Feeds

Wave of Trojans breaks over Android

Fake security updates and other Windows malware-style trickery

Beginner's guide to SSL certificates

Fraudsters have cranked up production of malware targeting Android devices with with a rash of Trojans, many of which apply tricks long used against Windows PCs.

F-Secure reports that a rogue developer has modified a harmless app that displays pictures of bikini-clad babes into a tool that secretly establishes a rudimentary mobile botnet. "The added code will connect to a server and send details about the infected handset to the malware authors," F-Secure reports. The malware waits for an incoming phone call before it send the phone's IMSI, IMEI, SDK Version and information regarding any packages installed to a remote server.

AVG adds that 25 rogue Android apps were discovered on the Android marketplace over the weekend that contained a variant of the DroidDream trojan. Google purged these apps but more rogues have since reappeared, it adds. AVG is working with Google's Android security team in dealing with the fresh threat. It estimates a combined total of 15,000 handsets have been hit by the DroidDream outbreak.

Separately a malicious link in spammed SMS messages is being used to fool users in China into downloading a supposed Android security update that is actually an SMS distributing Trojans. AdSMS uses the sort of trickery long used by fake Windows security update Trojans, but with the added twist that the mobile malware is capable of sending SMS messages to a premium rate number, enriching virus distributors and their partners in crime at the expense of infected users in the process.

Many of the same security problems long prevalent on Windows are repeating themselves on Android, making the platform an increasingly attractive target for hackers, a recent security analysis by Kaspersky Labs reports. These problems include a large number of Android devices running outdated software harbouring unpatched vulnerabilities in the hands of users who routinely ignore security alerts. "As with Windows, the most infected computers are those on which users have administrator privileges, the greatest risk of infection is faced by those Android systems which have been jailbroken," Kaspersky analyst Yury Namestnikov. "Mobile malware communicates with its owners using a method that is widely employed by Windows malware – via command-and-control centers, which will ultimately lead to the emergence of mobile botnets," he adds.

Although it is a growing problem, Android-specific malware still lags between Trojans and the targeted Symbian-based smartphones. That's no mean feat considering the first malware for Android devices appeared less than a year ago, back in August 2010.

Android became the second most popular environment for mobile malware behind Symbian OS during the first three months of the year, according to a study (23-page PDF/6.6MB) by McAfee published on Wednesday. It reports more than 1,000 different mobile malware strains during Q1 2011, around three-quarters of which affected Symbian devices. Cross-platform Java-based mobile malware and Android-targeting malicious code were the next two most prevalent categories in McAfee's chart. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.