×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Android Trojan Records Phone Calls

timothy posted more than 2 years ago | from the goodnight-snookums-wookums dept.

Android 74

jbrodkin writes "A new Android Trojan is capable of recording phone conversations, according to a CA security researcher. While a previous Trojan found by CA logged the details of incoming and outgoing phone calls and the call duration, new malware identified this week records the actual phone conversations in AMR format and stores the recordings on the device's SD card. The malware also 'drops a 'configuration' file that contains key information about the remote server and the parameters,' CA security researcher Dinesh Venkatesan writes, perhaps suggesting that the recorded calls can be uploaded to a server maintained by an attacker. Installation of the Trojan requires some user interaction, but the malware recreates the look and feel of the standard Android application installation process, and may fool some unsuspecting users."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

74 comments

What was that ... (0)

OzPeter (195038) | more than 2 years ago | (#36953796)

Can you hear me ??
No .. no .. you're breaking up
Yeah thats better .. no .. move back where you were
Sorry what was that?
Hello .. hello .. you still there???

Recording should be a basic function... ? (5, Insightful)

acidradio (659704) | more than 2 years ago | (#36953822)

So I have to rootkit my own phone in order to record anything but this trojan can just record everything on its own? What a scam! I'm glad it takes a virus writer to extract what I consider to be a basic functionality out of my phone.

Re:Recording should be a basic function... ? (3, Interesting)

The Optimizer (14168) | more than 2 years ago | (#36953928)

I was under the impression that there were no public APIs for getting at the audio data from the call in progress,specifically to keep people from making apps that could record calls due to legality issues (wiretapping, etc, depending on your location and jurisdiction).

The "recorder" programs that are out there recording directly from the mic, and are usually not able to pick up the output from the speaker (and if they do, it's usually very faint). iPhones / iOS lack the capability for the same reasons.

I think a lot of people would find it very useful, for a number of various reasons, to have the ability to have their calls automatically recorded, with metadata of who, when, etc, stored in .WAV or other easily playable format, and automatically synced with their PC.

Re:Recording should be a basic function... ? (1)

Anonymous Coward | more than 2 years ago | (#36954530)

I was very disappointed to find that I could not record calls on my android phone the way I could on my windows mobile phone, but I ended up switching to VOIP rather than use voice minutes, and CSipSimple is a great free (GPL) VOIP app that I ended up settling on. Once I went through the config I found that it has the option to record calls, and now I have a feature I wanted badly along with VOIP.

Re:Recording should be a basic function... ? (1)

ne0n (884282) | more than 2 years ago | (#36956576)

There are many ROMs that support proper "official" call recording ripped from the OEM Samsung Korean ROMs (which have it enabled by default IIRC). I've used it and it works perfectly, no mic-record nonsense involved. AFAIK it only works on Froyo so far.

Or you can just use MIUI, which everyone should be doing anyway. It kicks ass and supports call recording. No virus needed.

Re:Recording should be a basic function... ? (1)

NorQue (1000887) | more than 2 years ago | (#36956900)

Or you can just use MIUI, which everyone should be doing anyway. It kicks ass and supports call recording. No virus needed.

How do you do that? I just spent 10 minutes wading through the various settings menus and couldn't find anything related to call recording.

Re:Recording should be a basic function... ? (1)

ne0n (884282) | more than 2 years ago | (#36957106)

while in a phone call hit the Tools button to get the Record option. it will record an .amr file for you.

Re:Recording should be a basic function... ? (0)

Anonymous Coward | more than 2 years ago | (#36956812)

Here in Europe there are Android apps for automatic phone call recording, installable thru the App Market.

Re:Recording should be a basic function... ? (1)

Kamiza Ikioi (893310) | more than 2 years ago | (#36959630)

I used to be able to record phone calls... even after rooting, I now cannot. This article is like saying, "Trojan does cool thing you can't do on your own but wish you could."

Next up, a flu virus spreading that gives you the ability to fly? Oooo, horrible! /sarcasm

Re:Recording should be a basic function... ? (0)

Anonymous Coward | more than 2 years ago | (#36961424)

I do this with my android all the time with an app called Total Recall. Very useful for business calls... works on most android units and records directly, not from the mic.

  I already used it on my previous nokia e72 (symbian) and it worked great... turned out to be very useful when I was receiving calls from interviews/job offers and later didn't even remember the topic.

Re:Recording should be a basic function... ? (1)

Kenja (541830) | more than 2 years ago | (#36954062)

The issue would seem to be a legal one. It is illegal in many US states to record a phone call unless both parties agree to it before hand. My understanding is that Google locked down the API for call recording as a result. They are still there however, but they dont work on all phones.

This raises another point, did they test this "torjan" outside of the dev (emulated) environment? Because there are a number of call recording apps out there, but they simply wont work on a lot of Android builds because the required OS hooks are missing.

Re:Recording should be a basic function... ? (1)

s0litaire (1205168) | more than 2 years ago | (#36954266)

You need a patched kernel to get access to the API's
A few of the custom ROM's are now using this patch in their kernels as standard (CM7 for one). There's a specific CallRecorder app that's designed to use that patch and API's with some ROM's and it works great!

Re:Recording should be a basic function... ? (0)

Anonymous Coward | more than 2 years ago | (#36954520)

IANAL, but I think that it's not admissible in a court of law in many states, not necessarily illegal. Although, in some states it may be illegal. In my state (WI) it's a one-party state. My lawyer said "record whatever you want you don't have to tell anyone."

Re:Recording should be a basic function... ? (1)

sgtron (35704) | more than 2 years ago | (#36954280)

No kidding. I could do this with my nokia phone, no problem. But with android it's like pulling teeth. Somebody link to this "trojan" so I can install it for my own phone.

Re:Recording should be a basic function... ? (3, Informative)

s0litaire (1205168) | more than 2 years ago | (#36954352)

no need for trojans

check android market for the developer "skvalex" and check the link in his "CallRecorder" app..
it's been around for nearly a year!!

Re:Recording should be a basic function... ? (2)

Artifex (18308) | more than 2 years ago | (#36956024)

As his notes and the related XDA forum say, you need to also patch, if your ROM doesn't already include support for it.
(When I switched from one ROM to another recently, it stopped recording, even though the su log showed call recorder still starting and stopping with each call. This is why.)

Re:Recording should be a basic function... ? (1)

victorhooi (830021) | more than 2 years ago | (#36955450)

heya,

Yeah, I have to agree with the parent and all the other repliers.

This is frigging ridiculous - my old Nokia could record my calls fine. Heck, Windows Mobile 6.5 phones can record the damn call.

Yet on Android - the inablity to record calls has been an outstanding bug for what...2 years?

http://code.google.com/p/android/issues/detail?id=2117 [google.com]

And guess what - it's also currently ranked number *eight* by users for Android bugs:

http://code.google.com/p/android/issues/list?can=2&q=&sort=-stars&colspec=ID%20Type%20Status%20Owner%20Summary%20Stars [google.com]

I think it goes to show that Google isn't very good at the "listening to user's part". Lol. I mean, they make cool projects, and I'm sure they're brilliantly smart and all. But actually listening to users is definitely not their forte. Pft.

All the current workarounds require you to root your phone, and even then, work reliably on all handsets they will not...

If this trojan can actually do what it claims to do - I hope somebody dissects it, and packages the functionality into an application on Android Market.

Cheers,
Victor

Re:Recording should be a basic function... ? (1)

cavreader (1903280) | more than 2 years ago | (#36956076)

"it's also currently ranked number *eight* by users for Android bugs" This is interesting since this is missing functionality not a bug. Android phones do not advertise or provide this as default functionality. Maybe you used "bug" by mistake but if not there are significant differences in how bug reports and new functionality requests are prioritized and released with "bugs" usually getting the priority depending on the severity. If you are adding new functionality you might, I say might, be depending on the existing release features and if there are bugs your new features could be effected.

Re:Recording should be a basic function... ? (0)

Anonymous Coward | more than 2 years ago | (#36957520)

et on Android - the inablity to record calls has been an outstanding bug for what...2 years?

It's not a bug, it's by design. Google made the decision not to implement that portion of the Android API on US smartphones to avoid Legal issues involving wiretapping laws.

If you really want, you can install your own ROM which has those features present, but not all phones will physically support it.

Re:Recording should be a basic function... ? (1)

DaFallus (805248) | more than 2 years ago | (#36959078)

Can you please list a few phones that do provide this "basic" functionality? I'm genuinely curious.

Que the fandroids... (-1)

Anonymous Coward | more than 2 years ago | (#36953834)

More of a reason to ignore the failure thst is the android platform. It's Blackberry or nothing.

Where's the Torjan part? (5, Insightful)

Kenja (541830) | more than 2 years ago | (#36953862)

This is an application that records phone calls. It tells you it will do this when you install it and it will require you opt to install it from an untrusted site after configuring your phone to allow such an action.

But then I guess "phone call recording app records phone calls" is less of an alarmist title.

Re:Where's the Torjan part? (1)

aztracker1 (702135) | more than 2 years ago | (#36954254)

Fair enough... I live in a state where only one party requires notice for recording a call, me being that party should allow it... I have no desire to do so, but would be nice.

Re:Where's the Torjan part? (1)

MobileTatsu-NJG (946591) | more than 2 years ago | (#36954446)

But then I guess "phone call recording app records phone calls" is less of an alarmist title.

What's funny is lots of people who rely on Slashdot for their smartphone news actually consider themselves informed.

Re:Where's the Torjan part? (1)

dizzysoul (2275254) | more than 2 years ago | (#36954672)

"Where's the Torjan part?" I would love to tell you, but you will first have to explain to me what a Torjan is!

It can upload the recordings (0)

Anonymous Coward | more than 2 years ago | (#36954738)

to a malicious user. Read the fucking summary.

Re:It can upload the recordings (1)

Anonymous Coward | more than 2 years ago | (#36957822)

(It can upload the recordings ) to a malicious user. Read the fucking summary.

I just did. It says perhaps suggesting. There is no actual indication that it can even do so; that behavior was not observed on the two emulators they ran the software on and it doesn't look like they even tried to reverse engineer it.

Here's the link to the actual article by the CA researcher: http://community.ca.com/blogs/securityadvisor/archive/2011/08/01/a-trojan-spying-on-your-conversations.aspx
Some items to note:

1. Nowhere does he provide reasoning or justification for why this software is being considered Malicious, much less a Trojan.
2. He claims that it "tricks users" by presenting a window which appears to look like a normal Android Install window. But then he says it requires the user to actually grant permissions... so that doesn't just "look like" a normal install window, it IS a normal install window. Additionally, the only way to install it is via a 3rd party store... so the user has to somehow enable 3rd party app store installs as well.
3. As for the malicious nature of the program- he seems to be taking offense to it recording calls. Or storing the recordings. He never says what he's calling "malicious". He speculates that some server info stored in a local file is an indicator that it might be able to upload data. Again, no logic behind why this is malicious and an FTP program is not.
4. There is absolutely NO evidence that this allows any kind of remote access to the phone. There is no evidence it is actually trying to connect to a remote server, or upload automatically.
5. This software was never tested on an actual device- he used two emulators.

So without knowing anything about how this software is advertised, it is by definition impossible to determine if it's a Trojan or not. And so far there isn't any evidence that it's doing anything malicious at all. In fact, I really don't see how this software is ANY different than any of the other applications which allow in-call recording.

Re:Where's the Torjan part? (0)

Anonymous Coward | more than 2 years ago | (#36954856)

The point is, that the Android API (just like the iOS one) doesn't allow access to such basic function that aren't related to pointless "colorful clickables" apps.
(I know, because I tried to write an answering machine program for Android. Which would be piss-easy if Android even remotely had the APIs and functionality of my good old Nokia. It's all locked down, and you don't get more of the hardware, than a website gets of your PC.)

So "obviously" it must be a "evil" trojan that must be destroyed...

Re:Where's the Torjan part? (1)

SETIGuy (33768) | more than 2 years ago | (#36954980)

We need a name for apps that do things that the OS maker doesn't want apps to do. Since it's Android, I think the appropriate term is "renegade." How's this for a title "Renegade app allows Android users to do something Google doesn't want them to do."

Re:Where's the Torjan part? (1)

Viree (214760) | more than 2 years ago | (#36955110)

There isn't any mention of what this 'trojan' is called on android Market. Am I reading too fast from TFA?

Re:Where's the Torjan part? (1)

adolf (21054) | more than 2 years ago | (#36956086)

I'd also like to know what it's called.

I've wanted a telephone recording app for my Droid...ever since I got my Droid. I live in a one-party state, so it's no big deal to record calls when I deem it useful.

I have a funky little microphone from Olympus that fits into my ear and does a very good job of capturing my own voice and the audio from the telephone's earspeaker, but carrying that and the digital recorder that goes with it is bothersome -- let alone cabling it all up to use it.

Re:Where's the Torjan part? (0)

Anonymous Coward | more than 2 years ago | (#36960074)

Well if that's true it's still a bit alarming. A remote vulnerability could be exploited to install a less obvious version of this. No Android worms as of yet though.

Android is Windows 95 hell all over again (0, Insightful)

Anonymous Coward | more than 2 years ago | (#36953888)

Tons of untrusted binaries, a false sense of security and trojans, viruses and all that crap. I'm actually sad it took off.

I want all apps to run in a chroot jail. I want to dictate the app's permissions. I want to be able to see which hosts that an app communicates with (someone build a netstat -a with a fancy gui please - bonus points for getting it on the appstore without needing to root the phone (good luck)). The Google model of "we'll take good care of your data" needs to die. Fine, google can store my data, as long as it leaves my phone encrypted.

Sure, Android's user friendliness is quite good, but I give it's going in the wrong direction in so many other ways it's not even funny.

Re:Android is Windows 95 hell all over again (1)

Anonymous Coward | more than 2 years ago | (#36954080)

Not to disagree with your point but...why do you want apps running "in a chroot jail" when none of the apps on the whole phone, even mission critical apps like the dialer, already run as an unprivileged user?

I think you're confusing root with having write permissions to the SD card or something here. Without manually rooting the phone itself, NOTHING ON THE WHOLE DEVICE runs as root. Placing every app in a jail is just going to add a small amount of additional memory overhead for every process.

Perhaps more to your point though, the real solution here is to uncover the console a little. I know, I know, GUIs are great and all that, but the nice thing about seeing "root@box" before every single command you ever execute is that there's no doubt in your mind what user is starting the process, and what permissions that process will have.

A good solution for this would be something like Launchy (google it) for android, with a special icon to denote when the program you're starting will be running with root permissions. Of course, unless the ROM is rooted, none of them are, but even now I sometimes forget I gave a certain app superuser permissions and it would be nice to have a reminder. Not a warning. A popup dialog is never a good answer! However, a simple icon beside the program in the app drawer that designates it'll run as root by default would be nice.

In any case, the proper solution to security is smarter users plus unobtrusive notification. Popup warnings and outright denial do nothing but frustrate users and force them to use a less annoying - and less safe - means to accomplish whatever it is they're damn well going to do anyway.

Keep your hard and fast rules in the firewall. Everything within the network is going to require smarter people to function anyway.

Re:Android is Windows 95 hell all over again (1)

psyclone (187154) | more than 2 years ago | (#36954292)

Check out the excellent Droidwall [appbrain.com] app. It requires root of course to run iptables, but shouldn't we all have root on our phones?

To the GP, I agree android should support finer grained permissions (and each version of the OS has more perms) in addition to selecting which permissions the user wants to grant the app! (Not just "OK" to allow all the permissions the app asks for, but the user could pick and choose which perms to give it; obviously not granting some perms would cripple some apps..) Without that ability, Droidwall at least blocks internet connectivity for all apps in whitelist mode.

And you will both learn when running Droidwall that each app runs as its own user on the phone. Hence it gives you the requested GUI to allow each app access to the net (over 3G and/or wifi).

Re:Android is Windows 95 hell all over again (0)

Anonymous Coward | more than 2 years ago | (#36955900)

The problem with that is there are some applications out there that "require" access to information they have zero business accessing. For instance, Angry Birds wanting access to your contact list.

Re:Android is Windows 95 hell all over again (1)

psyclone (187154) | more than 2 years ago | (#36962536)

Oh, I agree that's a problem -- which is why I would love the ability for the user to decide which permissions to grant. The app requests them, and the user grants/denies them on a fine-grained basis.

However, Angry Birds on Android (all 3 versions) do not request access to the contact list. At least the ones I downloaded from the market. They all want internet access though, and the standard version wants GPS location.

Re:Android is Windows 95 hell all over again (1)

shutdown -p now (807394) | more than 2 years ago | (#36954396)

I want all apps to run in a chroot jail.

Why do you need a chroot, if you can just set permissions such that the app can only see what it needs to see?

And Android does that already. System partition is by and large off-limits. Each app gets its own directory with full access to itself and no-one else, which is the default storage location. SD card (or whatever is mounted to /sdcard - on phones like Nexus S, it's just a separate partition) is shared between all.

Re:Android is Windows 95 hell all over again (1)

BradleyUffner (103496) | more than 2 years ago | (#36955298)

Why do you need a chroot, if you can just set permissions such that the app can only see what it needs to see?

And Android does that already. System partition is by and large off-limits. Each app gets its own directory with full access to itself and no-one else, which is the default storage location. SD card (or whatever is mounted to /sdcard - on phones like Nexus S, it's just a separate partition) is shared between all.

Some applications will not run if they can't have access to the filesystem. I would still like to run these applications. The Chroot jail would allow you to present a fake filesystem to the application that it can change however it wants without breaking anything else. The same thing can be extended to other areas. App refuses to run without seeing your contacts? Here, have a fake address book.

Re:Android is Windows 95 hell all over again (0)

Anonymous Coward | more than 2 years ago | (#36957926)

Why do you need a chroot, if you can just set permissions such that the app can only see what it needs to see?

And Android does that already. System partition is by and large off-limits. Each app gets its own directory with full access to itself and no-one else, which is the default storage location. SD card (or whatever is mounted to /sdcard - on phones like Nexus S, it's just a separate partition) is shared between all.

Some applications will not run if they can't have access to the filesystem. I would still like to run these applications. The Chroot jail would allow you to present a fake filesystem to the application that it can change however it wants without breaking anything else. The same thing can be extended to other areas. App refuses to run without seeing your contacts? Here, have a fake address book.

From what I've seen so far, there aren't any apps that refuse to run. Some of them will crash or otherwise "break", but for now the devs seem to be relying solely on the installation process to 'guarantee' the permissions. For example, unless an app actually needs a remote server (like an FTP client or your Facebook widget) you can shut off all your data connections to get rid of the advertisements.
But I ought to be able to do that via software on an app-specific basis.

I will agree that a chroot jail would be useful in some cases, but if I'm that distrustful of an app it's probably not going on my phone in the first place.

Re:Android is Windows 95 hell all over again (0)

Anonymous Coward | more than 2 years ago | (#36962686)

Then bitch at the app developer to fix their app (preferably through email first), or separate their functionality (via plugin type system). Enoguh people complaining with a poor star rating will convince them.

Attention Cheaters. (1)

anubi (640541) | more than 2 years ago | (#36954054)

This application, even just the fear of the possibility of it running, will instill a lot of fear in those using their phone for personal relationship infidelity,

Variants of this application are apt to become very popular amongst those suspecting their relationships are not pure.

Thank Jobs for iPhone! (0)

Anonymous Coward | more than 2 years ago | (#36954130)

This shit would never make it to market in a real app store.

Re:Thank Jobs for iPhone! (2)

andydread (758754) | more than 2 years ago | (#36955156)

You have to install it from an untrusted source. If you go to an android phone Application->Settings and manually enable "Allow the installation of apps from untrusted sources" Then add the untrusted source that hosts malware then you will be able to install it. In other words you have to go out of your way to get infected. You know... leave the garden of Google Marketplace. Most people that choose to exercise that choice (Which Dear Leader Steve does not allow on your iPhone) will know to be careful when adding Chinese malware sources to their Android.

Re:Thank Jobs for iPhone! (0)

Anonymous Coward | more than 2 years ago | (#36956040)

FTA: "Malware-infected applications have also been found in the Android Market itself, but users can protect themselves by installing antivirus software, just as they would on a PC. "

Try again fanboi

Linux distro subject of FUD (1)

Trufagus (1803250) | more than 2 years ago | (#36954324)

Nothing new.

Re:Linux distro subject of FUD (0)

Anonymous Coward | more than 2 years ago | (#36954974)

I hope you're not trying to imply that Android is a linux distro.

It's a VM on top of a forked linux kernel separate from the main branch that contributes nothing back to the main kernel.

This story isn't some Microsoft or Apple plot against Google. It's normal, everyday crap for any operating system. Hacker finds hole, hacker exploits hole. Tune in next week for "vendor patches hole".

What makes it a trojan? (1)

Lenbok (22992) | more than 2 years ago | (#36954602)

The linked article (and the blog post that it links to) doesn't say what makes the app a trojan as opposed to functionality the user may have actually been intending to install. What was the app pretending to be? Scaremongering, or just a poorly written blog post?

Re:What makes it a trojan? (1)

SETIGuy (33768) | more than 2 years ago | (#36955000)

Yes, it is, in fact, scaremongering. Someone doesn't understand that a trojan pretends to be something it isn't. This appears to be what it's advertised to be.

Re:What makes it a trojan? (1)

bonch (38532) | more than 2 years ago | (#36955796)

This thing tricks users into installing it by mimicking a legitimate installation screen, records conversations, and contains configuration information for a remote server which suggests uploading of those conversations, and you think it's "scaremongering" to label it a trojan? Give me a break.

Re:What makes it a trojan? (1)

geminidomino (614729) | more than 2 years ago | (#36958704)

Let me guess... someone else typed in this post originally and you've just been cutting and pasting it, since you're clearly illiterate.

Re:What makes it a trojan? (1)

bonch (38532) | more than 2 years ago | (#36955788)

A piece of software tricks the user into installing it, secretly records phone conversations, and sends them to a remote server, and you're wondering why it's considered a trojan? A trojan is any piece of malicious software that tricks the user into installing it through social engineering.

The above article is nothing but FUD (3, Informative)

dizzysoul (2275254) | more than 2 years ago | (#36954654)

Android has strict permissions enforcement for every application. It's even built into the marketplace! You cannot install an application without first being told WHAT the application wants access to. If the application wants to record your phone calls, the installer will specifically tell you the application is requesting access to your microphone. The installer forces you to scroll down to hit next, and there is literally NO WAY you can miss reading it. If you install applications from an untrusted source, Android will specifically WARN YOU that you could be installing something dangerous. The above article is nothing but FUD. If you read the source article, it says you have to install from an untrusted source, go through the warnings, and still go through the installation process.

Re:The above article is nothing but FUD (1)

brim4brim (2343300) | more than 2 years ago | (#36955108)

Which is exactly what I thought it would be. Hate BS articles like this. This just in, people die from getting killed!! type stories, argh.

Re:The above article is nothing but FUD (1)

bonch (38532) | more than 2 years ago | (#36955824)

Which is exactly what I thought it would be.

In other words, you had already decided before reading the article that it was wrong. TFA says it imitates a legitimate installation screen to trick users.

Re:The above article is nothing but FUD (1)

brim4brim (2343300) | more than 2 years ago | (#36958854)

No I used my logic as an Android user to think about how apps get installed from third party sources having installed some to deduce that the article was most likely BS.

Re:The above article is nothing but FUD (1)

bonch (38532) | more than 2 years ago | (#36955810)

And another Android fanboy completely ignores the part in the article about mimicking a legitimate installation screen.

Re:The above article is nothing but FUD (0)

Anonymous Coward | more than 2 years ago | (#36958200)

And another Android fanboy completely ignores the part in the article about mimicking a legitimate installation screen.

Did you read the fucking article? Here's the link: http://community.ca.com/blogs/securityadvisor/archive/2011/08/01/a-trojan-spying-on-your-conversations.aspx
Here is the screenshot of what the install screen looks like: http://community.ca.com/blogs/securityadvisor/permissions.jpg

Notice it says "RECORD PHONE CALLS"

The article is a shit piece of Astroturf by a CA Security employee, a company who just by coincidence has just released an Android version of their AV software.
Maybe it IS malicious. I'm not taking this Schill's word for it, however... unless he puts up some kind of proof. Because what he has on his blog is pure bullshit, and I'd be embarrassed to call myself a "researcher" with that kind of "evidence".

Re:The above article is nothing but FUD (0)

Anonymous Coward | more than 2 years ago | (#36962870)

"It appears the Trojan can only be installed if the Android device owner clicks the "install" button on a message that looks strikingly similar to the installation screens of legitimate applications. "

HOLY SHIT. This is misleading. I had to re-read this two or three times because the article author clearly doesn't know what he's talking about. The installation screen of this "trojan" is not strikingly similar, it *IS* the installation screen. The author, for some reason, thinks that off-market app installs are any different than in-market installs.

I mean, the part where it "drops a configuration file" is so irrelevant, but so technical sounding... this article is clearly scaremongering. "App that says it's going to record audio and intercept phone calls can intercept phone calls and record your audio" doesn't have the same ring.

There is currently no way (short of custom ROMs) to by-pass the permission screen on install for *ANY* Android application.

Like A Monty Python Sketch (1)

Ukab the Great (87152) | more than 2 years ago | (#36956228)

So in other words: Android is secure because every human being should be perfectly capable of reading dialogs, groking the details, and making use of trusted sources instead of untrusted ones. All the people who aren't reading articles, groking their details, and referring to trusted article sources are obviously spreading FUD about how Android treats the issue of security.

Re:The above article is nothing but FUD (0)

Anonymous Coward | more than 2 years ago | (#36956514)

Android has strict permissions enforcement for every application. It's even built into the marketplace! You cannot install an application without first being told WHAT the application wants access to. If the application wants to record your phone calls, the installer will specifically tell you the application is requesting access to your microphone. The installer forces you to scroll down to hit next, and there is literally NO WAY you can miss reading it. If you install applications from an untrusted source, Android will specifically WARN YOU that you could be installing something dangerous.

The above article is nothing but FUD. If you read the source article, it says you have to install from an untrusted source, go through the warnings, and still go through the installation process.

Android is for people who prefer to think for themselves.
These said called "Trojan stories " are just like some one knocking the door and telling you that they will rob you only if you open the door. If you don't, they say they will leave and don't bother you. You open the door and get robbed. Whose fault is it? The house builder? Door maker?

Re:The above article is nothing but FUD (0)

Anonymous Coward | more than 2 years ago | (#36956748)

Android is for people who prefer to think for themselves.

It won't sell many copies, then.

Re:The above article is nothing but FUD (0)

Anonymous Coward | more than 2 years ago | (#36957820)

Android is for people who prefer to think for themselves.

Android is for people who label themselves with imaginary attributes.

Re:The above article is nothing but FUD (0)

Anonymous Coward | more than 2 years ago | (#36969128)

Except it's a trojan. This means you're probably installing some utility or program that also requires access to the microphone, and this sneaks in there with it. If I download and install a voice notes app, I won't hesitate to give the installer microphone access. There's all the permission the trojan needs.

Are THESE all "FUD" too? (0)

Anonymous Coward | more than 2 years ago | (#36978946)

http://yro.slashdot.org/story/10/09/30/1640223/Many-More-Android-Apps-Leaking-User-Data [slashdot.org]

http://linux.slashdot.org/story/10/11/02/2238205/Serious-Security-Bugs-Found-In-Android-Kernel [slashdot.org]

http://it.slashdot.org/story/10/11/05/0229205/Researcher-To-Release-Web-Based-Android-Attack [slashdot.org]

http://www.theregister.co.uk/2010/11/10/android_malware_attacks/ [theregister.co.uk]

http://mobile.slashdot.org/story/10/11/27/213219/Security-Expert-Warns-of-Android-Browser-Flaw [slashdot.org]

http://mobile.slashdot.org/story/10/12/30/1856242/Android-Trojan-Found-Spreading-From-Chinese-App-Stores [slashdot.org]

http://www.theregister.co.uk/2011/01/14/android_chinese_stealing/ [theregister.co.uk]

http://mobile.slashdot.org/story/11/01/20/1534236/Soundminder-Android-Trojan-Hears-Credit-Cards [slashdot.org]

http://www.theregister.co.uk/2011/01/29/android_data_disclosure_bug/ [theregister.co.uk]

http://it.slashdot.org/story/11/01/29/1946202/New-Android-Exploit-Discovered-To-Steal-Data [slashdot.org]

http://www.theregister.co.uk/2011/02/17/android_trojan_click_fraud_scam/ [theregister.co.uk]

http://search.slashdot.org/story/11/02/18/005247/New-Android-Malware-Robs-Bandwidth-For-Fake-Searches [slashdot.org]

http://mobile.slashdot.org/story/11/02/23/1640252/Mobile-Spyware-Conferences-Into-Your-Calls [slashdot.org]

http://it.slashdot.org/story/11/03/01/0041203/Infected-Androids-Run-Up-Big-Texting-Bills [slashdot.org]

http://www.theregister.co.uk/2011/03/04/google_android_market_peril/ [theregister.co.uk]

http://technolog.msnbc.msn.com/_news/2011/04/15/6475834-skype-android-app-can-expose-your-personal-information [msn.com]

http://www.bangobang.com/2011/04/android-phones-are-no-more-protected.html [bangobang.com]

http://www.zdnet.co.uk/blogs/jacks-blog-10017212/android-and-facebook-attract-more-malware-attacks-10022271/ [zdnet.co.uk]

http://www.ibtimes.com/articles/137143/20110421/android-phones-track-users-movements.htm [ibtimes.com]

http://www.net-security.org/malware_news.php?id=1718 [net-security.org]

http://www.theregister.co.uk/2011/05/16/android_impersonation_attacks/ [theregister.co.uk]

http://it.slashdot.org/story/11/05/17/1538226/Swiped-Tokens-Expose-Android-Devices-To-Data-Theft [slashdot.org]

http://www.zdnet.com/blog/hardware/997-of-all-android-smartphones-vulnerable-to-serious-data-leakage/12831 [zdnet.com]

http://mobile.slashdot.org/story/11/05/31/167238/Fee-Deduction-Malware-On-Android-Spotted-In-the-Wild [slashdot.org]

http://www.theregister.co.uk/2011/06/01/android_trojan_rash/ [theregister.co.uk]

http://www.theregister.co.uk/2011/05/31/android_market_malware/ [theregister.co.uk]

http://mobile.slashdot.org/story/11/06/01/1751227/30-Infected-Apps-Pulled-From-Android-Market [slashdot.org]

http://www.net-security.org/secworld.php?id=11107 [net-security.org]

http://www.theregister.co.uk/2011/06/03/android_cookie_stealing_app/ [theregister.co.uk]

http://thenextweb.com/google/2011/06/05/droidkungfu-android-malware-steals-sensitive-data-avoids-anti-virus-detection/ [thenextweb.com]

https://threatpost.com/en_us/blogs/uniquely-stealthy-spyware-found-and-removed-android-market-061311 [threatpost.com]

http://www.infoworld.com/d/mobile-technology/android-malware-cesspool-and-users-dont-care-006 [infoworld.com]

http://slashdot.org/submission/1652720/More-Malware-Infected-Apps-Found-in-Android-Market [slashdot.org]

http://it.slashdot.org/story/11/07/11/1620222/New-SMS-Trojan-Found-In-Android-Markets [slashdot.org]

http://nakedsecurity.sophos.com/2011/07/09/android-malware-spies-sms-messages-zeus-family/ [sophos.com]

http://yro.slashdot.org/story/11/07/20/2246210/8-of-Android-Apps-Are-Leaking-Private-Information [slashdot.org]

http://blogs.computerworld.com/18659/cyberthugs_love_smartphones_and_leaky_sneaky_mobile_malware [computerworld.com]

http://mobile.slashdot.org/story/11/07/24/1715232/Android-Password-Data-Stored-In-Plain-Text [slashdot.org]

& of course, this very article itself -> http://mobile.slashdot.org/story/11/08/01/2242233/Android-Trojan-Records-Phone-Calls [slashdot.org]

APK

P.S.=> I think it's a shame actually (especially considering my initials) but, it's proof that IN A WAY? In the "mobile smartphone world", ANDROID, a Linux variant no less (all the years of PURE "FUD" around here on how "secure Linux is & Windows is not" b.s. especially), is turning up to the "the new DOS/New Windows" in terms of proving that once you're the MOST USED (or close to it)?

You will & CAN be, exploited... period - it's proof of Linux actually hiding behind "security-by-obscurity" actually!

... apk

Run fanboys run! (0)

Anonymous Coward | more than 2 years ago | (#36956004)

Remember kids, Apple's "walled garden" is BAD. I love watching you dorks circling the wagons to defend Android's pathetic apps. If they're not trojans, they're badly programmed and crash all the time. I'm discovering this for myself after buying a Samsung Galaxy Tab from a friend...now I see why he wanted to get rid of it.

7yo?u Fail It (-1)

Anonymous Coward | more than 2 years ago | (#36956386)

or a public club, inventing excuSses product, BSD's erosion of user are looking very another special common knowledge

Android market loves trojans (0)

Anonymous Coward | more than 2 years ago | (#36956820)

With very few exceptions about every free app in Google's market requests privileges that would alert any anti-virus and anti-spyware program.

E.g. look at the android market [android.com] and its top free applications. Click on almost any of them and see what permissions they request.

Here is the list of one of tits topmost and most featured apps: the barcode reader
* full Internet access
* allow the application to read all of the contact (address) data stored on your device
* allow the application to modify the contact (address) data stored on your device
* read Browser's history and bookmarks
* allow the application to read all the URLs that the Browser has visited, and all of the Browser's bookmarks
*modify/delete USB storage contents modify/delete SD card contents
* allow the application to write to the USB storage
* modify global system settings
* allow the application to modify the system's settings data
* change Wi-Fi state
* allow the application to connect to and disconnect from Wi-Fi access points, and to make changes to configured Wi-Fi networks
* prevent device from sleeping
* allows the application to prevent the device from going to sleep

Pray tell, what does a barcode reader do with these priviledges it demands? The actual application is just a thin cover for a very intrusive trojan!

Factory reinstall (0)

Anonymous Coward | more than 2 years ago | (#36968498)

Remember that there is a button called "Factory Reset" that can wipe this program, should the user be ignorant enough to install it.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...