Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Attack Uses Attackers' Own Ad Network To Deliver Android Malware

samzenpus posted about a year ago | from the protect-ya-neck dept.

Security 59

Trailrunner7 writes "The concept of malware riding shotgun with legitimate mobile apps is not a new one. There have been a slew of cases in which attackers have compromised apps in the Google Play store and inserted malware into the file. But a new attack uncovered by Palo Alto Networks is using a new technique that starts with the user installing an app on her Android phone. The app could be a legitimate one or a malicious one, but it will include some code that, once the app is installed, will reach out to an ad network. Many apps include such code for legitimate ad revenue purposes, but these apps are connecting to a malicious ad network. Once the connection is made, the app will then wait until the user is trying to install another app and will pop up an extra dialog box asking for permission to install some extra code. That code is where the bad things lie. The malicious code immediately gains control of the phone's SMS app for both command and control and in order to sign the victim up for some premium-rate SMS services. The attack is interesting, said Wade Williamson, a senior security analyst at Palo Alto, because the attackers can use a legitimate ad network that's already connected to a group of apps and then at any given time flip the switch and begin using it for malicious purposes."

cancel ×

59 comments

Sorry! There are no comments related to the filter you selected.

Then it is malicious... (5, Insightful)

RobertM1968 (951074) | about a year ago | (#44546023)

The app could be a legitimate one or a malicious one, but it will include some code that, once the app is installed, will reach out to an ad network. Many apps include such code for legitimate ad revenue purposes, but these apps are connecting to a malicious ad network.

Inotherwords "but it has malware in it for the ad portion that goes to a malicious ad network" - or the app IS malicious and not legitimate. An app isn't magically legitimate if only some portions of it are malware.

Re:Then it is malicious... (4, Funny)

ackthpt (218170) | about a year ago | (#44546067)

The app could be a legitimate one or a malicious one, but it will include some code that, once the app is installed, will reach out to an ad network. Many apps include such code for legitimate ad revenue purposes, but these apps are connecting to a malicious ad network.

Inotherwords "but it has malware in it for the ad portion that goes to a malicious ad network" - or the app IS malicious and not legitimate. An app isn't magically legitimate if only some portions of it are malware.

"Sometimes is difficult differentiate between Stupidware and Malware - Stupidware being sloppily written, which allows attacks and Malware which was purposefully written to allow attacks. Both date back at least a decade. That it's happening on a mobile device is simply a logical iteration of a predictable progression, Captain."

"That ... still ... does not fix the ... communicator, Spock."

Re:Then it is malicious... (0)

Anonymous Coward | about a year ago | (#44549295)

"That ... still ... does not fix the ... communicator, Spock."

Look then Captain, who is responsible for the attack? Or perhaps there is really no attack, just another attempt by the Borg to sow Fear, Uncertainty and Doubt...

Re:Then it is malicious... (0)

Anonymous Coward | about a year ago | (#44546229)

Inotherwords "but it has malware in it for the ad portion that goes to a malicious ad network" - or the app IS malicious and not legitimate. An app isn't magically legitimate if only some portions of it are malware.

I guess ... I mean, if you want to use words and definitions and stuff, then yes, you're right.

BTW, this story has some kind of clustersummary. Monkeys and keyboards don't mix.

Re:Then it is malicious... (2)

JakartaDean (834076) | about a year ago | (#44548967)

I guess ... I mean, if you want to use words and definitions and stuff, then yes, you're right.

BTW, this story has some kind of clustersummary. Monkeys and keyboards don't mix.

I read the summary thinking "citation needed... citation needed" and "What does that mean?" Turns out the words were just lifted from the article at threatpost.com which was just as poorly written, and also only includes one link -- to another [threatpost.com] page on the same site. That original article simply describes a method of carrying out a DDOS attack by paying for some ads then using javascript (could even be html) on those ads to contribute to the DDOS. Cheap, not fancy, put would work if someone is stupid enough to pay ransom for getting their web site back up.

The other article, linked to in the summary, piles a shitload of hyperbole, unsubstantiated claims and bullshit on top of that, and then gets someone to link to it here. Nothing substantiated about Android, SMS, or anything else. There is no link to Palo Alto Networks, but I googled them. There is nothing about this on their web site that I could find quickly. Nothing.

What we have here is a completely fabricated story posted on Slashdot because someone wanted to post a story, I guess, and the editors didn't even get suspicious about the obviously wrong article and click on the one link there. Slashdot, you are sometimes great, but you would be more consistently great if the editors just spent a few more minutes with the content. Like reading the articles. This was just fucking awful.

Re:Then it is malicious... (0)

Anonymous Coward | about a year ago | (#44548091)

That is badly understood comment buddy..

THe statement is correct as written.. the app itself is not relevant as the ad network is what is delivering the malware.. IE the adnetwork can just as easily dupe greedy slimeball developers who just want cash for obnoxious adverts on a phone.. as it can create its own shitty apps.. to deliver the payload..

IE since its the ad network that is the attack vector, it could just as easily come in Angry Birds Ads Gone Wild, as it is to come in "If you install this your a moron who does not deserve a regular phone much less a smartphone hehehehe" app...

Shame that this is modded insightful when its more like first grade reading level failure to misunderstand the original post..

Re: Then it is malicious... (0)

Anonymous Coward | about a year ago | (#44548681)

If you code as you write comments... I feel sad for your users.

Android (4, Funny)

Anonymous Coward | about a year ago | (#44546039)

The only unix-based platform riddled with security issues, viruses and trojans problems.

Re: Android (-1)

Anonymous Coward | about a year ago | (#44546831)

Also the one in most use.

Who knew?

Re: Android (1)

ArcadeMan (2766669) | about a year ago | (#44546945)

Popularity != Vulnerability.

Stop spreading FUD.

Re: Android (2)

Impy the Impiuos Imp (442658) | about a year ago | (#44550405)

Popularity maps to number of attackers in an exponential curve.

Obscurity =/= hardening against hacking, and one does not properly derive confidence for the security of one's system when it is attacked at 1/1000th another system's attack load.

Re:Android (1)

lister king of smeg (2481612) | about a year ago | (#44546873)

oh the unix like part is fine it is the Java vm that like in many other software stacks is the root of the problem.

Re:Android (0)

Anonymous Coward | about a year ago | (#44548867)

Really? Please read this paper.
http://www.internetsociety.org/sites/default/files/02_4.pdf
And then post.

Re:Android (1)

Nerdfest (867930) | about a year ago | (#44547187)

Out of curiosity, has anyone here actually run into any Android malware? Most of the people I know have been using Android for quite some time and nobody has encountered any (but they do tend to tick to the Play or Amazon stores).

FAIL (0)

Anonymous Coward | about a year ago | (#44546101)

PBKAC, as usual...

Re:FAIL (2)

peragrin (659227) | about a year ago | (#44546153)

um android is generally found on tablets. Keyboards generally don't apply.

this is either an ID10T or MUE(Moronic User Error) depending on your point of view.

Re:FAIL (4, Funny)

Dancindan84 (1056246) | about a year ago | (#44546279)

Problem
Between
Kindle
And
Chair?

Re:FAIL (1)

technix4beos (471838) | about a year ago | (#44546625)

There are virtual keyboards on tablets.

Advertising has ran amok... (1)

rts008 (812749) | about a year ago | (#44546103)

Yet another good reason to avoid ads, and ignore those you can't avoid.

cross-site attacks (5, Insightful)

girlintraining (1395911) | about a year ago | (#44546159)

Advertising on the internet is the most common route for malware by far. That's why I install ad blocking software everywhere. Marketers whine and complain about lost revenue and try to guilt you by saying they need that revenue to run the sites "for free"... but the truth is the way most advertising networks operate allow for "dancing, singing" ads -- that is, injectable javascript. Everything in the marketer's world these days is about using java to track, probe, manipulate, etc., web pages, with pop-overs, pop-unders, drive-bys, side to side scrollers, sound, motion, and anything else to get your attention.

None of this would be a problem if they stuck to fixed-size IMG tags and graphics. In other words... marketing is a virus. It's the plague. It's not the browser's fault... it's these asshole profiteers who try to be endlessly creative in force-feeding people crap they don't want.

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546253)

If people paid for content, then the ads wouldn't be necessary...

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546405)

That is what pay walls are for.

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546415)

if adds weren't made so annoying and potentially dangerous less would block them

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546435)

If people paid for content, then the ads wouldn't be necessary...

It wouldn't? Explain cable/satellite TV then. We pay quite a bit of money for cable TV and still have advertisements

The whole purpose of "subscription based TV", when it came out, was to have content that was not ad supported, nor had ads. It changed over the years. Your logic is galse

Paid Content != No Ads

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546471)

galse.... Which is like false, only with 100% more typos.

Re:cross-site attacks (1)

dpidcoe (2606549) | about a year ago | (#44546633)

Since only 1 out of 5 letters has been mangled, wouldn't "galse" be like "false" except with 20% more typos?

Re:cross-site attacks (1)

O-Deka-K (1520371) | about a year ago | (#44547013)

No. It's the word "more", which is confusing when used with percentages.

A word with 6 typos would have "20% more typos" than a word with 5 typos. However, this is in itself disputable, because even if a word has more than one error in it, we often just say "it's a typo" instead of "it has 5 typos in it". For instance, if you transpose two letters by mistake (e.g. "flase"), do you say it has 2 typos in it? I know I don't.

Even if we accept the premise that each incorrect letter counts as one "typo", then you would say that "galse" has "20% typos", not "20% MORE typos".

The poster's logic is this:
"false" has 0 typos in it.
"galse" has 1 typo in it.
Since 1 is 100% more than 0, it has "100% more typos".

However, this is incorrect. 1 is NOT 100% more than 0. (1 - 0) divided by 0 is infinite. For it to be true, "false" would have to have 1 typo in it. Since "galse" differs by only 1 letter, this means that it has 2 typos in it, and therefore "100% more typos". Unfortunately, it makes no sense to say that.

Therefore, the poster's logic is galse.

Re:cross-site attacks (1)

syockit (1480393) | about a year ago | (#44549101)

*sigh* okay. Galse, like false, except with infinitely more typos!

Re:cross-site attacks (2)

TheDarkMaster (1292526) | about a year ago | (#44546441)

Read before comment... The problem is not the idea of ads itself, is how is implemented.

Re:cross-site attacks (1)

Anonymous Coward | about a year ago | (#44546445)

It's true. Adblock+ is security software. Much better than any firewall or AV package I might ad.

Ad vendors are scum and often lack diligence. Why? Because money that's why.

Ad networks are vulnerable and are frequently hijacked because one ad network reaches out to a huge attack surface. (You get to touch every single user on every web page that that ad network uses)

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546733)

Of course, one can say that people who block ads, circumventing any way for a site to get revenue can be considered leeches as well. That's why a growing number of sites just deny content to people running adblockers these days. See the ads, or be shown the door.

Who steals from whom?... apk (0)

Anonymous Coward | about a year ago | (#44550157)

I pay for a connection: Ads rob speed & bandwidth I paid for out of pocket from said online connection!

Ads ALSO infest systems with maliciously scripted attacks quite a lot - the premise of this article in fact.

This article's example?? No first, by ANY means!

(I literally KNOW of roughly 30 other occurences of it happening BEYOND this single instance example the past, oh 5++ yrs. or so (only, there have been more earlier), & have the likes of CISCO + those like them, showing even more - Want those evidences?? Ask, & "ye shall receive"...).

Additionally - I'll allow what I FEEL I wish to see in my system, as I see fit... advertisers & their "1/2 truths" + "fine print" b.s. be damned.

Sites that can't survive without them? They're WEAK then, & were never in it for anything more than a paycheck (instead of passion for that which their site's premise was founded on initially).

* Without users you're calling leeches, you are HISTORY/done, period... we as customers, however, have options - they're called YOUR COMPETITORS (who'd LOVE to see you fall).

Guess what? You LOSE! Twice in fact - Why? See all of the above. It's THAT simple.

APK

P.S.=> Remember rule #1: "The Customer is ALWAYS right" - why? See above (especially the part about customers always having alternatives/options). You, as a business, CANNOT profitably exist without them/us - fact (not for long @ least since the "raison d'etre" OF business, is profitability)

... apk

Hosts do FAR more for less... apk (0)

Anonymous Coward | about a year ago | (#44547343)

Hosts != crippled by default advertiser bribed (Adblock) http://it.slashdot.org/comments.pl?sid=4081759&cid=44546757 [slashdot.org] or advertiser owned tracking by default (Ghostery).

Per my subject-line: Hosts do more for less - Far more listed in the link inside the one above in detail.

(Via less moving parts & complexity + are completely easily end user controlled too!)

Hosts supplement redundant crippled browser-level slower ring 3/rpl 3/usermode tools (since hosts operate in ring 0/rpl 0/kernelmode @ OS startup + 1st webbound request).

Hosts "shore up" dns servers too (overcoming their weakness vs. fastflux + dynDNS botnets abusing dns' very nature & they are by far the more prevalent type out there) & resolve host-domains to IP addresses FASTER, locally (bonus).

APK

P.S.=> Been building my custom hosts file since 1997, & it "clocks in" @ 2,083,016++ & growing entries: If you use my app, yours WON'T be that big (you will have absolutely CURRENT blocks though - the good part on this note @ least...): Far from it if you avoid hostsfilemine.nu (updates yearly only & HUGE, but not absolutely current, my other 11 sources are daily).

Yes - why? It takes TIME to build one that big (took me 16++ yrs. & it's NOT the biggest out there either, airelle's is but TOO full of 'false positives' imo)!

However, I do so unlike others, for good reasons as to the SIZE of mine that I noted above: I don't pull ones others do since they test by 'ping' quite often, & that's EASY to make a system NOT respond reply to, and of course, due to fastflux + dynDNS using botnets/malware... ICANN, or DNS level or firewall outbound/inbound rules can do the rest & it's EASY for them to do so, vs. the far lesser used IP address attacks (I do it via a powershell script here though, that one day? I may build a companion to THIS app for that auto-adds them to firewall rules tables though should IP addressed ones EVER take precedence instead of host-domain based threats)

... apk

Re:cross-site attacks (2)

tlhIngan (30335) | about a year ago | (#44546637)

Advertising on the internet is the most common route for malware by far. That's why I install ad blocking software everywhere. Marketers whine and complain about lost revenue and try to guilt you by saying they need that revenue to run the sites "for free"... but the truth is the way most advertising networks operate allow for "dancing, singing" ads -- that is, injectable javascript. Everything in the marketer's world these days is about using java to track, probe, manipulate, etc., web pages, with pop-overs, pop-unders, drive-bys, side to side scrollers, sound, motion, and anything else to get your attention.

Except well, how do you expect developers to eat?

Remember, the ad is loaded by the app, and given Android's fairly limited ways of monetization, developers would like to make some money back. If not through a 4rd party ad network, then through siphoning your user data off the phone to their servers.

At least on iOS, there's a decent chance to make money without ads, but on Android, it's a lot more iffy. Ads pretty much the only way to beat iOS at the revenue game.

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44546773)

I've got both android and iOS devices. I've got to say that the Google play store is sketchy as hell. I know the apple app store isn't perfect, but I've never downloaded an app store app that's bombed my ipad with ads.. On the home screen.

I also know that app store apps do have access to a lot of your stuff, but it's nothing like the free-for-all that android apps can have access too. Yes, I know permissions are up-front when you install but they're mostly meaningless to non-technical users. At least I can hand an ipad to my mother knowing that whatever brain-damaged free app she downloads will stay contained in it's own little sandbox.

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44549351)

Liar.

Re:cross-site attacks (3, Insightful)

girlintraining (1395911) | about a year ago | (#44546829)

Except well, how do you expect developers to eat?

I suppose the same way everyone else does: By providing a good or service in exchange for monentary compensation. I know, it's an outmodded concept in the Web 2.0 way of thinking... but There Ain't No Such Thing As A Free Lunch. Advertising is not required for the survival of the species nor is its absence detrimental to long-term economic growth and stability.

Remember, the ad is loaded by the app, and given Android's fairly limited ways of monetization, developers would like to make some money back. If not through a 4rd party ad network, then through siphoning your user data off the phone to their servers.

I would ask you whether Linux requires monetization of its applications in order to be useful, or that developers are not compensated in other ways. Short answer: Yes.

Ads pretty much the only way to beat iOS at the revenue game.

Call me old fashioned, but the way to beat someone at a game is to play it better than they do. It's called competition, and if you provide a better product or service, then in a fair and open market, you should win. If this isn't true, then the problem is with the market, your perception of it, or with external forces.

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44552473)

Good comment, with one nit to pick: " There Ain't No Such Thing As A Free Lunch." There's a fruit tree in my front yard. I didn't buy the tree and I didn't buy the fruit. It's still delicious.

That old canard is simply a warning about salesmen. If a salesman offers you a "free" lunch it can be rather costly. That's the only place it applies. Well, that and the laws of thermodynamics. But not literally, there are indeed free lunches.

Re:cross-site attacks (0)

Anonymous Coward | about a year ago | (#44547383)

All I want to do is use mob money to keep my business rolling. So what if they break my customers' legs. How do you expect unscrupulous businessmen who expose their customers to unnecessary risk to eat?

Re:cross-site attacks (1)

TheDarkMaster (1292526) | about a year ago | (#44549239)

Value my friend, value. If the app is paid but is useful, does the job properly, are reasonably priced and easy to pay, people buy . Basic Economics 101, lesson that most CEOs and "I want easy money NOW" do not go.

Re:cross-site attacks (1)

sjames (1099) | about a year ago | (#44550083)

Find a way to display tasteful ads responsibly?

The Matrix (4, Insightful)

ArcadeMan (2766669) | about a year ago | (#44546241)

Marketing is a disease, a cancer of the Web, it is a plague, and blocking software is the cure.

Re:The Matrix (0)

Anonymous Coward | about a year ago | (#44546623)

Sure, and whitelisting of some 'good ads' in popular ad blocking software is the flu?

Re:The Matrix (1)

Errol backfiring (1280012) | about a year ago | (#44550179)

No, that's a bug. But luckily, you can fix that bug.

Re:The Matrix (0)

Anonymous Coward | about a year ago | (#44551623)

The vast majority of the web wouldn't even exist without marketing. Go troll somewhere else. You only got modded up because most of the neckbeards around here think that money is evil unless you're talking about their own money... if it's their money it's rightfully gained and a prestine fruit of their hard work.

I described this two weeks ago, /.rs said impossib (2)

raymorris (2726007) | about a year ago | (#44546373)

> the app will then wait until the user is trying to install another app and will pop up an extra dialog box asking for permission

A couple of weeks ago when I described this attack, some commenters said it was impossible - an app can't wait until the user was expecting a permission prompt from a different app, then request more permissions itself, they said.

I wonder if they still think it's impossible now that it's publicly reported to be in the wild.

Re:I described this two weeks ago, /.rs said impos (1)

mattack2 (1165421) | about a year ago | (#44546635)

So Android apps aren't in a sandbox? Why does an app get a notification that another app is being installed AT ALL?

Re:I described this two weeks ago, /.rs said impos (0)

Anonymous Coward | about a year ago | (#44546835)

So your anti-virus knows to scan it?

Re:I described this two weeks ago, /.rs said impos (0)

Anonymous Coward | about a year ago | (#44558477)

Because the article is bunk?

Applications like GloveBox that overlay on top of the screen are automatically disabled / cease to work during application installs. At worst case (assuming the person unchecked the "Install from Unknown sources" already), they'd have two different application installation screens.

At best case, it just says "APPLICATION BLOCKED" "INSTALL AT YOUR OWN RISK"

Her Android phone? (0)

Anonymous Coward | about a year ago | (#44546387)

Shouldn't the article be more gender neutral. "...with the user installing an app on the Android phone". Please correct me if I'm wrong. English is not my native language.

Re:Her Android phone? (1)

immaterial (1520413) | about a year ago | (#44546833)

The correct gender neutral word is "their" instead of "his" or "her," and "they" instead of "he" or "she." Historically I think the male form was the standard generic term, but of late the obvious sexism inherent with that has led people to say things like "his or her" and "s/he" -- or just randomly using both "his" and "her" in the course of their writing. All those are silly, IMO, since we have the neutral words their and they (some people don't like these because they think those words must be plural, but that is not correct).

riding in on an ad network?? (0)

Anonymous Coward | about a year ago | (#44546431)

spam on spam, or malware inside malware.

"It's working! Neville - It's working..." (2, Interesting)

Anonymous Coward | about a year ago | (#44546757)

I avoid ads totally (especially malscripted ones) via hosts files:

---

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 [start64.com]

---

Yes, even on an android smartphone

(Via ADB/Android Debugging Bridge & its PULL command, but use smaller optimized hosts there folks - not much room, shitty caching (sorry google, it's true)).

As long as attacks = host-domain name based (most are, like 99%, especially via "immortal" fastflux + dynDNS malware the majority/prevalent type out there vs. IP addressed ones).

Hosts files do more with less in a single file & at a faster privelege level (ring 0/rpl0/kernelmode) than redundant crippled by default browser addons (that slow up already slower ring 3/rpl 3/usermode browsers & are advertiser owned (Ghostery/Adblock "foxes guarding your henhouse")).

"Less is more" = GOOD engineering via less complexity, room for breakdown, & less "moving parts"/variables in the equation.

"The premise is, quite simple: Take something designed by nature & reprogram it to work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"

Since "They're not gonna stop..." - Dr. Robert Neville "I AM LEGEND" @ that film's near termination...

APK

P.S.=> Hosts work by acting as a filter for the IP stack itself (written in C language & starts with the OS + 1st request to the internet it is the 1st resolver queried as well, with over 45++ yrs.of optimization refinement put into it).

Hosts also aid reliability vs. downed DNS & protect vs redirected DNS servers also securing you vs. known bad hosts-domains online http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 [slashdot.org] & . Hosts files give users of them good benefits in added speed, security, reliability & even added anonymity (to an extent), all enumerated in the link to my program above, in detail...apk

Re:"It's working! Neville - It's working..." (0)

Anonymous Coward | about a year ago | (#44553111)

My god, what idiot modded an APK troll UP??? Slashdot, you're giving morons and trolls mod points.

"Light up the darkness"... apk (0)

Anonymous Coward | about a year ago | (#44555497)

"Someone asked him, 'why'. He said: 'The people who're trying to make this world WORSE, are not taking a day off - how can I?' Light up the darkness..." - Dr. Robert Neville from "I AM LEGEND" quoting Bob Marley

That "all said & aside": IF I'm able to help the situation? I do. Do you? NO.

---

"My god" - by Anonymous Coward on Tuesday August 13, 2013 @11:17AM (#44553111)

Quote Dr. Robert Neville again (my theme) keeping w/ the fact there're idiots making malwares online:

"God didn't do this Anna - We DID..." - Dr. Robert Neville from "I AM LEGEND"

Been modded up 4 this post ~ 50x by the way.

---

Above all: VALIDLY disprove my points on hosts' benefits to end-users of them in better added speed, security, reliability, & even anonymity to an extent vs. online threats enumerated here:

http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74 [start64.com]

* It's ALL I've ever asked of "naysayer trolls"/detractors!

---

However - No troll here or elsewhere, ever has validly.. Not a 1 & I keep getting stronger for it too (bonus).

(Especially since its output produces 1 file that's tightly integrated as part of the IP stack itself & yet does MORE by far, vs. competing "souled-out" solutions (Ghostery/AdBlock)).

APK

P.S.=> Trolls don't *try* anymore - "Gee, wonder why?" (not - I've floored the "best & brightest" of you 10 below plantlife IQ trolls too many times, you've given up!). I take heart in that fact, & it makes me laugh @ you.

Quoting Dr. Robert Neville again from "I AM LEGEND" regarding the troll, & others like him:

"Behavioral note: An infected male (the troll I am replying to) exposed himself to sunlight today: Now, it's possible decreased brain function (definitely) or growing scarcity of food is causing them to ignore their basic survival instincts. Social De-Evolution is complete: Typical human behavior is now entirely absent..."

... apk

SMS charges are the target? Why not reverse them? (0)

Anonymous Coward | about a year ago | (#44546867)

That should take away the incentive for some of the attacks: no money, so less resources to spend on developing attacks!

How does this happen? (1)

Okian Warrior (537106) | about a year ago | (#44548691)

... in order to sign the victim up for some premium-rate SMS services.

The fuck?

Why the hell doesn't the FTC shut these companies down? Why doesn't the FCC kick the carrier's behind into policing these companies better? Why doesn't the US attorney's office rain hellfire and brimstone down on these companies to the extent it did to Aaron Schwartz?

Premium SMS is billed through the carriers, so they have a relationship with the SMS company. There is a clear money trail. The recipient is most likely incorporated. This should be easy.

With all the US mistrust of government right now, this would be an easy way to gain some respectability.

Why I Love my Palm Pre Plus (0)

Anonymous Coward | about a year ago | (#44548941)

As I decided to purchase my first smartphone, I considered a lot of little things. I considered the network, and Verizon had consistently worked for me. I considered the camera, and decided at the time, only Nokia cared about super quality and didn't run on Verizon. I considered tethering and learned that most phones required to either jailbreak or pay for the privilege. But then I saw a phone that wasn't very popular. One which they had to offer tethering to just get the inventory moving. A phone with a real keyboard. And a slick interface. One which let me talk to my gtalk friends out of the box, and put all my email in 1 place. One with an OS about to be gone. A phone with no real applications. And no real reason for malware.

Life is full of choices. It pays to be unpopular.

Good thing I have sprint (1)

IwantToKeepAnon (411424) | about a year ago | (#44551725)

Good thing I have sprint, I never get any signal for the virus to send SMS messages, and forget about signing up for any services (useful or not). :/

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>