Recall back in February that Google released “Bouncer” for the Play Store in an attempt to catch malicious applications being uploaded. The service scans potential malicious apps by running them in a virtual environment where Bouncer monitors and surveys them for possible security issues and more. Researchers Charlie Miller and John Oberheide have announced several ways they’ve been able to maneuver Bouncer. One such way, which this and more will be announced at the Summercon conference in New York this week, is to allow the app to “know” when it is being run in a virtual environment and not on a physical device or system, thus allowing it to cease any and all malicious activity until it knows it’s on an actual system. According to Oberheide, though Bouncer should be mimicking a real system “a lot of tricks can be played by malware to learn that it’s being monitored.” Check out the video below of Oberheide and Miller’s test involving an application being uploaded to the Play Store, allowing them to “go inside” Bouncer, catalog fingerprints and allow other malware to know when it’s not running in an actual system environment. Feel free to leave your thoughts in the comments below.
source: Duo Security
Android Malware is the craze these days. Everyone’s talking about it like it’s the biggest things since sliced bread yet I’m yet to run into anyone who was infected by any of them. Everyone’s trying to make a name for themselves so throw in the Android Malware Genome Project. It was started by researchers at North Carolina State University and they say the biggest problem is that we don’t really understand the malware.
They were able to collect more than 1,200 malware samples from August 2010 to October 2011. They found that malware is getting better at preventing detection from mobile security software. They tested four different mobile security apps with over 1200 malware samples that were gathered from August 2010 to October 2011. The four apps included Lookout Mobile, AVG, Norton, and Trend Micro. Lookout led the way by detecting 79.6% of the malware. Next was Trend Micro, which detected 76.7%. In third was AVG, which detected 54.7%, and lastly Norton was only able to detect 20.2%.
Given that as we’re moving away from Desktop computers to a mobile web browsing experience it’s only a logical step that malware should do the same. Well Lookout Mobile Security has found this to be the case as they have recently discovered new sites that act as a drive-by malware node. What this means is that if an Android device that isn’t fully patched visits one of these sites, the site would download and install malware without your knowing. This Trojan could then pose as a system update file which in turn acts like a proxy redirect. This could cause problems for IT and Network folk should that device be connected to their network as once secure information could be now accessible.
The Trojan, known as “NotCompatible” shouldn’t be a problem if you have your devices updated and any one of the various virus scanners out there, like AVG or Lookout for example. Like I said, the risk is low as these sites are few and far between. However, while the risk is low now, the risk is out there and it could potentially grow. But if you make sure to have the “Install from Unknown Sources” unchecked combined with a virus scanner, you should be more than alright as Lookout is working on an update as you read this. They say:
We’re big fans of Lookout Mobile Security here at Talk Android. They just keep getting better. Today they announced two new services: File System Monitoring and Install Monitoring. These two services are aimed at those of you that like to download apps from alternative markets, forums, or any other means. Lookout already has protection for scanning apps after installation, but this update will scan these 3rd party apps before installation. That’s the ultimate form of protection because there’s no sense installing something that’s malware to begin with.
Sure the filter enhanced social photo app Instagram is apparently worth 1 billion dollars and now owned by Facebook, but no amount of cabbage will protect it from being faked and infected with malware. This application which was originally an iOS exclusive was recently ported to Android, and became an instant hit. Somewhere around 5 million+ downloads in the first week. These malware creators took swift advantage of the photo apps popularity and created a fake version of Instagram and it is now infecting unsuspecting Android users.
Finding from Sophos, an IT security and data protection company, spoke about the malware called Andr/Boxer-F:
“In our tests, the app didn’t do a very good job of emulating the genuine Instagram app, but that may be because it failed to find the correct network operator. Because this is a malicious app that seems to be relying in the sending of background SMS messages to earn its creators revenue.”
We all need to be cautious as of course this isn’t the first time malware has raised its ugly head in the Android community, and won’t be the last. Your safest bet to decrease your chances of malware is to stay away from third party android markets where the security isn’t monitored as well (if at all) as it is with Google Play. On another note, if you chose to just stay away from Instagram all together, our own Ed Caggiani put together a great article listing and discussing 7 free Instagram Alternatives.
Hit the source for more information on this malicious software.
For those of you who are worried about the increasing concern of malware hidden in select apps that make it into the Google Play store, you can rest easier knowing that Google and Symantec are hard at work trying to spot the culprits. Symantec has recently identified 29 apps containing malware that ultimately targeted Japanese markets. All the apps were removed by Google and seemed to have a common code so it is believed that one group is culpable for the offence.
Once the corrupt app was installed to a users device, it would connect to a server to download the apps content but at the same time upload all the content in the users address book. It is assumed that the app creators sold off this information to be used by various spammers and was possibly even used for financial fraud. Luckily for the markets that were targeted by these apps, the Tokyo police are looking into the case and plan to track down the suspects soon. It’s nice to know Google is at least making an attempt to weed out these malicious apps and that law enforcement is wiling to take action. As always, it’s good to use discretion and to pay attention to device permissions when when downloading apps to try and spot any fishy requests.
via: Android Authority
The latest security threat for the Android world deals with apps that don’t require permissions. Paul Brodeur from Leviathan reported about the possibility that an app with no permissions could actually access your data from your physical or internal SD card. An app such as this could access all non-hidden files and scan them for any information, including any sensitive info. Since the app itself doesn’t have permission to access the internet, it would have to open the browser to send the information. Not an easy task without you knowing it’s being done, but someone could come up with some sort of trick.
Lets be honest folks, should you be keeping any data on your SD card that is sensitive? Forget about apps, what happens if you misplace your phone or it gets into the wrong hands? Anybody could access your SD card to get to those contents. Okay so you’re not saving anything sensitive to your SD card, is there any other potential?
American multinational aerospace and defense corporation, Boeing, has just recently announced plans for the manufacture of a high security Android device for their military and government personnel. This will be the company’s first time to offer a communications device that will function from the use of cellular networks. Boeing has stated that the company recognizes that mobile technology is the future and they want to provide more secure options for their employees rather than restrict them with limited mobile capabilities.
Vice President of Boeing’s secure infrastructure group, Brian Palma, told reporters that “this is why an Android-based system was chosen. The users of these high-end phones want the same ability to use popular applications while knowing that their business communications are secure. The phone will give them what they are used to seeing (on consumer market smartphones) and give them the functionality from the security perspective“.
The price of similar encrypted phones from competitor manufacturers are astronomical, however Boeing aims to keep their price much lower and more affordable in hopes of becoming the more financially wise choice. Feel free to click on the source link below for more details on Boeing’s future smartphone agenda.
source: National Defense Magazine
Reasearch In Motion has decided to drop the major bombshell and stop the ability to sideload Android apps on the Blackberry PlayBook. It’s reasoning? RIM highlights 53 percent of surveyed Android developers believe app piracy is either somewhat of a problem or a huge problem. This seems to fall in line with recent findings showing apps being published without (Android) developer consent. Here’s Alec Saunders, VP of Developer Relations summing it up best:
“[P]iracy is a huge problem for Android devs, and we don’t want to duplicate the chaotic cesspool of Android market.”
While it seems like it’s a direct attack on the Android platform, there’s actually some reasoning to his statement. The
Android Market Play Store has a number of quality apps available, but every now and then users will have to search through a multitude of poorly developed apps in order to find the real jewels. RIM wants to keep the integrity of its own app store by keeping its app ecosystem full of quality apps— even if the number is dwarfed by what is found in the Play Store. That means reducing the number of unofficially ported apps to the PlayBook in favor of a smaller number of apps that were developed, tested and certified by developers and RIM.
The Google Play Store has ran into one or two teething problem since it replaced the long-standing Android Market. Google has already pushed out a couple of updates in a short space of the time with the most recent seemingly causing more issues than it fixed. Frustrated users have been reporting a series of force closes, glitches whilst browsing and disappearing paid apps.
Fret no more as Google has started rolling out v3.5.16 which promises to fix the reported issues. There doesn’t appear to be a major overhaul here, it’s primarily just bug fixes. Paid apps are back, force closes fixed and early feedback suggests that navigating the menus is quicker and smoother.
If you don’t want to hang around until Google gets round to pushing the update then why not fetch it yourself. Click any one of the links below to get going.
source : Android Police
Download mirror 1
Download mirror 2
Download mirror 3