• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • Nasty New Malware Uncovered


    There's a nasty bug going around. And, for now, iOS is safe. But we can't say the same for Android.

    A new report from Lookout is revealing what appears to be the culprit in this latest mobile malware drama.

    "Auto-rooting adware is a worrying development in the Android ecosystem in which malware roots the device automatically after the user installs it, embeds itself as a system application, and becomes nearly impossible to remove," the report explains. "Adware, which has traditionally been used to aggressively push ads, is now becoming trojanized and sophisticated. This is a new trend for adware and an alarming one at that."

    Astonishingly, Lookout claims to have uncovered more than 20,000 samples of this type of trojanized adware "masquerading as legitimate top applications."

    The apps include Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others.

    All told, those with infected devices may be left with little choice but to get a new phone.

    The entire post -- a comprehensive one at that -- outlines the alarming discovery in detail and sheds light on what you can do to mitigate your chances of getting infected. Check it out here.

    Source: Lookout
    This article was originally published in forum thread: Nasty New Malware Uncovered started by Michael Essany View original post
    Comments 18 Comments
    1. bmwraw8482's Avatar
      bmwraw8482 -
      What harm does this software do?
    1. vinaygoel2000's Avatar
      vinaygoel2000 -
      Quote Originally Posted by bmwraw8482 View Post
      What harm does this software do?
      Aggressively pushes ads.
    1. WHUDS's Avatar
      WHUDS -
      Well it must put this malware in the rom? then the problem is pushing ads uses your data plan and it probably interrupts you while doing things on your phone........yeah this would be bad
    1. anhtuanle84's Avatar
      anhtuanle84 -
      This is insane! Even PCs arent this vulnerable with permanent impact from trojans!
    1. swifty7's Avatar
      swifty7 -
      this and the lack of high quality apps is the reason behind me avoiding droid phones like the plague. What's the point of having super hardware if the software is crap and lacks security.
    1. KingRedHot's Avatar
      KingRedHot -
      I've been dealing with Android phones for years, that is nothing that can't be fixed with a simple factory restore (even if it has to be done on a computer) True enough it is still a problem, but not to the extent that it's being made to seem
    1. Nuff Said's Avatar
      Nuff Said -
      Quote Originally Posted by KingRedHot View Post
      I've been dealing with Android phones for years, that is nothing that can't be fixed with a simple factory restore (even if it has to be done on a computer) True enough it is still a problem, but not to the extent that it's being made to seem
      Do you have experience with this specific malware?
    1. angerthosenear's Avatar
      angerthosenear -
      Quote Originally Posted by Nuff Said View Post
      Do you have experience with this specific malware?
      No, however think of Android recovery, like doing a iOS DFU restore. It wipes everything, and installs a clean version of the OS on a wiped drive.
    1. Scotty Manley Silberhorn's Avatar
      Scotty Manley Silberhorn -
      Quote Originally Posted by angerthosenear View Post
      No, however think of Android recovery, like doing a iOS DFU restore. It wipes everything, and installs a clean version of the OS on a wiped drive.
      Unless it installs in the the device's hardware, you're right
    1. novadam's Avatar
      novadam -
      Quote Originally Posted by angerthosenear View Post
      No, however think of Android recovery, like doing a iOS DFU restore. It wipes everything, and installs a clean version of the OS on a wiped drive.
      well that sounds convenient, and not at all like a huge headache.
    1. HovikGas's Avatar
      HovikGas -
      Quote Originally Posted by KingRedHot View Post
      I've been dealing with Android phones for years, that is nothing that can't be fixed with a simple factory restore (even if it has to be done on a computer) True enough it is still a problem, but not to the extent that it's being made to seem
      Exactly, worst comes to worse you won't be able to restore from a backup.
    1. WHUDS's Avatar
      WHUDS -
      Quote Originally Posted by Scotty Manley Silberhorn View Post
      Unless it installs in the the device's hardware, you're right
      Right what if it writes to rom?

      Meghan Kelly says:
      November 5, 2015 at 9:49 am
      Hi Josh, A factory reset would not remove this malware, unfortunately.

      Read more: Lookout discovers new trojanized adware; 20K popular apps caught in the crossfire (https://blog.lookout.com/blog/2015/1...anized-adware/)
    1. amoamare's Avatar
      amoamare -
      Quote Originally Posted by angerthosenear View Post
      No, however think of Android recovery, like doing a iOS DFU restore. It wipes everything, and installs a clean version of the OS on a wiped drive.
      Actually that's wrong Factory data reset in Android is not like DFU restore at all. Androids Factory data reset doesn't touch system partition. If the maleware is rooting its most likely installing in the system partition. Only way to recover from this is to restore using firmware if said firmware is available for your device. This could also survive updates as well.
    1. docmagoo2's Avatar
      docmagoo2 -
      Quote Originally Posted by Scotty Manley Silberhorn View Post
      Unless it installs in the the device's hardware, you're right
      Thunderstrike malware for MacBooks being one example....
    1. RyoSaeba's Avatar
      RyoSaeba -
      Quote Originally Posted by swifty7 View Post
      this and the lack of high quality apps is the reason behind me avoiding droid phones like the plague. What's the point of having super hardware if the software is crap and lacks security.
      In this article, it failed to mentioned those apps are from non-Google play stores. The bad thing about Android is that virtually ANYONE can have an app store. Big names like Amazon and Baidu have their own app store. Customers may think that apps from those stores are safe but they are not because it doesn't go though the same security checks as Google's Play store. The big names really gives off a false sense of security.

      Worse is that these 3rd party stores don't need root access to install where as if you want anything outside Apple's Appstore, you need to jailbreak. Users simply hit an "Accept" to a popup to allow installation. Pretty much like everyone accepting EULA's without ever reading them.
    1. sheltons.iphone's Avatar
      sheltons.iphone -
      Quote Originally Posted by RyoSaeba View Post
      In this article, it failed to mentioned those apps are from non-Google play stores. The bad thing about Android is that virtually ANYONE can have an app store. Big names like Amazon and Baidu have their own app store. Customers may think that apps from those stores are safe but they are not because it doesn't go though the same security checks as Google's Play store. The big names really gives off a false sense of security.

      Worse is that these 3rd party stores don't need root access to install where as if you want anything outside Apple's Appstore, you need to jailbreak. Users simply hit an "Accept" to a popup to allow installation. Pretty much like everyone accepting EULA's without ever reading them.
      You mean these app are NOT in your Google play store??? I seem to have found them there.

      The apps include Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others.
    1. WHUDS's Avatar
      WHUDS -
      Quote Originally Posted by RyoSaeba View Post
      In this article, it failed to mentioned those apps are from non-Google play stores. The bad thing about Android is that virtually ANYONE can have an app store. Big names like Amazon and Baidu have their own app store. Customers may think that apps from those stores are safe but they are not because it doesn't go though the same security checks as Google's Play store. The big names really gives off a false sense of security.

      Worse is that these 3rd party stores don't need root access to install where as if you want anything outside Apple's Appstore, you need to jailbreak. Users simply hit an "Accept" to a popup to allow installation. Pretty much like everyone accepting EULA's without ever reading them.
      I doubt this, Amazon is a pretty solid company. There are other app stores that are not secure.
    1. RyoSaeba's Avatar
      RyoSaeba -
      Quote Originally Posted by sheltons.iphone View Post
      You mean these app are NOT in your Google play store??? I seem to have found them there.

      The apps include Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others.
      Since non-Google stores have less/no strict security checks, developers can embed extra codes to collect data, or serve up adds. Just because the apps have the same name doesn't mean they are exactly the same. For example, cars sold in the US vs China may not have the same emissions requirements. To the user, they seem to be the exact same car. But one could have less emissions control hardware to save cost because it is allowed.