Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

'Fee-Deduction' Malware On Android Spotted In the Wild

Soulskill posted more than 3 years ago | from the another-day-another-threat dept.

Android 169

wiredmikey writes "New malware has been discovered embedded in more than 20 Android applications circulating via various forums on the Internet which auto-dials phone numbers to incur high user fees. Dubbed BaseBridge, the malware can be embedded in legitimate applications, and during the application's installation, the malware prompts the user to upgrade. If the user chooses to upgrade, the malware is installed on the Android device under the name 'com.android.battery'. Then, another prompt would pop up to ask the user to restart the app to run it, and the malware is formally activated upon restart. Once activated, the malware can activate three malicious services — AdSmsService, BridgeProvider and PhoneService, to communicate with a control server, from which it will download a configuration file to read related information and dial calls or send out SMS messages, incurring fees for users."

cancel ×

169 comments

Sorry! There are no comments related to the filter you selected.

not possible! (0)

Anonymous Coward | more than 3 years ago | (#36298718)

Malware only affects stupid lusers on Wiblows and OSuX, not linux!!!!

SO MUCH FOR "OPEN" (-1)

Anonymous Coward | more than 3 years ago | (#36298720)

Yet more proof that iPhone is superior.

Something You Can Relate To - Lardass (-1)

Anonymous Coward | more than 3 years ago | (#36298732)

so I saw this big fat heifer-sow of a woman at the grocery store. this one was easily in the 300-350lb range and i was surpirsed to see she
could waddle on her own without the assistance of a wheeled electric fat-cart. i also was really very shocked and amazed to observe that she was
raiding the donuts. no mere half-dozen or full dozen box is enough for her. oh, no. she had to nab the biggest box the place sold, the two-dozen
box.

but you see, there was a problem. she simply could not hold out. it would be a whole 10-15 minutes before she could complete her
shopping and check-out. though i am certain she struggled mightily to control herself, alas, it was far too long to wait. the craving and the
temptation became far too much for her puny willpower. she was overcome and she knew it. still standing in the bakery/pastry area of the store,
she could not help her self. she cracked open the box right then and there and started eating the fat-sugar-and-grease filled donuts. i think it
was an empty box she brought to the check-out.

but oh how it was worth it. though she said nothing you could see how her heart sang. like
the lover to his long-lost beloved, or the heroin addict to the needle and spoon, or the crackhead to that white rock, she was propelled by what she
most cared about. of course she was a bit self-conscious. you could almost see it written on her face, thoughts like "they're going to think this
is why I am so grotesquely fat" and "my decision making obviously could never have anything to do with my disgusting self-hating bloated fatbody
obesity, i am not responsible, could not be responsible, it must be my big bones because bone always looks exactly like flabby jiggling rolls of
fat".

listen up and learn well. hear the words of wisdom. even though it is proven absolutely by empirical observation, basic physics and
mathematics, and the like, that you CANNOT POSSIBLY gain weight if you eat fewer calories than you burn... well despite all of these fancy "facts"
and all of that bullshit book-learnin', obscenely fat heifers like her have no responsibility for their condition. it is always someone or
something else's fault. true they could eat less or exercise more, or preferably both, but who has time for that? i mean damn, YOU try spending 10
hours of your waking day eating yourself into an early grave and then see how much time is left over for things like eating less or exercising more.
quit being so damned insensitive.

so the next time you see a big fat sweaty sow of a woman whose rolls of fat on her shoulder blades look like
a distorted, backward-facing second pair of breasts, you need to give her a mercy fuck. do it to take one for the team. do it to prove how much of
a non-bigot you are. do it so you can finally expose the LIE that people who take responsibility for their lives gain the ability to improve
themselves. we sure as hell can't have people believing in that.

just be sure to have on hand a 10 pound bag of flour. better make that two,
just in case. you might need it for that mercy fuck. you see, there is so much more to love that you might have difficulty locating the vaginal
opening. that's where the flour kicks in and saves the day, or the night. you simply roll her around in it and look for the wet spot. that, good
sir, is your target. you will thank me in the morning, but fear not -- from the kindness of my heart i give this wisdom freely.

Re:Something You Can Relate To - Lardass (0)

Anonymous Coward | more than 3 years ago | (#36299312)

cool story bro....

Well (1)

JAlexoi (1085785) | more than 3 years ago | (#36298734)

That is the treat of sideloading. And I wouldn't give it up for anything.

Rather selfish (1, Interesting)

SuperKendall (25149) | more than 3 years ago | (#36298812)

That is the treat of sideloading. And I wouldn't give it up for anything.

So you would doom millions to be raked over the coals by exploits like this, all so you can sideload. Awesome.

Shouldn't the model be more of one where people who cannot manage systems have systems pre-secured for them, and the ones who can handle security can open them?

It's worked well for iOS from a security standpoint.

Re:Rather selfish (5, Informative)

nbetcher (973062) | more than 3 years ago | (#36298916)

Android is secured by default by disallowing the use of Unknown Sources. If you attempt to enable Unknown Sources for applications it will warn you about risking security. In addition you must know what you're doing to install the Unknown Source APK by either: using 'adb install', or downloading the APK to your SD card and use a file manager application to install it. So yes, Android is just as secure as iOS by default.

URL of APK (2)

tepples (727027) | more than 3 years ago | (#36299042)

In addition you must know what you're doing to install the Unknown Source APK by either: using 'adb install', or downloading the APK to your SD card and use a file manager application

That or enter the URL from which the APK can be downloaded, such as through following a link in an e-mail, following a link in the web browser, or scanning a QR code. After that, the device downloads the package over Wi-Fi or cellular, and then the user can choose to install or cancel on the privilege screen. That's how, for example, Amazon Appstore for Android gets installed.

Re:URL of APK (1)

JAlexoi (1085785) | more than 3 years ago | (#36299134)

Yet even then you have to enable Unknown Sources.

At least Android has "Unknown sources" (2)

tepples (727027) | more than 3 years ago | (#36299912)

At least Android has "Unknown sources" and "adb install" in the first place. Amazon appears to have convinced AT&T to push a firmware update that restores the checkbox [sleetherz.com] , and "adb install" sideloading support is a requirement for Market access. In addition, devices without the Android Market application, such as such as all Archos products, ship with "Unknown sources" turned on so that the bundled AppsLib can work.

Re:URL of APK (2)

h4rr4r (612664) | more than 3 years ago | (#36299172)

Before that you have to enable unknown sources. You can even enable it only when you are going to install something like that amazon app store and then turn it off again.

Still better than the amazon app store for iOS model, which is of course that there is not one and never will be.

Re:URL of APK (1)

tepples (727027) | more than 3 years ago | (#36299924)

You can even enable it only when you are going to install something like that amazon app store and then turn it off again.

But doesn't the user have to turn "Unknown sources" back on whenever installing or updating an application in Amazon Appstore?

Re:Rather selfish (1)

tlhIngan (30335) | more than 3 years ago | (#36300362)

Android is secured by default by disallowing the use of Unknown Sources. If you attempt to enable Unknown Sources for applications it will warn you about risking security. In addition you must know what you're doing to install the Unknown Source APK by either: using 'adb install', or downloading the APK to your SD card and use a file manager application to install it. So yes, Android is just as secure as iOS by default.

If you want those free Amazon apps, you have Unknown Sources allowed, so there's that protection gone. (It's why Amazon doesn't work on AT&T right now, and probably why AT&T is going to have the option - some Amazon-AT&T deal).

And people will trust Amazon so they'll obediently set that checkbox.

As for installing an infected APK - all you need to do is visit the link on Android - someone sends you a link via e-mail, a QR code, or a website offering APKs for download (say, SlideME Marketplace - you can download free apps via their web site). Hell, all you need is to post in any forum "Get paid Android apps for FREE!" and they'll willingly install it.

Hell, considering you can convince people to copy and paste blobs of javascript i ntheir webbrowsers to do some facebook thing, I'd guess you can get them to use adb install as well.

Just like the iOS SSH issue - you can get people to not only install OpenSSH on their iOS device, but also SFTP and an SSH client on their PC.

It's remarkable how far users will go [wikipedia.org] to do these things.

Coming next in Ice Cream - an option to finely control where APKs can come from to prevent people who use Amazon from exposing their phone to unintended app installs as well.

Re:Rather selfish (0)

Anonymous Coward | more than 3 years ago | (#36298958)

Or, we could treat the real problem, personal idiocy, and educate people.

"but people don't want or shouldn't need to learn!!!" You'll respond with.

And if that is true, then they deserve whatever malice comes there way.

Re:Rather selfish (1)

mosb1000 (710161) | more than 3 years ago | (#36299860)

Or they will just use something else.

Re:Rather selfish (5, Insightful)

WhirlwindMonk (1975382) | more than 3 years ago | (#36298992)

If only there were a setting to allow sideloading. One that's disabled by default to protect unsavvy users, but is easily enabled by people who know what they're doing/willing to accept the risks. Oh, hey, look! There it is! "Unknown Sources: Allow installation of non-market applications."

Good to know that the iphone has a similar setting, that was a good move on Apple's part. Oh, wait, it doesn't? You have to exploit security holes to enable sideloading? Huh. How about that.

Re:Rather selfish (1)

h4rr4r (612664) | more than 3 years ago | (#36299004)

Shouldn't the model be more of one where people who cannot manage systems have systems pre-secured for them, and the ones who can handle security can open them?

It's worked well for iOS from a security standpoint.

Where is this "Open mode, I am not a moron" button for the iOS devices?

As far as I can tell no one gets open access, everyone is assumed to be a moron.

Re:Rather selfish (0)

SuperKendall (25149) | more than 3 years ago | (#36299016)

Where is this "Open mode, I am not a moron" button for the iOS devices?

It's called jailbreaking, and if you are really not a moron you don't need a button to easily install it.

Re:Rather selfish (2)

AJH16 (940784) | more than 3 years ago | (#36299092)

Some of us don't believe we should have to fight our device manufacturer to be able to use it. It is for primarily this reason I will never buy or recommend an iPhone or iPad.

Re:Rather selfish (1)

element-o.p. (939033) | more than 3 years ago | (#36299484)

At risk of sounding like flamebait or trolling (I'm not -- I'm honestly curious), how is Android different than an iPhone or iPad? I've got two Android devices, an HTC Hero and a Dell Streak 7, and I'm *pretty* happy with them...but not completely satisfied. I run ConnectBot on both devices so that I can SSH to various hosts at work, and I installed PocketCloud so that I can use RDP as well. Unfortunately, I'm severely limited when I can access hosts at work because the only OpenVPN compatible VPN clients I could find on the Android Market required that you first root (i.e., jailbreak) the device. So, as long as I'm in the office and connected to our internal wireless network I'm good, but forget trying to work from the coffee shop because I can't VPN from my Android devices unless I first root them...which, as far as I can tell, is not at all different from "fight[ing] our device manufacturer."

Re:Rather selfish (0)

Anonymous Coward | more than 3 years ago | (#36300136)

Remember that starting with HoneyComb Android is a proprietary piece of shit. Andy Rubin is both an asshole and a hypocrite.

Re:Rather selfish (1)

brooklynwry (1860438) | more than 3 years ago | (#36300364)

Yeah, by matter of policy Apple bans it. Occasionaly (and by no means always) Apple breaks a jailbroken phone with an update. But the way you phrase it, you'd imply that Apple is smackin' down with lawsuits, cease-n'-desist, and disabling the phones permanently. Now I've known a lot of people to jailbreak their phones, and not one of them has ever EVER ended up with a bricked phone permanently. So, fight, well, yes, but, um, how? Oh "fight" by doing precisely nothing? Cause that's what Apple does in practice to users who jailbreak their phones: absolutely nothing.

Re:Rather selfish (0)

Anonymous Coward | more than 3 years ago | (#36300432)

every time apple issues an update it breaks my jailbroken phone by deleting all my non-jailbroken apps, while simultaneously attempting to make it impossible to put them back

Re:Rather selfish (1)

h4rr4r (612664) | more than 3 years ago | (#36299110)

Oh, you mean software exploits.

See, that is exactly not what was being talked about at all. Security exploits are not put in by apple just so you can own your own devices, they are mistakes. They are a defect, not a part of the model Apple choses to use.

Re:Rather selfish (1)

JAlexoi (1085785) | more than 3 years ago | (#36299166)

So... How is jailbreaking performed? Oh... That's right, by using security holes.

Re:Rather selfish (0)

JAlexoi (1085785) | more than 3 years ago | (#36299190)

And how is jailbreaking performed? Oh... Right... By exploiting security bugs.

Re:Rather selfish (1)

asdf7890 (1518587) | more than 3 years ago | (#36299808)

Where is this "Open mode, I am not a moron" button for the iOS devices?

It's called jailbreaking.

... which may void your warranty (on the hardware, not just the OS) apparently: http://www.bbc.co.uk/news/technology-10836692 [bbc.co.uk]

I doubt they would have an easy way to enforce this given that if you've performed a factory reset on the device they probably can't tell it has been jailbroken (but then again if you are sending it out for repair/replacement under warranty you might not be in a position to perform such a reset).

That said, I still wouldn't compare a built-in feature with warnings about possible consequences, that will always be available, that does not affect the device's warranty to a "feature" that is only available by exploiting bugs in the OS, may be disabled completely if future OS revision fill in all the relevant holes, and may (according to statements made by the manufacturer) invalidate your warranty.

Wrong (1)

SuperKendall (25149) | more than 3 years ago | (#36300652)

which may void your warranty (on the hardware, not just the OS)

You simply restore to factory OS before taking it in for hardware support.

Because if you jailbreak you have a clue. Remember?

Re:Rather selfish (1)

ArcherB (796902) | more than 3 years ago | (#36299008)

That is the treat of sideloading. And I wouldn't give it up for anything.

So you would doom millions to be raked over the coals by exploits like this, all so you can sideload. Awesome.

Shouldn't the model be more of one where people who cannot manage systems have systems pre-secured for them, and the ones who can handle security can open them?

It's worked well for iOS from a security standpoint.

I believe the point is to have the option. Sure, if you choose to sideload, you risk malware or other bad things, but freedom comes with risk. As long as you have the choice and you are willing and able to take responsibility for your device, there is no reason to forced to live in a walled garden. However, if you are happy with what the official channel has to offer, good for you. You should stay in the garden. But just because the protected environment is good for most, that doesn't mean we should all be forced to live there.

Re:Rather selfish (1)

JAlexoi (1085785) | more than 3 years ago | (#36299094)

Doom? Aren't you exaggerating the issue?
In the context of the article: It's basically like saying installation of unsigned Windows applications that don't use the Trusted Platform Module should be banned because there are infected versions on warez sites, forums and torrents. But since this is Slashdot, you probably didn't even RTFA.

Re:Rather selfish (1)

interkin3tic (1469267) | more than 3 years ago | (#36299414)

So you would doom millions to be raked over the coals by their own mistakes, all so you can have freedom. Awesome.

There, I generalized that for you.

Shouldn't the model be more of one where people who cannot manage systems have systems pre-secured for them, and the ones who can handle security can open them?

You would doom millions who insist they can handle security to be raked over the coals? Awesome.

Serious point here: mistakes and malware will happen no matter what. People who are competent enough to operate outside a walled garden will still make mistakes or not be informed enough, and will fall victim to malware, and walled gardens will be penetrated by malware too.

Re:Rather selfish (1)

Anonymous Coward | more than 3 years ago | (#36300558)

I've never fallen victim to malware or virus. And I pirate a lot of shit (yaaar). I don't run AV software either (all except MSE is snakeoil). I read the comments closely and can discern if there are any viruses. If the download isn't listed on nzbmatrix or piratebay, then there are no reliable comments, and I don't download. Period.

When really in doubt, I start a VM and test things. Again, no malware or viruses.

I've also observed someone get malware. You have to be very desperate for what you are trying to get at... Desperate enough that the obvious signs evade you. When they click a link and it takes them to some other download page, then the page is full of shady ads, and when the site itself is shady as fuck... They click something thinking they finally have their download only for it to popup a file download box with a file of a completely different name with no relation to what they're downloading. They then click "Run" and ignore about 3 subsequent warnings. They are so impatient and desperate for whatever they are downloading that they don't read the shit. The more you throw at them, the quicker they will click.

Another is fucking codec downloads or videos that supposedly contain their own player. Yea fucking right. Doesn't take a comp. sci. major here. Drop the damn thing into VLC. If it dosen't play, then delete it. Not worth watching. Plenty of other porn out there, they can let that one video go.

Another vector is this cutsy dumb bullshit people trade on facebook. Again, they get warned about 10 fucking times by their browser and then Windows. The fucking UAC prompts on Win7 are really telling. If your fucking video with its embedded player asks to elevate to admin rights... Just click the damn cancel button.

Windows isn't at fault in these cases. It's the fucking user. The only option would be to refuse to let them execute the file and then they'd bitch about that.

Re:Rather selfish (1)

Spykk (823586) | more than 3 years ago | (#36299530)

I suppose that you are ready to give up your right to install software on your own PC for the good of the public, then?

Re:Rather selfish (1)

rickb928 (945187) | more than 3 years ago | (#36299720)

So the Apple store has never had any rogue apps find their way in?

And the Android store, likewise, has never, and will never, approve an app that is a risk?

Security by corporate moderation. I'm not at all comforted by that.

Re:Rather selfish (0)

Anonymous Coward | more than 3 years ago | (#36299760)

way to have no idea what you are talking about but post anyway. well played.

douchebag.

Re:Rather selfish (1)

Skuld-Chan (302449) | more than 3 years ago | (#36299800)

In my experience the only people who sideload apps are power users - most people will just get their stuff from "Android Market".

Re:Rather selfish (1)

Kitkoan (1719118) | more than 3 years ago | (#36300254)

This problem requires you to allow installing 3rd party programs, something you have to choose to allow. If you choose to remove a security feature and try things that is your choice. Its the same the first smartphone virus [interrupt19.com] being on the iOS. Like this though, it required the user to disable a security feature to be able to effect you. Its not a security fault of the system, its a security fault of the user.

Re:Well (4, Insightful)

cHiphead (17854) | more than 3 years ago | (#36300172)

In my day, we called that "installing" a program. Sideloading? Really? What has the world come to? DRM-ified nonsense.

so this is an act of war then? (0)

Anonymous Coward | more than 3 years ago | (#36298738)

I am confused of who determines what is a 'cyber attack'. To me this sounds like one

I like my walled garden (1)

neosar82 (792049) | more than 3 years ago | (#36298744)

Say what you will about Apple's "walled garden", but I'm kinda happy I'm inside it. That's not to say that iOS is not exploitable because it most certainly is, but it's much less likely something I purchase off the app store will contain malware like this.

Re:I like my walled garden (0)

Anonymous Coward | more than 3 years ago | (#36298828)

You did read the part about having to download these apps from forums and sideloading them, right? Stick to the Market and you'll be fine.

Re:I like my walled garden (-1, Troll)

h4rr4r (612664) | more than 3 years ago | (#36299052)

You should try learning to read. These are not apps in the market, they are pirated apps from alternate sources.

You have fun in that walled garden, probably best for folks who can't even learn to read.

Re:I like my walled garden (1)

JAlexoi (1085785) | more than 3 years ago | (#36299230)

Apparently reading skills are not required in the walled garden...

Re:I like my walled garden (1)

h4rr4r (612664) | more than 3 years ago | (#36300014)

I see the truth angers the fanbois.

Have fun modding me down, been here long enough my karma won't even notice it.

Glad I stuck with Windows Phone 7 (0)

Anonymous Coward | more than 3 years ago | (#36298762)

Wow. I'm sure glad I stuck with Microsoft Windows CE Mobile Phone 7 Series SP1 Smartphone Edition Build 2943 codenamed {some vacation spot}, with Microsoft's great familiar track record for security and all...

Re:Glad I stuck with Windows Phone 7 (3)

Dan East (318230) | more than 3 years ago | (#36298832)

I know you're being facetious, but ironically in this case you're probably indirectly right. Windows Phone 7 has such a small market share that it's not worth bothering with from a malware author's perspective, while iOS and Linux (Android) are huge targets. Funny how the table's turned.

Re:Glad I stuck with Windows Phone 7 (1)

localman57 (1340533) | more than 3 years ago | (#36300230)

It may or may not be worthwhile. If you know someone(s) who has something you want, and uses Windows Phone 7, you might write such a piece of malware. Remember, Siemen's Industrial Control Systems for Centrifuges have an even smaller number of manufactured units than Windows Phones. But I've heard there's been quite the nifty malware written for them. The criteria for writing malware is the value of what you achieve, not just the number of devices you can attack.

Um.. so which apps (4, Insightful)

bigredradio (631970) | more than 3 years ago | (#36298770)

It would be nice to see a list of the Apps. If there are "over 20" the list is probably not too large to post.

Re:Um.. so which apps (1)

blair1q (305137) | more than 3 years ago | (#36299104)

Or a link in TFA to the original release from "NetQin Mobile".

Seriously, since I don't have the malware on my phone, this information-free story is the real malware, here.

Douchery (1)

Flipstylee (1932884) | more than 3 years ago | (#36298782)

Plain and simple.

What's the purpose of this? (2)

yuna49 (905461) | more than 3 years ago | (#36298798)

Is it just to annoy people? What benefit do the authors receive from getting the phone to make random calls or send SMS?

Proof of concept, perhaps?

Re:What's the purpose of this? (1)

thebra (707939) | more than 3 years ago | (#36298852)

Is it just to annoy people? What benefit do the authors receive from getting the phone to make random calls or send SMS?

Proof of concept, perhaps?

Because they can.

Re:What's the purpose of this? (2)

stoanhart (876182) | more than 3 years ago | (#36298856)

The author's set up their own pay-by-the-minute number (like with phone sex services). They set the rate to the maximum possible amount, which is something ridiculous like $99 per minute.

Re:What's the purpose of this? (4, Insightful)

TheRaven64 (641858) | more than 3 years ago | (#36299290)

Not always. The best ones set up quite a low rate and don't make the malware call it more than once or twice. If someone gets a 50 charge on their telephone bill, then they are unlikely to query it. If they do, then the phone company will probably just give them a refund and eat the cost - they probably charge more than 50 for the call to their support line anyway. 50 doesn't sound like much, but if you get a couple of million infections then that's a huge amount of money. Ideally, they'll register a few hundred premium rate numbers and have the malware dial a random one.

Re:What's the purpose of this? (1)

interkin3tic (1469267) | more than 3 years ago | (#36299524)

Telephone companies allow people to set up their own pay-by-the-minute number and willingly give their customers' money to that? Is there a legitimate use for setting up one's own number like that which I'm not thinking of? I'm assuming the phone company gets a cut of the money regardless of whether it's abusive and illegal, and so things like this aren't blocked on their side of things.

Re:What's the purpose of this? (1)

gstoddart (321705) | more than 3 years ago | (#36299656)

Telephone companies allow people to set up their own pay-by-the-minute number and willingly give their customers' money to that? Is there a legitimate use for setting up one's own number like that which I'm not thinking of?

There's loads of places where you see such numbers ... phone sex is "legitimate" in that it is legal, and people can choose to do it. There's also probably lots of more 'mainstream' applications that I'm not thinking of. Generally, it's called "pay per call".

I can't even begin to count the number of "text this number for X" ads I see ... most of which say it costs you money to text to that number (or to receive the texts you've just subscribed to until you text "STOP").

In the end, if it generates revenue for the phone company, and unless it's been proven to be fraudulent or illegal ... the phone company has no incentive to police this stuff.

But, if you think there aren't plenty of businesses doing this already, you're grossly mistaken. This kind of mechanism has existed for probably decades and has probably both legit and shady companies. Fraudulently getting people to do it is probably not new either ... I think there's an entire class of phone scam which gets you to connect to their number and pay through the nose.

Re:What's the purpose of this? (0)

Anonymous Coward | more than 3 years ago | (#36300146)

http://snopes.com/fraud/telephone/809.asp

Yep, been done before.

~Cwix

Re:What's the purpose of this? (0)

Anonymous Coward | more than 3 years ago | (#36300360)

Fee for service. If you call a US embassy to get a visa it will not be a toll free number.

Re:What's the purpose of this? (1)

w_dragon (1802458) | more than 3 years ago | (#36299836)

Here in NA any number that starts with 1-900 is a pay-by-minute type. While the adult industry is the most well-known for them they can also be used by anyone where you're going to be charged by the minute for talking to them anyway (lawyers spring to mind).

Re:What's the purpose of this? (2)

twidarkling (1537077) | more than 3 years ago | (#36298870)

Probably they get the proceeds from these calls/SMS'. Couple shell companies to an anonymous account, and you're making money well.

Re:What's the purpose of this? (1)

Threni (635302) | more than 3 years ago | (#36299394)

As always, this sort of thing would be thwarted if you paid for "premium" numbers 3 months after the call, not at the end of the current month. This would give the consumer/community ample time to discover what's going on and report it before any money was taken. With no financial incentive to perform this crime it would happen far less often.

Of course, this means the phone networks would get less of a cut.

Re:What's the purpose of this? (1)

RottenJ (2060834) | more than 3 years ago | (#36298876)

I suppose it could be used to manipulate American Idol vote-ins?

Re:What's the purpose of this? (1)

OS24Ever (245667) | more than 3 years ago | (#36299362)

To make money.

They own the number being dialed, and above what the phone company charges the extra money all goes to them.

Re:What's the purpose of this? (1)

irishPete (21197) | more than 3 years ago | (#36299478)

Random calls to numbers that bill $10 per minute to your phone

Re:What's the purpose of this? (1)

sunfly (1248694) | more than 3 years ago | (#36299488)

They make money. Any more questions?

Re:What's the purpose of this? (1)

localman57 (1340533) | more than 3 years ago | (#36300264)

What benefit do the authors receive from getting the phone to make random calls or send SMS?

What benefit to the authors recieve from getting your computer to send random e-mails? It seems like this could be the beginning of botNet style SMS spam. So far the networks have kept it pretty clean by putting heavy filtering on the internet/SMS gateways. It doesn't make sense to spam SMS if you're paying 5 cents a message to do it. But if you can compromise devices inside that gateway, and use their 5 cents, it's a whole different story.

Linux = "Immune to malware" (another /. LIE?) (-1)

Anonymous Coward | more than 3 years ago | (#36298826)

I kept hearing that Linux was immune to malware all these years here, and yet I am seeing a Linux variant in ANDROID showing holes and malware attacks left and right the past few years now.

(Has slashdot's Penguin crowd been lying to us all for all these years now? Seems so.)

Re:Linux = "Immune to malware" (another /. LIE?) (1)

thebra (707939) | more than 3 years ago | (#36298878)

I kept hearing that Linux was immune to malware all these years here, and yet I am seeing a Linux variant in ANDROID showing holes and malware attacks left and right the past few years now.

(Has slashdot's Penguin crowd been lying to us all for all these years now? Seems so.)

Go back to your bridge.

That doesn't answer his question (0)

Anonymous Coward | more than 3 years ago | (#36298970)

See subject

We know it's you, APK (0)

Anonymous Coward | more than 3 years ago | (#36299196)

Nice try, but you still couldn't resist randomly bolding shit. Honestly, these days I think 10 year old girls do a better job with their makeup than you do with your markup. Replying to other people and screaming at them to answer "his" (your) question is just the confirmation exercise.

Nobody ever claimed that Linux was immune to people installing shit on it. Hell, nobody ever claimed it was immune to :(){:|:&};: You are the only one who seems to believe that when people say nobody makes viruses for Linux that all of a sudden that means they're claiming that no malware at all can possibly exist.

So Linux + MacOS X (nix in general) isn't immune (0)

Anonymous Coward | more than 3 years ago | (#36299838)

To malware like has been implied here over time, and how Apple said they were basically on T.V. Commercials no less? Well, well, will wonders never cease! I kept hearing how Linux is immune to malwares over time here and now that time has passed, it appears that was a line of the purest bullshit.

Re:So Linux + MacOS X (nix in general) isn't immun (1)

pandrijeczko (588093) | more than 3 years ago | (#36300482)

Friend, I work as a Linux/UNIX security consultant and if I thought you had enough knowledge about Linux/UNIX to understand an explanation I could give you about how a UNIX-like OS differs from, say, Windows in terms of threat attack vectors, then I would do so. But because I doubt your IQ barely reaches 3-digits in length, such an explanation would be wasted on you.

Suffice it to say, I do not recall anyone on here ever saying that Linux is immune to malware because, the fact is, any program you run on any OS anywhere that you cannot guarantee is malware-free could be malware - so clearly anyone making such a statement would be a bigger fool than yourself.

But you can satisfy yourself in the knowledge that, by virtue of the well-paid job that I do, that there are security considerations you must take into account when deploying any Linux or UNIX server - beyond that, you need not worry yourself as clearly your lack of knowledge shows you don't use Linux in any shape or form. Therefore how secure or insecure it is would be irrelevant within your small and blinkered view of reality.

Re:Linux = "Immune to malware" (another /. LIE?) (5, Informative)

spire3661 (1038968) | more than 3 years ago | (#36298974)

A user with root explicitly installing a program IS NOT A HOLE.

Linux doesn't appear to be immune to malware (0)

Anonymous Coward | more than 3 years ago | (#36299040)

He was asking about Linux being said to be immune from malware for years here on slashdot. That's being shown as a lie by ANDROID itself, a Linux variant, turning up malware left and right for the past few years. No more hiding behind the thin mask of "security-by-obscurity" anymore, is there, Penguins? The truth's out, and your Operating System's based on lies of saying Linux is immune to malware. Same crap from the MacOS X camp around here also. MacDefender's showing us all that MacOS X too can be taken down by malware, despite all the lies and utter bullshit that slashdot nix trolls spouted here for years. Too bad the truth's out, eh boys?

Re:Linux doesn't appear to be immune to malware (2, Insightful)

Goose In Orbit (199293) | more than 3 years ago | (#36299518)

Feeding time...

I take you you use a perfect OS then? Do tell us what it is...

Microsoft products seem to be doing VERY well (-1)

Anonymous Coward | more than 3 years ago | (#36300084)

Not just the OS either, but rather nearly the ENTIRE GAMUT of what comes from Microsoft has LESS KNOWN SECURITY ISSUES UNPATCHED than does the LINUX KERNEL

(Linux 2.6x kernel too ONLY mind you, NOT THE REST OF WHAT COMES IN THE DISTRO like Window managers, GUI shells, apps etc. which HUGELY COMPOUNDS it even more, and worse still, for Linux):

To wit/e.g.:

---

Vulnerability Report: Microsoft SQL Server 2008: (05/31/2011)

http://secunia.com/advisories/product/21744/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Internet Information Services (IIS) 7.x: (05/31/2011)

http://secunia.com/advisories/product/17543/ [secunia.com]

Unpatched 0% (0 of 6 Secunia advisories)

Vulnerability Report: Microsoft Exchange Server 2010: (05/31/2011)

http://secunia.com/advisories/product/28234/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft SharePoint Server 2010: (05/31/2011)

http://secunia.com/advisories/product/29809/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Forefront Endpoint Protection 2010: (05/31/2011)

http://secunia.com/advisories/product/34343/ [secunia.com]

Unpatched 0% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft Office 2010: (05/31/2011)

http://secunia.com/advisories/product/30529/?task=advisories [secunia.com]

Unpatched 0% (0 of 6 Secunia advisories)

Vulnerability Report: Microsoft Virtual PC 2007: (05/31/2011)

http://secunia.com/advisories/product/14315/ [secunia.com]

Unpatched 0% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft Internet Explorer 9.x: (05/31/2011)

http://secunia.com/advisories/product/34591/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft Visual Studio 2010: (05/31/2011)

http://secunia.com/advisories/product/30853/?task=advisories [secunia.com]

Unpatched 17% (0 of 1 Secunia advisories)

Vulnerability Report: Microsoft DirectX 10.x:
(05/31/2011)

http://secunia.com/advisories/product/16896/ [secunia.com]

Unpatched 0% (0 of 3 Secunia advisories)

Vulnerability Report: Microsoft .NET Framework 4.x
(05/31/2011)

http://secunia.com/advisories/product/29592/ [secunia.com]

Unpatched 0% (0 of 3 Secunia advisories)

Vulnerability Report: Microsoft Silverlight 4.x: (05/31/2011)

http://secunia.com/advisories/product/28947/ [secunia.com]

Unpatched 0% (0 of 0 Secunia advisories)

Vulnerability Report: Microsoft XML Core Services (MSXML) 6.x: (05/31/2011)

http://secunia.com/advisories/product/6473/ [secunia.com]

Unpatched 0% (0 of 4 Secunia advisories)

Vulnerability Report: Microsoft Windows 7: (05/31/2011)

http://secunia.com/advisories/product/27467/?task=advisories [secunia.com]

Unpatched 8% (5 of 65 Secunia advisories)

---

3.5x LESS THAN IS PRESENT ON THE LINUX 2.6x KERNEL ALONE (toss on the rest of what goes into a Linux distro? That # goes "up, Up, UP & AWAY...", bigime, "increasing that lead, that Linux has", lol, in more unpatched known security bugs present that is (a dubious honor/win, lol, to say the least!)).

So, that "all said & aside"?

So much for your trolling NIX boy!

APK

P.S.=> Compare a "*NIX/Open SORES" OS in Linux's "latest/greatest"?:

--

Vulnerability Report: Linux Kernel 2.6.x (05/31/2011)

http://secunia.com/advisories/product/2719/?task=advisories [secunia.com]

Unpatched 7% (18 of 259 Secunia advisories)

--

THAT? That's about 3.5x as many as Windows 7 has that are unpatched, and it's not even a FULL OS, it's only the kernel (and it's more than the ENTIRE GAMUT of what MS gives folks to do business & build tools for it as well has), & it's NOT the entire 'gamut/array' of what actually comes in a Linux distro (such as the attendant GUI, Windows managers, browsers, etc. that ship in distros too that have bugs, and yes, THEY DO), THAT ADDS EVEN MORE BUGS that COMPOUNDS THAT # EVEN MORE!

So, so much for "Windows is less secure than Linux" stuff you see around here on /., eh?

(It gets even WORSE for 'Linuxdom' when you toss on ANDROID (yes, it's a LINUX variant too), because it's being shredded on the security-front lately, unfortunately)

BOTTOM-LINE:

What this all comes down to, is all the "Pro-*NIX propoganda straight outta pravda" practically doesn't stand up very well against concrete, verifiable & visible facts now, does it? Nope... apk

Re:Linux doesn't appear to be immune to malware (2)

element-o.p. (939033) | more than 3 years ago | (#36299678)

At risk of feeding the troll, here goes:

No one who's had any clue about network and OS security has ever said "Linux is immune to malware." In fact, what us Penguins have said is that it's impossible to stop a truly dedicated admin-level user from shooting himself in the foot if he's determined to do so. However, Linux's security model does a really good job of limiting the scope of the damage done by a user installing malware. Unless you are root (or equivalent) on a Linux box, *your* account will be all that's compromised. You won't hose the entire box because you stupidly installed malware. You won't even turn up a service on a port < 1024 because only root can do that.

The Android malware that's cropped up lately does NOT disprove any of the assertions above, because they are all essentially affecting a single user account. Granted, on Android, there IS only a single user account (which is one of my gripes about the OS, since on my tablet for example, I'd like to be able to set up different user accounts for me, my wife and my daughter, so we could all use the device without screwing up each other's settings, apps, etc.). Such a poor implementation of user accounts, IMHO, goes a long ways towards negating some of the advantages of Linux. <shrug>

Penguins finally admit Linux gets malware, lol! (0)

Anonymous Coward | more than 3 years ago | (#36299916)

Same with MacOS X and Apple, eh?? LMAO! Despite all the slashdot "FUD" and Apple T.V. Commercials saying that nix variant Operating Systems can't be infested appears to have been the hugest line of bullshit ever perpetrated upon unsuspecting users. Linux's security model seems to be FAILING on ANDROID phones (so much for hiding behind literally NO MARKET SHARE on PC's, and "security-by-obscurity" eh, Penguin FUD spreading trolls... lmao!)

Re:Linux = "Immune to malware" (another /. LIE?) (2)

mlts (1038732) | more than 3 years ago | (#36299036)

The iPhone has similar issues. JB the iPhone, grab pirated apps from unknown/untrusted repos, shovel them via Installous, and there have been some really nasty things reported.

The average user is not going to be sideloading apps, and if told to by a website, he or she should be VERY wary, and be checking search engines about the app mentioned.

Re:Linux = "Immune to malware" (another /. LIE?) (1)

StikyPad (445176) | more than 3 years ago | (#36299828)

there have been some really nasty things reported.

References? While there's certainly the potential for such abuses, I haven't heard of anything in the wild to date.

Re:Linux = "Immune to malware" (another /. LIE?) (1)

mlts (1038732) | more than 3 years ago | (#36300478)

If one visits sites like MacRumors, and looks under the iPhone hacks section, you will find a good amount of people posting about installing apps with Installous from dodgy repos. They all kinds of problems, from having to DFU restore, to corruption of other app's data, and so on.

The evidence is anecdotal (someone whining about a spotty JB iPhone that has been heavily modified could be a lot of issues), but slapping on pirated apps from repos that have not been vetted is just asking for an additional payload to come with the .apk file.

The NIX "std. security model" = Downmods? (0)

Anonymous Coward | more than 3 years ago | (#36299986)

LMAO - The "best security model" NIX users have on /. is to downmod anything that shows NIX for what it really is - based on lies!

(Downward moderations, simply to hide the truth of things via mod downs from most users since slashdot sets the mark for most browsers to be above 0 or more)

?

Please: Make us laugh some more at your falsehoods over the past nearly 2 decades being shown for what they are: LIES!

Yes, yes, we know - hide posts that ask honest questions based on facts (like a NIX variant in ANDROID being malware ridden as well as MacOS X being hit by numerous variants of MacDefender lately and other malware in the past)?

LMAO! Keep perpetrating your lies Penguins, and keep going downwards into oblivion!

Apple's Steve Jobs must be smiling... (2)

bogaboga (793279) | more than 3 years ago | (#36298874)

...though not publicly, about the chaos in Android's ecosystem. Seems that everything he predicted is coming to pass.

Folks, we need sanity on Android. Currently, it's nowhere to be seen. Who can deny that?

Re:Apple's Steve Jobs must be smiling... (1)

nschubach (922175) | more than 3 years ago | (#36298982)

According to Google, it's "working as intended"

We've been reporting all kinds of attacks and Google assumes you'll contact the developer or write a blog post to warn others of suspicious activity and that's as far as they'll let you take it. The report is my sig is just one of many.

Re:Apple's Steve Jobs must be smiling... (1)

robmv (855035) | more than 3 years ago | (#36299258)

Right, we need to check mental sanity of people that activate the option to install software from outside the market after the phone showed a big warning and they install anything from any place

Re:Apple's Steve Jobs must be smiling... (1)

fortyonejb (1116789) | more than 3 years ago | (#36299802)

Where are my mod points when I need them. The article also for some strange reason doesn't mention that if you don't allow installation from unknown sources that this malware won't be able to install. Interesting how they leave that out.

Re:Apple's Steve Jobs must be smiling... (1)

JAlexoi (1085785) | more than 3 years ago | (#36299276)

Are all pirated iOS apps free of malware also? Or are you too lazy to even read the summary?

Re:Apple's Steve Jobs must be smiling... (1)

Abreu (173023) | more than 3 years ago | (#36299400)

There's sanity in Android... There's also insanity, which is installing dubious apps from sketchy sources...

Choice is yours.

Re:Apple's Steve Jobs must be smiling... (0)

Anonymous Coward | more than 3 years ago | (#36299784)

Folks, we need sanity on Android. Currently, it's nowhere to be seen. Who can deny that?

It appears Sanity is available in the Android Market:
https://market.android.com/details?id=cri.sanity&feature=search_result

Re:Apple's Steve Jobs must be smiling... (1)

Jonner (189691) | more than 3 years ago | (#36300046)

...though not publicly, about the chaos in Android's ecosystem. Seems that everything he predicted is coming to pass.

Folks, we need sanity on Android. Currently, it's nowhere to be seen. Who can deny that?

Yeah, freedom == chaos. Oh, Steve, preserve us from the chaos of having to exercise judgment!

I am shocked and appalled (3)

0xdeadbeef (28836) | more than 3 years ago | (#36298930)

Trojans in software downloaded from sketchy websites? GTFO!

Re:I am shocked and appalled (1)

jedidiah (1196) | more than 3 years ago | (#36298976)

Chase away the Free Software and this is what you get. The gratis software becomes much less reputable even if it is inside someone's walled garden.

The entire "ecosystem" becomes remarkably more crass and predatory.

Re:I am shocked and appalled (1)

Jonner (189691) | more than 3 years ago | (#36300074)

Chase away the Free Software and this is what you get. The gratis software becomes much less reputable even if it is inside someone's walled garden.

The entire "ecosystem" becomes remarkably more crass and predatory.

What are you talking about? It's Apple and Microsoft that chase away Free software, not Google.

Stupid users (1)

Moondevil (149648) | more than 3 years ago | (#36299088)

No operating system can protect stupid users from installing dubious applications.

Regardless how many security walls you put in place, if the user says yes to everything there is no way he will get protected.

The stupid thing is that this then lands in the stupid non-technical press as "platform X has malware" articles.

Re:Stupid users (2)

gbjbaanb (229885) | more than 3 years ago | (#36299774)

well, what's a dubious application?

a 'Make $$$ Fast' app.. probably
but how about something like 'Bubble Boinger'... would you be confident that *didn't* contain malware.. 'cos if you can't be sure, that's pretty much half the apps in the Market off limits to you.

Sure, if you put lots of security walls in place, the user can still be tricked into saying yes. ("restart app to apply update" says one, you say 'yes', oops. Not all malware asks 'install malware' in their popups).

So you still need to fall back on security measures like AV scanners and system monitors. I think it would also be useful to decline certain parts of app requests - Bubble Boinger doesn't need to make calls or send texts, but sometimes they ask for such. If you could prevent those parts from being available to an app, it might make things more secure.

Re:Stupid users (1)

Dog-Cow (21281) | more than 3 years ago | (#36299820)

Um, the "platform X" does have malware. Why would reporting such a fact imply stupidity?

No details = Scare-Mongering for profit! (0)

Anonymous Coward | more than 3 years ago | (#36299404)

No app list, no advisories, no way to gain *any* information...unless you download their product and run it to find out....you're not infected.

How quaint.

I'm shocked these guys don't have a rogue anti-malware scam going. They are only one step away now, so...look for it "Real Soon Now"!

Don't experiment if it's mission critical (1)

devleopard (317515) | more than 3 years ago | (#36299578)

I love apps on my phone, but along the way, I have to wonder, just how smart is this? My phone is for me, as for many, my primary communications device. I get loading an IM app or an invoicing app or even some Angry Birds. There comes an implicit trust there, I suppose.

I'm cool with tinkering.. that's how our modern marvels came to be. However, tinkering comes with implicit risk. The problem is people tinker and expect the mission critical stuff (like your phone making calls everytime you want, and only when you want) to still remain iron-clad.

It's like jacking with beta software. Yeah, do it on your local machine. However, if you do it on your production server, and you lose data or have run-away costs, that's just too bad.

So you have to be a moron... (0)

Anonymous Coward | more than 3 years ago | (#36300104)

So first you have to ignore the "HEY, YOU'RE INSTALLING OFF THE MARKET. ANYTHING THAT DAMAGES THE PHONE OR THE DATA ON YOUR PHONE IS OF YOUR OWN RISK" and click yes to the Unknown Sources dialog. Then you have to click the Install button on the screen that says "SERVICES THAT COST YOU MONEY: MAKING CALLS, SENDING SMS".

You wouldn't let a random stranger into your house, why would you let a random application into your device -- especially since this stranger's announced that they'll be making phone calls and sending text messages?

Digital Signatures (3, Informative)

DaMattster (977781) | more than 3 years ago | (#36300502)

I am not sure 100% that this is the answer but I think it is high time that we use digital signatures to verify the authenticity of the code. In the open source community this is done all of the time with utilities like GNUPG. Just simply use the author's public key to verify the authenticity of the code. If there is a discrepancy, then there should be a provision to discard the downloaded app. That should, at least, put a severe curb on wrapping malware in legitimate applications.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>