×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

30 Percent of Mobile Malware Made By 10 Russian Firms

samzenpus posted about 9 months ago | from the bad-apples dept.

Security 50

An anonymous reader writes "Almost a third of all mobile malware is made by 10 Russian organizations, according to Lookout Mobile Security. It made that claim after looking at its detections for this year, and after an investigation that uncovered the malware HQs' operations, which saw thousands of affiliates working alongside the factories to dupe users into downloading rogue apps. Those apps are fairly crude, sending SMS messages to premium rate numbers in the background, whilst users think they have downloaded a legitimate application. Lookout isn't revealing the names of the malware factories, however, nor is it divulging how far law enforcement are involved in cracking down on the Russian organizations. It is presenting its full findings at the DEF CON 21 conference."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

50 comments

app mobile (-1, Troll)

Skin Care (3007903) | about 9 months ago | (#44470817)

we must be careful when download new application at mobile phone

Re:app mobile (0)

Anonymous Coward | about 9 months ago | (#44471177)

yes, careful is what we must be making for when we to download new application at mobile telephone

Pharming (2)

AmiMoJo (196126) | about 9 months ago | (#44470835)

Congrats to the Russians fir finding a way to farm stupidity.

Re:Pharming (2, Funny)

lightknight (213164) | about 9 months ago | (#44470879)

And as an American, let me warn our Russian colleagues, that no way will the United States be outdone in this realm. We have consultants standing by, with suitcases filled with newly printed money, ready to get out there and spend, spend, spend to make us #1!

Re:Pharming (1)

Anonymous Coward | about 9 months ago | (#44471229)

Ha...as for finding ways to rip off mobile users, we here in America are way ahead of the Russians. Every mobile device is designed to insure that easily pushed wrong buttons lead to over consumption of data. And just logging on through a carriers proxy server, redirects you to various "associated partner's" sites= more over charged data consumption. And how about all those obscure "fees" tacked onto our bills. The Russians are years behind the likes of ATT and Verzion in finding ways to steal money.

Re:Pharming (0)

Anonymous Coward | about 9 months ago | (#44473321)

While I agree that virtually all cell services here are a huge rip-off, a few things you said just don't seem to make sense:

Every mobile device is designed to insure that easily pushed wrong buttons lead to over consumption of data.

Are you talking specifically about dumbphones...? I ask because I haven't seen any buttons in Android that can't be moved by the user and lead to something that uses data. If you did mean just the old dumbphones, then that's not "every mobile device" by a longshot...

And just logging on through a carriers proxy server, redirects you to various "associated partner's" sites= more over charged data consumption.

Is it a Verizon/AT&T thing, or something Sprint, T-Mo, or most MVNOs also do?

I only got a data plan & smartphone for the first time in January when I signed up with the year-old Sprint MVNO Ting [ting.com], and I haven't seen anything like you describe. Come to think of it, I don't think that I saw any proxies or similar when I watched my father look stuff up on the web with his, and I know he's with one of the big carriers like AT&T.

And how about all those obscure "fees" tacked onto our bills.

I haven't seen those, either -- the prepaid dumbphone services I used were a flat fee every x weeks, and Ting's setup isn't much more complex (add up the price tiers for # of devices, minutes, texts, and megs used, period). Or did you mean government fees of some sort that the carriers have no control over?

I don't mean to sound like an advert, but as shitty as your carriers have been, you really should check Ting out. FWIW Sprint-network reception in my suburb is really weak, but to my way of thinking, the good aspects of Ting are more than worth whatever minor inconvenience it might cause as long as it works!

Open web, open appstores (1)

Anonymous Coward | about 9 months ago | (#44470853)

I remember time when you have to pay Yahoo to get approved and listed on the web. Those glorious secure 90s.., the music was better too.

Re:Open web, open appstores (1)

Anonymous Coward | about 9 months ago | (#44471287)

I remember time when you have to pay Yahoo to get approved and listed on the web. Those glorious secure 90s.., the music was better too.

What's your point? I remember when comercial interests weren't allowed on the internet and when Yahoo listings weren't considered to be "the web". You miss 90's music? That just means you were a teen in the 90's.

Re:Open web, open appstores (0)

Anonymous Coward | about 9 months ago | (#44471937)

Most "rock" stations (since they tend to be owned by just one company) at most play music that is 1995 or earlier, so in a way, the 90s are still with us.

I miss the days before NSFNet was sold to a private company, because it could be grounds to have one's upstream pull connections if they did any commercial advertisement whatsoever. However after Canter & Siegel, the hurp-durp hucksters moved in, and never was the same afterwards.

Re:Open web, open appstores (1)

mjwx (966435) | about 9 months ago | (#44474109)

I remember time when you have to pay Yahoo to get approved and listed on the web. Those glorious secure 90s.., the music was better too.

You miss 90's music? That just means you were a teen in the 90's.

No, it means he can hear.

At least Android is safe (0)

Billly Gates (198444) | about 9 months ago | (#44470867)

According to other Slashdot it can't be hacked because it is based on Linux even if you install it! I can't believe they all only function on Windows Phone. Wow

Re:At least Android is safe (2)

phantomfive (622387) | about 9 months ago | (#44470953)

No one ever said that. They just said it's a lot more secure than Windows (and before Microsoft got on their security kick, Windows was basically an open door).

Now the most insecure parts of either OS is not the OS itself, but software running on the OS......

Re:At least Android is safe (1)

ColdWetDog (752185) | about 9 months ago | (#44471683)

No, the insecure parts are the users.

Always has been, always will be.

Get rid of the humans and everything should be just peachy.

No, the product is insecure. (0)

Anonymous Coward | about 9 months ago | (#44476119)

It doesn't matter how dumb the user is, if the parts are insecure, the parts are insecure.

The user is just one other part.

Re:At least Android is safe (1)

phantomfive (622387) | about 9 months ago | (#44477447)

You just don't remember how insecure Windows was. Look up the code red worm if you're interested in educating yourself.

30 Percent of Mobile Malware Made By 10 Russian Fi (2)

phantomfive (622387) | about 9 months ago | (#44470941)

The rest courtesy of NSA Labs.

Re:30 Percent of Mobile Malware Made By 10 Russian (0)

Anonymous Coward | about 9 months ago | (#44472535)

Nope, 31% of mobile malware originate in China.
The U.S. only makes about 35% of the malware.

lookout who? (1)

superwiz (655733) | about 9 months ago | (#44470965)

Lookout mobile security? Never heard of them before. Sounds like an NSA front getting back at Russian businesses. If they really cared about consumer safety, they would name the specific firms which are creating the harmful apps.

Re:lookout who? (2)

Aryeh Goretsky (129230) | about 9 months ago | (#44471001)

Hello,

From what I recall, Lookout Mobile Security was founded in San Francisco in 2008. They started as an iOS shop, but moved over to Android, and their security product is probably one of the most used on that platform. I do not recall having any contact with employees, but they publish some decent research on their blog at https://blog.lookout.com/ [lookout.com].

Regards,

Aryeh Goretsky

Re:lookout who? (1)

superwiz (655733) | about 9 months ago | (#44471729)

Oh, well, I am sure it's not NSA, then. NSA didn't exist in 2008. And even if it did, it wouldn't have a mobile security company as a front. lookout.com, btw was first registered in 2001 according to WhoIs records.

And 99% of the wire-tapping (1)

stanlyb (1839382) | about 9 months ago | (#44470981)

Is done by NSA and british variant...
So, who is the winner? Who is the number one?

Re:And 99% of the wire-tapping (1)

Opportunist (166417) | about 9 months ago | (#44471451)

Considering how much the NSA costs the US taxpayer and how much revenue the Russian companies rake in, I'd guess it's clear.

It's capitalism, baby. They learned well and fast.

Re:And 99% of the wire-tapping (1)

stanlyb (1839382) | about 9 months ago | (#44471629)

Yeee, we are the best, not like these amateurs, the Russians.
As we say, go BIG or go HOME.

Borders induced problem? (3, Insightful)

icebike (68054) | about 9 months ago | (#44471007)

I've heard it said that the reason people resort to untrusted sources is because official markets (Apple App store, or Google Play store, Amazon, etc) are not available in many countries, or the prices, designed for western economies, are simply not affordable in second and third world countries.

I don'k know a single person that installs apps from some random dodgy website. Or perhaps they do, but just don't admit it. Maybe its much more common with kids who don't have credit cards.

But overall, resorting to third-party installation sources seems much rarer in those countries there there is affordable equal-access to the legitimate markets. Malware penetration into the official markets is not unheard of, but it is surely minuscule compared to the "cracked apps" sites.

The protections and limitations placed on the official markets by some countries seem to inflict more harm than what ever they thought they were protecting their citizens from.

Re:Borders induced problem? (1)

drinkypoo (153816) | about 9 months ago | (#44474287)

I don'k know a single person that installs apps from some random dodgy website. Or perhaps they do, but just don't admit it. Maybe its much more common with kids who don't have credit cards.

You can find Android warez on sites in Russia easily with Google. It is safe to assume that a percentage of these warez include trojans.

Buying legit is no sinecure. (0)

Anonymous Coward | about 9 months ago | (#44476131)

And buying a Sony CD can install a rootkit too.

Re:Borders induced problem? (1)

tlhIngan (30335) | about 9 months ago | (#44474483)

I've heard it said that the reason people resort to untrusted sources is because official markets (Apple App store, or Google Play store, Amazon, etc) are not available in many countries, or the prices, designed for western economies, are simply not affordable in second and third world countries.

Except Apple isn't the problem. Apple makes sure that when it sells a product to a country, that country has an App Store at the very least. And since Apple controls it all, it does a fairly good job at ensuring that if you're buying an iSomething, you got the App Store. Many countries also have music and movies, but not all.

The deal with Android is that it is sold in many places where Google Play is not allowed or where Google Play does not support payment (when Android launched, it only supported payment from the US - so only free apps were shown in other countries).

Of course, since Android makes it easy to sideload apps, people realized that they needed to pirate apps in order to get any good ones that required payment, so all sorts of "app stores" came into existence.

Of course, that checkbox is quite useless in Android because there are plenty of legitimate app stores as well - Amazon being one, but Humble Bundle sells a few as well.

Re:Borders induced problem? (0)

Anonymous Coward | about 9 months ago | (#44474485)

In China most phones don't come with Google play, and the government makes it difficult to install on most phones. The phones come with app stores that require you to allow untrusted sources. In fact my China telecom phone is happy to silently install new software, and I can't disable this feature.

Lookout Mobile Security (1)

fustakrakich (1673220) | about 9 months ago | (#44471019)

Sounds as phony as a three dollar bill. Not naming names? Who and what are they protecting? Maybe somebody else will come forward.

And (0)

Anonymous Coward | about 9 months ago | (#44471109)

60% by american firms...

And I bet all of it is on Android! (1, Interesting)

EGSonikku (519478) | about 9 months ago | (#44471125)

...but please, keep telling us how much safer and secure Linux is compared to Windows and Mac/iOS!

Re:And I bet all of it is on Android! (1)

Todd Knarr (15451) | about 9 months ago | (#44471223)

Even if all of it's on Android, I notice that it isn't available through the official app stores. So if you install your mobile software by going to Google Play or Amazon's app store or the like, you're probably not going to get hit. These guys set up their own unofficial app "stores" and web sites, luring you into going outside normal channels to get their stuff. And of course you get bit when you do that.

My attitude is that for most apps, if it's not available through Google's store I should be suspicious of it. Other large stores like Amazon's I'll use once I've confirmed from the app's own site that it's supposed to be available that way. Direct installation from the software's site... only if I know the site and the project behind it well and know this is their official source. Anything I'm just finding through an ad somewhere else I do not know well enough to trust a direct install. And buying by clicking on a link in a mobile browser? Yeah, just not happening.

Re:And I bet all of it is on Android! (0)

Anonymous Coward | about 9 months ago | (#44472013)

Even if it is available on Google's store, one should be suspicious. Read reviews, and you will find a lot of apps with a lot of fake 5-star "chenglish" reviews, then the few 1-star "spams contact list" ones.

Even then, I've had a game have an update that autoupdated... and the result was a completely different game and malicious code. It was limited by the permissions given, but all it takes is a quick update, and that game that has been fun for a while now shows its true colors as a malware vector.

Contrast this to iOS with its burly gatekeeper where there have been zero malware intrusions in the wild.

Re:And I bet all of it is on Android! (0)

Anonymous Coward | about 9 months ago | (#44472295)

When browsing the web on my Android device, some sites (look like ad servers) try to push as a download something like security-update.apk or similar. Of course, looking at the security manifest of that shows that it wants everything under the sun...

Sometimes I do sideload some apps. F-droid installed ad-blocking software come to mind (because Google banned most of it.)

It is a price to pay. Yes, Apple's store has never has had a malware issue, but access to Cydia on newer devices is getting harder and harder to get (due to jailbreaks being rarer and rarer), so I'll take using multiple secure repos and the danger of that over just one store.

Re:And I bet all of it is on Android! (1)

drinkypoo (153816) | about 9 months ago | (#44474295)

Sometimes I do sideload some apps. F-droid installed ad-blocking software come to mind (because Google banned most of it.)

Ad-Away and NoScript Anywhere cover all my needs. Aside from Ti Backup, Ad-Away is about the only thing I actually need to install from anywhere but Google any more. If I want XBMC to work worth a crap, though, I have to sideload that too.

It is a price to pay. Yes, Apple's store has never has had a malware issue, but access to Cydia on newer devices is getting harder and harder to get (due to jailbreaks being rarer and rarer), so I'll take using multiple secure repos and the danger of that over just one store.

Not to mention that nothing is forcing you to use unauthorized markets. You can treat Google just like Apple if you want to.

Re:And I bet all of it is on Android! (0)

Anonymous Coward | about 9 months ago | (#44471227)

There is a big difference between remote exploitation and user stupidity

Re:And I bet all of it is on Android! (0)

Anonymous Coward | about 9 months ago | (#44471249)

Reread your comment and find how it fits with your signature.

Ignorant.

--
Teun

Re:And I bet all of it is on Android! (0)

Anonymous Coward | about 9 months ago | (#44473181)

Unfortunately, there is still one security hole that no operating system has been able to patch and that is the user themselves. The thickness of the steel on your nuclear bunker doesn't matter if you open the door to let some fresh air in.

The other 70 percent comes from... (1)

Anonymous Coward | about 9 months ago | (#44471417)

the NSA?

Re:The other 70 percent comes from... (1)

K10W (1705114) | about 9 months ago | (#44482475)

the NSA?

doubt it, they have no real benefit in making this kind of malware as far as I can see, it is bottom of the barrel stuff we're talkign about here. Admittedly they do have a hand in a hell of a lot of the other stuff like zeroday exploit kits which the vendors of admit US is one of the biggest customers in buying such kits. The money is no issue to gov funded group so pocket change from making such malware is pointless, besides any other reason to compromise mobiles they can get access to that data already without your phone being compromised

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...