×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Cybercriminals Exploit Björk's Biophilia App To Compromise Androids

timothy posted about 2 years ago | from the click-here-for-free-bjork dept.

Android 75

An anonymous reader writes "The Russians who put out fake versions of Angry Bird Space and Instagram for Android last week have competition. Biophilia, a musical experiment by Bjork into the world of apps, has been ported to Android as a Trojan." Maybe not totally surprising; as the submitter reader continues, "last year at the launch of the app, Bjork was quoted in an interview inviting pirates/hackers to attempt to port her code over from iPhone to other platforms."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

75 comments

Be careful what you ask for (4, Funny)

homey of my owney (975234) | about 2 years ago | (#39807475)

Sometimes you get it

Re:Be careful what you ask for (0)

Anonymous Coward | about 2 years ago | (#39807951)

I just did a CTRL-F, and typed "bjork her"

and I got the salmon highlight in the Find: field.

I'm quite disappointed in my slashdot bretheren.

HOLY SHIT! (2, Funny)

Moheeheeko (1682914) | about 2 years ago | (#39807505)

There are people who still like Bjork?

Re:HOLY SHIT! (5, Insightful)

jdgeorge (18767) | about 2 years ago | (#39807751)

I'm not a huge Bjork fan, but I like her for being an innovative musician. She seems a little weird, but I she's never done anything that bothered me, so... why not?

(Note: for the folks who disagree with her political views, I understand why they might not like her, but her politics don't really bother me.)

Re:HOLY SHIT! (2)

21mhz (443080) | about 2 years ago | (#39809009)

Bjork's into politics?
I just know her for the strange beautiful music. Can't share the snark of the GPP.

Re:HOLY SHIT! (-1)

Anonymous Coward | about 2 years ago | (#39815349)

Some of her music is "ok" but she really can't sing for shit.

Re:HOLY SHIT! (0)

Anonymous Coward | about 2 years ago | (#39807771)

Yes there are. Or how about this 'holy shit there are still people out there who make stupid snarky remarks?'.

I could give a rip about her but your remark borderlines on 'look at me I am cool because I dont like something'. So what.. get over yourself...

Re:HOLY SHIT! (1)

Zero__Kelvin (151819) | about 2 years ago | (#39812293)

I just know there is an opening for a joke about Bjork, Trojans and Backdoors here, but I can't seem to find the hole.

Re:HOLY SHIT! (1)

tehcyder (746570) | about 2 years ago | (#39818179)

Please enlighten us as to your own taste in music, so we can get an idea where you're coming at this from.

I'm guessing Miley Cyrus, or maybe her dad?

Re:HOLY SHIT! (1)

Moheeheeko (1682914) | about 2 years ago | (#39820533)

So because I dont like (to put it nicely) screechy, shrill, "expeimental" music I instantly become a fan of disgusting bullshit thats popular right now?

The Hipster is strong with this one

For the record, I also detest anything from the country/western and Rap departments. Anything else has a fair shot of being in my album collection, provided its actually good I.E. not Bjork.

all part of the art? (4, Funny)

noh8rz3 (2593935) | about 2 years ago | (#39807511)

would anybody be surprised if this is all part of bjork's art? you know, how letting music into your life can have unintended powerful consequences. as a fan, i think this is right up her alley.

Björk Björk Björk (5, Funny)

Ranger (1783) | about 2 years ago | (#39807523)

I think "You have been Björked" will now enter the Android lexicon.

Re:Björk Björk Björk (0)

Anonymous Coward | about 2 years ago | (#39807713)

Man you beat me to the punchline.

Lack of Business Opportunities in Russia? (4, Interesting)

dryriver (1010635) | about 2 years ago | (#39807575)

I'm wondering why it is that the old "Soviet Bloc" countries produce so many hackers/scammers/malware authors? Couldn't these people use their - considerable - coding skills to do something constructive? Like starting a software or IT services company? Or making small casual games for various platforms that are out there? Is there a lack of opportunities in Russia & neighbouring countries? A lack of angel investors or venture capital that could pay for small startups? Or is it a cultural thing that Russian hackers tend to do pretty negative things - like hacking & stealing credit card info - ? If you have the technical skill to create trojans or malware, surely there are other _useful_ things you can build with those skills? Like creating a competitor to Adobe Photoshop, or a watertight security system for banking transactions. ------- I really want to know: What is so attractive about creating trojans, malware & phishing scams with your tech skills. Surely these people wouldn't want their own systems compromised by malicious software? So why do it to others?

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39807783)

I really want to know: What is so attractive about creating trojans, malware & phishing scams with your tech skills. Surely these people wouldn't want their own systems compromised by malicious software? So why do it to others?

To sell antivirus software? [kaspersky.com]

Re:Lack of Business Opportunities in Russia? (2)

b0bby (201198) | about 2 years ago | (#39807797)

My (basically no-knowledge) take is that because the rule of law is weak, lots of enterprises are run by gangsters. They hire the hackers, who have few other legit options because the economy is stagnant (in part because the rule of law is weak).

To extend the argument (3, Interesting)

alexander_686 (957440) | about 2 years ago | (#39808553)

It’s not that weak rule of law lowers the cost of crime, it also raises the cost of legitimate business.

If you build a large permanent business powerful interest will try to expropriate your profits. Bureaucrats will demand bribes to do their job, Tax inspectors will find violations in the opaque tax code unless the right politicians are paid off, etc.

Better to invest is something light and cheap. First, it’s harder to find. Second, when the "Rent Seekers" come they will only find a empty shell – and thus you can move on to the next operation.

Re:Lack of Business Opportunities in Russia? (4, Insightful)

CRCulver (715279) | about 2 years ago | (#39807829)

I'm wondering why it is that the old "Soviet Bloc" countries produce so many hackers/scammers/malware authors?

A culture that valued intellectual pursuits probably helped. That culture has largely dried up when it comes to other pursuits like chess or poetry, but being interested in computers doesn't result in the same categorization as a nerd as in some other countries.

Couldn't these people use their - considerable - coding skills to do something constructive? Like starting a software or IT services company?

There are in fact an enormous number of legitimate software businesses in Russia, which the Slashdot crowd seems largely unaware of. However, not everyone feels that they have the savvy of starting a formal business, which involves navigating bureaucracy and in some regions brings one up against bribe-expecting officials. Crime just seems easier to some set of people.

Surely these people wouldn't want their own systems compromised by malicious software? So why do it to others?

If the Golden Rule were really common sense, we wouldn't have to be reminded of it by every religious teacher or moral philosopher that has come along in history.

Re:Lack of Business Opportunities in Russia? (1)

Raenex (947668) | about 2 years ago | (#39809747)

If the Golden Rule were really common sense, we wouldn't have to be reminded of it by every religious teacher or moral philosopher that has come along in history.

I remember getting into a lunchtime conversation with a coworker, and he asked why people should be good, and talked about how lions don't apologize for their actions.

Then there's the religious zealots who think we need a "God" to even have morality. The idea that somebody would act out of empathy instead of fear of punishment just seems alien to them. Really, it's like they have the morality of self-centered children.

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39808661)

in Soviet Russia, malware creates you!

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39809327)

Probably because the large organised crime syndicates decided to take an interest in such ways of making money. By contrast the same group in the USA went to wall street and had the law changed to make their criminal acts legal.

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39810533)

The Bosses want what makes the most money.

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39811281)

Americans, typically based out of Boca Raton Florida, offer talented Eastern European programmers, typically Russian, far more money than they can earn in their own local depressed economies.

The programmers build the worm, or virus, or spamblower. The money is typically routed through St. Petersburg and the DNS is typically routed through Ukraine and product (if any) is delivered through the Asian country-of-the-week.

When the authorities start closing in, the American kingpin hires Eastern European hit men, typically Russian or Bulgarian, to kill the coder.

So, the short answer to your question: they do it to feed their families.

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39813679)

Money. Crime does pay, and the reason most people do not resort to crime to make money is because the legal systems in most countries discourage it to such a high degree...

Re:Lack of Business Opportunities in Russia? (1)

tehcyder (746570) | about 2 years ago | (#39818313)

Making money by doing illegal things IS exploiting a business opportunity. If you think all western companies only operate within the law, you have blinkered vision. Places like Eastern Europe and Russia are just a bit more Wild West due to their recent history and comparatively weak systems of law and order.

Re:Lack of Business Opportunities in Russia? (1)

cyclomedia (882859) | about 2 years ago | (#39818547)

Because in "civilized" countries the people who scam, fraud and exploit you are the legit corporations

Re:Lack of Business Opportunities in Russia? (0)

Anonymous Coward | about 2 years ago | (#39819561)

I'm wondering why it is that the old "Soviet Bloc" countries produce so many hackers/scammers/malware authors? Couldn't these people use their - considerable - coding skills to do something constructive?

I guess smaller startup costs. No patent litigations, for a start.

Fill me in (0)

Anonymous Coward | about 2 years ago | (#39807637)

Who the fuck is Bjork? This story assumes I know and care about stuff I don't.

Re:Fill me in (1)

Anonymous Coward | about 2 years ago | (#39807679)

Bjork is a terrible singer/songwriter. You don't really care and you aren't missing anything of value.

Re:Fill me in (4, Funny)

Yvan256 (722131) | about 2 years ago | (#39808685)

The correct spelling is "Björk" and you can only pronounce it correctly when you have hiccups.

Re:Fill me in (2)

tehcyder (746570) | about 2 years ago | (#39818449)

Who the fuck is Bjork? This story assumes I know and care about stuff I don't.

What the fuck is Google, and how can I possibly find out about stuff in approximately 5 seconds rather than whining about it on slashdot?

Am I the only one... (4, Insightful)

jbernardo (1014507) | about 2 years ago | (#39807659)

Am I the only one getting tired of this "android trojan/malware of the day" press releases by the anti-virus authors?

Seems more and more like pure astro-turfing for their own products, trying to create a sense of insecurity in the users of the biggest mobile OS just so that they can sell their products.

Most users won't be affected by this malware - the play store won't have it, and most of those that install apps from outside the store are techs who know what they are doing. The few affected will be the usual ones, those who think they can ignore the warning when they allow install from untrusted sources, and then ignore the permissions requested by the app. If you're dumb enough to do that, to install games from a suspicious site, that want to make calls and send SMS, then no anti-virus will save you. And it isn't the OS fault if you choose to ignore all safety precautions and disable all protections.

Re:Am I the only one... (1)

godrik (1287354) | about 2 years ago | (#39807727)

Well, I must say i do not store any sensitive information nor i log on any sensitive website from my android phone. There are so many malware around that I do not feel confortable using an android phone for these things.

Actually I got really scared when applications such as rootme came out.Install the application that does not require ANY permission and your phone is rooted. Now what tells me there is not one of these in angry bird? Or in the thousand of apps out there.

NB: I do not trust your random windows machine as well.

Re:Am I the only one... (0)

jo_ham (604554) | about 2 years ago | (#39808475)

So what you're advocating is... peace of mind/security through obscurity?

Isn't this the stick that slashdot beats Apple with now that malware is becoming more prevalent on OS X; that it's purely a function of marketshare (a position I do not agree with, although marketshare is clearly part of it)? If Android is the biggest mobile OS then surely it will see regular malware stories, as we've been led to believe is the reason Windows malware is overwhelmingly the most common, and so on?

What do you suggest? They simply not report the story? How does that make Android safer or keep the users more informed?

People on slashdot are *very* quick to jump to the "astroturfing!!!! zomg!" bandwagon when any perceived criticism of their platform/OS/company/etc of choice is raised.

Re:Am I the only one... (4, Interesting)

tlhIngan (30335) | about 2 years ago | (#39809437)

Most users won't be affected by this malware - the play store won't have it, and most of those that install apps from outside the store are techs who know what they are doing. The few affected will be the usual ones, those who think they can ignore the warning when they allow install from untrusted sources, and then ignore the permissions requested by the app. If you're dumb enough to do that, to install games from a suspicious site, that want to make calls and send SMS, then no anti-virus will save you. And it isn't the OS fault if you choose to ignore all safety precautions and disable all protections.

The problem is, a lot of users don't have the play store. The best selling Android tablet certainly doesn't have it. And places like China have other stores set up becaues AOSP is huge (probably bigger than official Android). And since many devs do NOT sell anywhere but Play (SlideME, AppsLib, Amazon, etc have very few apps - no more than 10%), especially free apps, if you don't have it, you need to find the APK somewhere else.

Why do you think people who buy Archose/Nook/Kindle Fire/other Android Tablet immediately go to xda-devs to see if there's a Market/Play hack for it? THOSE are the techies. Everyone else googles for the APK.

Finally, well, apps can cost money on Play. There's a natural human tendency to not want to pay for stuff like software (especially in places like Asia), so if they can get a Angry Birds Space for free from some other site, they would. (If it wasn't lucrative, do you think malware devs would spend all that time and effort?).

Apple is a different beast - since it's so hard to sideload apps (and you should see the howls of people complaining they can't load pirated apps on the new iPad). Probalby why people resort to phishing for iTunes credentials.

So what you're advocating is... peace of mind/security through obscurity?

No, it's a rethink of security from the ground up, except with a deep understanding of the audience. It's called Dancing Pigs [wikipedia.org] and it explains why people constantly get malware on their PCs and why the Android security model, while great for techies, is positively lousy for general users.

Think of it this way - user wants Angry Birds Space. I just checked (what I think was) the official app (free one - because who pays for apps?) - here are the permissions it wants

- Modify/Delete USB storage contents
- Read phone state and identity
- Full internet access
- Coarse (network-based) location
- View Wi-Fi State, view network state.

Well crap, I want to play a game of Angry Birds, and you want me to go through all that? (And you only see the first two anyhow, and the last is hidden behind a "More"). Ah, the download button is so big and right there, and I got it, screw what that intermediate screen said.

After all, how many people really READ a EULA that's passed to them during an install? Heck, did anyone read the EULA for the Play store that pops up the first time you use it?

Re:Am I the only one... (1)

Princeofcups (150855) | about 2 years ago | (#39808481)

If you're dumb enough to do that, to install games from a suspicious site, that want to make calls and send SMS, then no anti-virus will save you. And it isn't the OS fault if you choose to ignore all safety precautions and disable all protections.

That's a very tech-centric response. To the average Android user, what you just said is in one ear and out the other. In the long run, it IS the responsibility of the handset provider to protect the purchaser from this kind of thing, especially if they don't want frustrated customers who will look elsewhere for their next handset.

Re:Am I the only one... (0)

Anonymous Coward | about 2 years ago | (#39808871)

The GP covered that. The average user isn't going to enable installing apps from untrusted sources. Then the handset provider (well, the Google App Market) is protecting them. Android's security model certainly could use some work, but it's not a bug that things can go wrong after the user checks the "trust me, I know what I'm doing" checkbox and doesn't know what they are doing.

Re:Am I the only one... (1)

MikeBabcock (65886) | about 2 years ago | (#39820173)

What you just said is very ignorant-centric.

The vendor is no more at fault than Ford is when you drive 120 mph into a tree.

To the unwashed masses: learn to use your smart phone, pay someone for training, and don't be ignorant about it.

Public perception? (2)

T Murphy (1054674) | about 2 years ago | (#39807681)

Bjork was quoted in an interview inviting pirates/hackers to attempt to port her code over from iPhone to other platforms

So will people take this trojan as a reflection of the ethics of all pirates/hackers? Hopefully someone did come through with a legit port of the app.

Re:Public perception? (0)

Anonymous Coward | about 2 years ago | (#39812127)

Bjork was quoted in an interview inviting pirates/hackers to attempt to port her code over from iPhone to other platforms

So will people take this trojan as a reflection of the ethics of all pirates/hackers? Hopefully someone did come through with a legit port of the app.

That quote is taken out of context. That's not what she said.

Choose a More Popular App! (1)

Paul Slocum (598127) | about 2 years ago | (#39807777)

Why the hell would they choose Bjork's Biophilia app? I mean it's kinda funny, but that's not a very popular (or good) app. The app was free for a long time and only has 731 ratings, which means it isn't really selling that well. Angry Birds has 750,000 ratings and Instagram has 500,000.

Re:Choose a More Popular App! (0)

Anonymous Coward | about 2 years ago | (#39808811)

I don't know about Bjork's app, but some of those popular apps nag you to rate them every few runs whereas other apps never ask at all.

Re:Choose a More Popular App! (1)

Paul Slocum (598127) | about 2 years ago | (#39809143)

Yes, my own apps use Appirater [arashpayan.com] but I've found it has very little effect on the number of ratings you actually get, and plan to remove it in my next updates. In my marketing research that number of ratings is a pretty decent indicator of sales.

This post and the article are just advertisements (5, Insightful)

Qwavel (733416) | about 2 years ago | (#39807795)

The link takes you to Symantec's website - you know, the company that wants to make everyone think they need to buy anti-virus for Android.

Neither the blog post on Symantec's website, or the /. summary say whether the Trojan is in any Android app store, which is obviously the most important piece of information. After all, any duffus can sit at home and write (some forms) of Android malware and post it to their website.

The fact that Symantec would post something like this on their website is not a surprise - it's their website they can post what they want. But the fact that it got posted on slashdot....

Re:This post and the article are just advertisemen (0)

Anonymous Coward | about 2 years ago | (#39808591)

But the fact that it got posted on slashdot....

Slashdot is a well known target site for Apple/MS marketing and PR ... look at the article submissions, there are [slashdot.org] accounts which are used to push negative Google/Android/GPL stories constantly. Lately, they start to submit other stories to hide the shilling a bit, but it fools no-one, because the pattern is always the same - a summary that either slams Google/Andoid/GPL or praises Apple, followed by a first post - within seconds - that has obviously been typed up and prepared well in advance. And if, heaven forbid, a positive Google/Android story should appear, then again there will be a first post - within seconds - aiming to destroy the positive story and shape the discussion that follows into one that focuses on unrelated negatives instead of the actual article.

Yes, it is called AVG Mobilation... (1)

fallen1 (230220) | about 2 years ago | (#39810835)

and you can find both the free and pro versions of their product here --> http://www.avg.com/ww-en/antivirus-for-android [avg.com]

No, I am not a paid (or unpaid) spokeperson for AVG. I do like their products and the fact the free version works very well on my Android is good enough for me to recommend them.

How could they tell? (1)

gelfling (6534) | about 2 years ago | (#39807801)

If one purpose of malware is to wreck society, both of those things already accomplish that.

You couldn't have waited... (1)

outofluck70 (1734164) | about 2 years ago | (#39807865)

until part 2 of TFA was available to post this? "Look, something scary! Tune in next week when we find out more..."

Just STOP it (2)

miltonw (892065) | about 2 years ago | (#39807975)

Stop calling these people "cybercriminals"! Just don't. They are criminals, not androids, robots, AI entities or "cyber" anything.

God, I so hate people labeling everything even remotely related to the Internet as "cyber-".

It's, it's ... cyberstupid.

Woohoo, someone still cares! (0)

Anonymous Coward | about 2 years ago | (#39808257)

So it'll infect what 10-15 Android devices? All snarkiness aside, isn't that interview akin to soliciting illegal behavior? I mean assuming the copyright on the App doesn't belong to her in the first place.

Biophilia? (2)

theIsovist (1348209) | about 2 years ago | (#39808367)

I can't be the only one who thought that "Biophilia" is something you get when you don't use a trojan...

Re:Biophilia? (0)

Anonymous Coward | about 2 years ago | (#39813495)

I can't be the only one who thought that "Biophilia" is something you get when you don't use a trojan...

Biophilia's typical side effect is scratches or at worse grazed knees.

Ah, the double standards of the fandroids. (0)

Anonymous Coward | about 2 years ago | (#39808437)

1 week ago: "ZOMG FLASHBACK TRAJAN IF YOU BROWSE SHITTY WEBSITES AND RUN MALWAYR THAT ASKS U FUR UR ROOT PASSWORD UR MAC GETS A TRAJAN! LOL MAC USERS SMUG NOT USING ANTIVIRUS NO NEED LOL GUESS THEY LEARNED THE HARD WAY!"

Today: "LOL ANDROID TRAJAN!? NOBODY WILL INSTALL THIS IT'S A NONISSUE ANDROID IS COMPLETELY SECURE, DOESN'T GET TEH TRAJANS AND WILL NEVER NEED TO HAVE ANTIVIRUS, EVER, BECAUSE IT'S ANDROID. AND BESIDES BORK ISNT EVEN A GOOD MUSIC."

The bullshit is getting so thick here we're gonna have to start swimming soon, fellas.

Re:Ah, the double standards of the fandroids. (0)

Anonymous Coward | about 2 years ago | (#39809645)

Total devices affected by Flashback: 600k. It installs automatically by just visiting an infected site, on a device that is magically 'secure' according to its users and advertising.

Total devices affected by this trojan: no idea, but it's probably very small. TFA had no estimate. It's something that someone would have to go out of their way to get infected by.

Yeah, there's some bullshit going on here, but it's not coming from where you think it's coming from.

Re:Ah, the double standards of the fandroids. (0)

Anonymous Coward | about 2 years ago | (#39811049)

Total devices affected by this trojan: no idea

That's right, you have no idea. But rather than take the threat of security issues seriously, you're going to do the same thing Mac users did, and blindly assert that you're magically protected from malware because "LOL ITS ANDROID LOL!"

We've both seen people here say, "LOL Mac OS X sucks because a Java exploit allows drive-by malware installs," and in the next breath, "My Linux / Android is completely safe because it's magically more secure than anything else." Which is, with delightful irony, the thing that Apple is being rightly slagged for claiming about Mac OS X - that Macs are "just inherently more secure" and require "no special work on user's part to keep safe."

The arrogance and hypocrisy is literally breathtaking. ALL PLATFORMS have malware, and the existence and emergence of new malware is worth paying attention to. Don't try to dismiss it out of hand because it's malware that affects your pet platform.

Most confusing Slashdot summary ever? (0)

Anonymous Coward | about 2 years ago | (#39811033)

I read it three times and gave up - it's like hearing half a phone conversation.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...