Malware ridden Instagram app found infecting Android devices

by Adam Johnson on
tagged , , , ,

 

Sure the filter enhanced social photo app Instagram is apparently worth 1 billion dollars and now owned by Facebook, but no amount of cabbage will protect it from being faked and infected with malware. This application which was originally an iOS exclusive was recently ported to Android, and became an instant hit. Somewhere around 5 million+ downloads in the first week. These malware creators took swift advantage of the photo apps popularity and created a fake version of Instagram and it is now infecting unsuspecting Android users.

Finding from Sophos, an IT security and data protection company, spoke about the malware called Andr/Boxer-F:

“In our tests, the app didn’t do a very good job of emulating the genuine Instagram app, but that may be because it failed to find the correct network operator. Because this is a malicious app that seems to be relying in the sending of background SMS messages to earn its creators revenue.”

We all need to be cautious as of course this isn’t the first time malware has raised its ugly head in the Android community, and won’t be the last. Your safest bet to decrease your chances of malware is to stay away from third party android markets where the security isn’t monitored as well (if at all) as it is with Google Play. On another note, if you chose to just stay away from Instagram all together, our own Ed Caggiani put together a great article listing and discussing 7 free Instagram Alternatives.

 Hit the source for more information on this malicious software.

source: sophos

 

 

Symantec Helps Google Remove 29 Apps Containing Malware from the Play Store

by Stacy Bruce on
tagged , ,

For those of you who are worried about the increasing concern of malware hidden in select apps that make it into the Google Play store, you can rest easier knowing that Google and Symantec are hard at work trying to spot the culprits. Symantec has recently identified 29 apps containing malware that ultimately targeted Japanese markets. All the apps were removed by Google and seemed to have a common code so it is believed that one group is culpable for the offence.

Once the corrupt app was installed to a users device, it would connect to a server to download the apps content but at the same time upload all the content in the users address book. It is assumed that the app creators sold off this information to be used by various spammers and was possibly even used for financial fraud. Luckily for the markets that were targeted by these apps, the Tokyo police are looking into the case and plan to track down the suspects soon. It’s nice to know Google is at least making an attempt to weed out these malicious apps and that law enforcement is wiling to take action. As always, it’s good to use discretion and to pay attention to device permissions when when downloading apps to try and spot any fishy requests.

source: Symantec
via: Android Authority

 

Apps without permissions: Should you be worried about Android’s latest security scare?

by Robert Nazarian on
tagged

The latest security threat for the Android world deals with apps that don’t require permissions. Paul Brodeur from Leviathan reported about the possibility that an app with no permissions could actually access your data from your physical  or internal SD card. An app such as this could access all non-hidden files and scan them for any information, including any sensitive info. Since the app itself doesn’t have permission to access the internet, it would have to open the browser to send the information. Not an easy task without you knowing it’s being done, but someone could come up with some sort of trick.

Lets be honest folks, should you be keeping any data on your SD card that is sensitive? Forget about apps, what happens if you misplace your phone or it gets into the wrong hands? Anybody could access your SD card to get to those contents. Okay so you’re not saving anything sensitive to your SD card, is there any other potential?

» Read the rest

Boeing scheduled to make a landing in the Android mobile arena in late 2012

by Tony Rosario on
tagged ,

American multinational aerospace and defense corporation, Boeing, has just recently announced plans for the manufacture of a high security Android device for their military and government personnel. This will be the company’s first time to offer a communications device that will function from the use of cellular networks. Boeing has stated that the company recognizes that mobile technology is the future and they want to provide more secure options for their employees rather than restrict them with limited mobile capabilities.

Vice President of Boeing’s secure infrastructure group, Brian Palma, told reporters that “this is why an Android-based system was chosen. The users of these high-end phones want the same ability to use popular applications while knowing that their business communications are secure. The phone will give them what they are used to seeing (on consumer market smartphones) and give them the functionality from the security perspective“.

The price of similar encrypted phones from competitor manufacturers are astronomical, however Boeing aims to keep their price much lower and more affordable in hopes of becoming the more financially wise choice. Feel free to click on the source link below for more details on Boeing’s future smartphone agenda.

source: National Defense Magazine
via: theverge

RIM Stopping The Android Market “Cesspool” On The PlayBook

by Roy Alugbue on
tagged , , , , ,

Reasearch In Motion has decided to drop the major bombshell and stop the ability to sideload Android apps on the Blackberry PlayBook. It’s reasoning? RIM highlights 53 percent of surveyed Android developers believe app piracy is either somewhat of a problem or a huge problem. This seems to fall in line with recent findings showing apps being published without (Android) developer consent. Here’s Alec Saunders, VP of Developer Relations summing it up best:

“[P]iracy is a huge problem for Android devs, and we don’t want to duplicate the chaotic cesspool of Android market.”

While it seems like it’s a direct attack on the Android platform, there’s actually some reasoning to his statement. The Android Market Play Store has a number of quality apps available, but every now and then users will have to search through a multitude of poorly developed apps in order to find the real jewels. RIM wants to keep the integrity of its own app store by keeping its app ecosystem full of quality apps— even if the number is dwarfed by what is found in the Play Store. That means reducing the number of unofficially ported apps to the PlayBook in favor of a smaller number of apps that were developed, tested and certified by developers and RIM.

Thoughts?

source: GigaOM

Google Play Store updated. Grab the download now!

by Chris Stewart on
tagged , , ,

The Google Play Store has ran into one or two teething problem since it replaced the long-standing Android Market. Google has already pushed out a couple of updates in a short space of the time with the most recent seemingly causing more issues than it fixed. Frustrated users have been reporting a series of force closes, glitches whilst browsing and disappearing paid apps.

Fret no more as Google has started rolling out v3.5.16 which promises to fix the reported issues. There doesn’t appear to be a major overhaul here, it’s primarily just bug fixes. Paid apps are back, force closes fixed and early feedback suggests that navigating the menus is quicker and smoother.

If you don’t want to hang around until Google gets round to pushing the update then why not fetch it yourself. Click any one of the links below to get going.

 

source : Android Police

Download mirror 1
Download mirror 2
Download mirror 3

 

Samsung Outlines ICS Update Additions, ‘Face Unlock’ Now Requires You to Blink for Added Security

by Stacy Bruce on
tagged , , , ,

Samsung today announced new features that were added to the ICS update that is scheduled to hit select Galaxy devices. Samsung’s Product Planning Team, the folks in charge of creating the update, spoke with Samsung Tomorrow detailing what is to be expected in the Galaxy S II and Galaxy S firmware updates.

The man in charge of the Galaxy S “value pack” update, SangHyuck Nam, says the device’s firmware update will contain five additional functions and expects customers to be happy with the upgrade since they “tried to make functions as similar to those found in ICS as possible.” One of the more notable features included is the more secure ‘Face Unlock’ function, requiring the user to blink to prove that in fact it isn’t just some ne’er-do-well using a picture of the owner in an effort to unlock the device. Another big addition is a custom  version of Go Launcher, called S Go Launcher. This new launcher will allow the user to further customize the phone’s home screens and to replace standard ICS icons with ones of the owners chosing. Also included is ‘Photo Editor’, ‘Beta Font’ for font sizing, and a ‘Snapshot’ feature that allows for taking pictures while filming video. » Read the rest

Verizon Attempts to Clear Up Remote Diagnostic Tool Privacy Concerns

by Stacy Bruce on
tagged , ,

Yesterday we told you about an update that is heading for the LG Revolution. The most interesting part of this update is the included Verizon Remote Diagnostics tool, one that allows the carrier to essentially take control over your device should you ever require outside diagnostic support. As we all know, privacy has been an increasing concern lately and those tinfoil-hat types did not like the sound of this remote access tool and what VZW might be privy to. Although the tool requires user permission to enable it, it would still be nice to know what the person on the other end can see exactly.

Being that the Carrier IQ ordeal caused such a huge uproar you would think Verizon would be ultra cautious when dipping their toes into the nasty waters of customer privacy. Today, Verizon reached out to our friends at Android Central to shed a little light on the matter, in hopes to put peoples fears to rest. According to Big Red, ” no personal data like keystrokes or web history, location, etc., is logged or saved.”

As AC mentioned, I image users aren’t just going to take their word for it. You can bet that the development community will dive in head first as soon as the app is available and only then will we truly know if the diagnostic tool holds any privacy concerns for the end user.

source: Android Central

 

Verizon Releases Update For LG Revolution, Casually Includes Verizon Remote Diagnostics Tool

by Roy Alugbue on
tagged , , , ,

 

Verizon has sent out a notification to LG Revolution owners highlighting an important update called VS910ZV8 has arrived. In addition to resolving minor bugs with the device, the update introduces a new virtual tool called Verizon Remote Diagnostics which aims to make maintenance of the phone a breeze. Verizon  specifically describes the Remote Diagnostics tool as a:

 

“New customer care solution to improve device issue diagnosis during customer support calls. When a customer calls into Verizon Wireless Customer Care, this solution, with the customer’s permission, allows support personnel to remotely view the user’s device for troubleshooting and application demonstrations.

The Remote Diagnostics tool is a very interesting concept. It essentially means that the RD tool will allow Verizon customer service to see a user’s device and literally gain remote control of it— naturally with your permission of course. Verizon, unlike Carrier IQ took the time to notify its customers of this potentially controversial application. So this in essence, should not a repeat of the whole Carrier IQ shenanigans we remember from late last year. If you own a Revolution smartphone, are you reluctant or OK with this diagnostic tool?

Hit the break to see the full details of the update along with the Verizon link for full details.

» Read the rest

CyanogenMod 9 improves security for root users

by Emily Aquin on
tagged , ,

As Android continues to become more and more popular, coupled with the open-source nature of the software, the need for higher security is on everyone’s mind. In the past, flashing a custom ROM, such as CyanogenMod 7, would automatically enable root access to your phone, leaving your phone immediately vulnerable to potential security threats. Along with the risks came the freedom to customize your phone like no other mobile software could offer. Now with the most recent CyanogenMod 9, CM has merged 3 patches into their latest ROM that will disable automatic root access as default. Users will now have the following root options:

  • Disabled
  • Enabled for ADB only
  • Enabled for apps only
  • Enabled for both

So will this be a welcome change in the root community? In what situations would you make use of this new function? Let us know what’s on your mind in the comments.

Source: CyanogenMod