applications from sources they trust."
Several things should raise red flags for people with this threat -- it's not on the official, trusted Android Market and it requires a user to install it whereas the Google tool used an automatic push function to distribute the legitimate app.
The initial malware found on the Android Market, dubbed "DroidDream," not only could capture user and product information from a device but also had the ability to download more code capable of further damage.
"We have added detection for the trojanized version of Google's application as Android.Bgserv," Symantec said.
Meanwhile, a Kaspersky researcher has questioned the efficacy and methods of Google's Android security tool itself.

Androidul ocupa o cota importanta din piata, motiv pentru care au aparut si virusii.
Exact ca la Windows. Cine se chinuie sa scrie virusi pentru un SO care are 1-2% cota de piata.
Cu cat cota de piata va creste, cu atat si mizerile pentru Android vor fi pe masura.
Nimeni nu-si bate capul cu Windows Mobile, e nesemnificativ. Idem cu Simbyanul celor de la Nokia.

 ageofdark, on 10th March 2011, 20:40, said:

Exact. Si userii ar trebui sa fie atenti ce instaleaza, nu doar sa dea vina pe sistem. Mai ales pe sistemele root-ate.
Symbianul a avut virusi, dar era cam greu sa ii gasesti "in the wild" - acum, intr-adevar, e un SO lipsit de importanta, desi are inca 30% din piata.

@walsy:
nus ce sa zic... probabil tu ai lua un virus si daca ai face tu un sistem de operare si ai fi singurul utilizator... chit ca n-ar exista virus pentru sistemul tau. Apropos, banuiesc ca nu ai Android, si te cam doare.. si ca sa merg mai departe, pari a fi utilizator de windows mobile ...

hehe... au semnat Nokia cu Windows... hehe... cand s-a aflat, au scazut actiunile Nokia la bursa cu 20%..

Edited by adiharan, 11 March 2011 - 02:08.

Nokia nu s-a prea miscat timp de 2 ani, considerand touch-ul, Android-ul si iOS-ul niste mofturi nord-americane. Acum platesc pretul. Si probabil ca le va fi foarte greu sa-si revina, dupa ce au facut, din nou, cea mai proasta alegere posibila - Windows Mobile. Nu stiu cat de bun este Win Mobile (am inteles ca este foarte bun) dar la momentul asta cred ca o trecere pe Android era mult mai nimerita. Pe langa faptul ca pur si simplu au dat cu piciorul utilizatorilor si dezvoltatorilor de Symbian, anuntand din senin ca nu mai suporta acest SO. Ce sa mai spun si de Intel care a ramas masca atunci cand a aflat ca nici MeeGo nu mai este in carti. Brusc. Nu prea faci asa ceva cu partenerii.
Sincer sa fiu, eu am cumparat Samsung Galaxy S exact in ziua urmatoare anuntului parteneriatului si asta a fost motivul. II urez cadere placuta (desi cred ca-si vor reveni, dar cu greu).

Situatia se va complica in privinta aceasta. Cu cat Androidul se va impune si va acapara piata, cu atat vor aparea probleme mai multe de securitate.
Telefoanele mobile sunt foarte tentante deoarece contin agende telefonice, e-mailuri, etc.

Probabil ca da... asta nu ma sperie si nu e un motiv sa fug de telefoane, la fel cum nu fug nici de PC. Contactele le folosesc si pe pc si pe telefon, banking la fel, mail etc. Asta e... poti aluneca in cada si muri, asta nu e un motiv sa nu faci baie  

V-ati panicat tare ( unii ) nu gluma.   Mai ales cei care nu folosesc Android, gen initiatorul topicului, sunt cei mai afectati de virusi. Viata bate filmul....

Haha... ai dreptate.

Orice se coase, se si descoase. Faptul ca apar virusi, nu inseamna ca se duce de rapa. Asta poate fi si o strategie de marketing pentru firmele producatoare de soft pentru android. Ganditi-va ca, cu cat castiga mai  mult din piata, cu atat sunt mai multi bani in joc.

ORDINE PRIN HAOS. Din pacate, asa merg lucrurile in prezent.

Edited by maxx1nsane, 15 March 2011 - 10:58.

Tinand cont de legile fizicii, entropia unui sistem tinde sa creasca, deci orice sistem tinde spre haosul absolut. Nu putem mentine ordinea decat cu consum de energie. Deci nu e "din pacate, ordine prin haos". Ordinea e ceva efemer  
Voiam sa spun ca nu trebuie sa nu ne intristam ca ne indreptam spre haos.  
Si nici nu cred ca s-a ajuns pana acolo incat firmele de antivirusi sa creeze virusi pentru a-si vinde produsele. Bine, teorii ale conspiratiei sunt dar deja e ceva obisnuit sa apara astfel de idei si sincer, mi s-a cam facut scarba de asa ipoteze. Parca toata lumea ar fi pusa pe furat...

Edited by bodi, 15 March 2011 - 11:10.