DailyTech - New Trojan Hits Android, Study Suggests Better Smartphone Security

Submit News

Gadgets New Trojan Hits Android, Study Suggests Better Smartphone Security
Mark Kurlyandchik - September 13, 2010 8:37 AM

26 comment(s) - last by Tony Swash.. on Sep 14 at 10:26 AM

Russian-language porn sites host new Trojan

While viruses are not nearly as common on mobile devices as they are on personal computers, security firms have warned about the possibility of app attacks in the past, and we've seen it in the form of an SMS Trojan on the Android platform. Now, a second Trojan has made its way to Android.

The new malware is being distributed on adult-oriented Russian websites that prompt only Android users to download the Trojan, while those visiting the sites through other platforms are able to obtain the desired content, a Kaspersky Lab press release said.

"As with its predecessor, the latest Trojan – Trojan-SMS.AndroidOS.FakePlayer.b – masquerades as a media player," said the U.K.-based security vendor. "Users of smartphones running Android are asked to download the pornplayer.apk application from an infected webpage in order to view adult content videos. The installation file is only 16.4 KB and during installation the Trojan seeks the user's consent to send SMS messages – a requirement that a media player is very unlikely to need."

In order to view the adult content, Android users are prompted to download a 16.4 KB file named "pornplayer.apk" from the infected websites. During installation, the Trojan gains consent to send SMS messages -- a highly unlikely requirement for a typical media player.

Once the app is launched, the Trojan sends SMS messages to a premium number at a rate of $6 per message, and right into the hackers' bank accounts.

"Android users should pay close attention to the services that an application seeks permission to access," said Denis Maslennikov, a Kaspersky rep said. "Automatically permitting a new application to access every service that it says it needs to means you could end up with malicious or unwanted applications doing all sorts of things without requesting any additional information."

Because the code for the new Trojan is very similar to the first one we saw a month ago, Kaspersky believes that it is very likely to be authored by the same person or group of people.

Last week, an Austrian security testing lab released a study of four comparative smartphone security products, PCMag reports. The findings recommend that "nobody who uses a smartphone should go without security software."

The AV-Comparatives study, found here in its entirety, compares ESET Mobile Security, F-Secure Mobile Security, Kaspersky Mobile Security, and Trend Micro Mobile Security, all of which support Windows Mobile 5.0-6.5 and Symbian 9.1-9.4, while F-Secure also supports Android and Trend Micro supports Android7, PCMag notes.

AV-Comparatives does not recommend one of the security suites over another, but merely contends that each one has its values that should be considered by smartphone users. Each of the products offers the standard security protection you'd find in a PC suite -- namely firewall protection and mobile virus detection.

Comments

Threshold

Username
Password
remember me

This article is over a month old, voting and posting comments is disabled

RE: 3 . . . 2 . . . 1

By danobrega on 9/14/2010 5:14:59 AM , Rating: 2

I think you meant to say, a town on a totalitarian dictatorship has less crime that a town on a democratic system.

Cops are more like the anti-virus. If you have them, some of the bad guys are going to be caught.

I don't need a phone that is controlled by someone else. I *usually* know what I'm doing. :)

Parent

RE: 3 . . . 2 . . . 1

By Tony Swash on 9/14/2010 7:19:45 AM , Rating: 2

quote:
I think you meant to say, a town on a totalitarian dictatorship has less crime that a town on a democratic system.

Cops are more like the anti-virus. If you have them, some of the bad guys are going to be caught.

I don't need a phone that is controlled by someone else. I *usually* know what I'm doing. :)

No I think my metaphor of cops versus no cops is the best. There are laws and cops try to stop people breaking those laws. The cops may sometimes do it badly, they may sometimes break the laws themselves and sometimes the criminal just gets away with it. Nevertheless I would fell much less safe, and would be objectively much less safe, living in a society with no cops. Without cops there is no law.

The guidelines for App review by Apple have been published now and and these are the "laws" that the Apple cops try to enforce. I suggest you have a look at them and tell which ones are wrong in your view.

Apple don't get it right all the time but they do most of the time. They don't say their laws should be imposed on all mobiles or all OSs. Apple just says "in our OS, on our devices, there are rules, this is what they are. If you want to live in a place with rules and cops to enforce them then come to our place, if you don't like that set up then there are plenty of alternatives". The choice is for the consumer to make. Seems like a lot of them like the Apple model of safety and rules.

You hyperbole and posturing about "I don't need a phone that is controlled by someone else" is just silly:

a) Nobody is controlling your phone, its just that you can't buy apps for an iPhone that have not been vetted and approved.

b) There are plenty of alternatives so if you don't like the Apple model don't buy their phone. And if you don't buy their phone then for Christ sake stopping fucking moaning about stuff you don't own

c) If you do want an iPhone and you are desperate to get around the App store restrictions for some obscure reason then you can just jail break your phone.

Really what is all this fuss about.

Parent

RE: 3 . . . 2 . . . 1

By danobrega on 9/14/2010 9:20:49 AM , Rating: 1

That is where you are wrong. They who right the rules are the rulers, not the enforcers. You're analogy to cops is flawed.

Here, I'll fix it for you:

quote:

The guidelines for citizenship review by Apple have been published now and and these are the "laws" that the Apple cops try to enforce. I suggest you have a look at them and tell which ones are wrong in your view.

Apple don't get it right all the time but they do most of the time. They don't say their laws should be imposed on all countries or all continents . Apple just says "in our country , on our cities , there are rules, this is what they are. If you want to live in a place with rules and cops to enforce them then come to our place, if you don't like that set up then there are plenty of alternatives. The choice is for the citizen to make. Seems like a lot of them like the Apple model of safety and rules.

You hyperbole and posturing about " I don't need to live in a country where I'm controlled by someone else" is just silly:

a) Nobody is controlling your citizenship , its just that you can't live in iPhone where your citizenship have not been vetted and approved.

b) There are plenty of alternative countries so if you don't like the Apple model don't live there . And if you don't live in North Korea then for Christ sake stopping fucking moaning about where you don't live in .

c) If you do want to live in Iran and you are desperate to get around the stoned to death rule for some obscure reason then you can just do illegal stuff at your own risk .

Really what is all this fuss about.

Don't know... you tell me.

Parent

RE: 3 . . . 2 . . . 1

By Tony Swash on 9/14/10, Rating: 0

By Tony Swash on 9/14/2010 10:26:14 AM , Rating: 0

quote:
The guidelines for citizenship review by Apple have been published now and and these are the "laws" that the Apple cops try to enforce. I suggest you have a look at them and tell which ones are wrong in your view.

Apple don't get it right all the time but they do most of the time. They don't say their laws should be imposed on all countries or all continents . Apple just says "in our country , on our cities , there are rules, this is what they are. If you want to live in a place with rules and cops to enforce them then come to our place, if you don't like that set up then there are plenty of alternatives. The choice is for the citizen to make. Seems like a lot of them like the Apple model of safety and rules.

You hyperbole and posturing about " I don't need to live in a country where I'm controlled by someone else" is just silly:

a) Nobody is controlling your citizenship , its just that you can't live in iPhone where your citizenship have not been vetted and approved.

b) There are plenty of alternative countries so if you don't like the Apple model don't live there . And if you don't live in North Korea then for Christ sake stopping fucking moaning about where you don't live in .

c) If you do want to live in Iran and you are desperate to get around the stoned to death rule for some obscure reason then you can just do illegal stuff at your own risk .

Looks to me as if someone hasn't been taking their medication :)

Dude this is a phone we are talking about, not the future of democracy, not the freedom of the press, not the real cops. Get some adult perspective on all of this.

Relax.

If you don't like the iPhone buy another brand.

Its that simple.

Frankly comparing the fact that you can't load some app that has not approved by Apple on your iPhone (whilst being free to load any one of another 250,000 apps that have been approved) to the situation of people who are being sentenced to death by stoning in Iran is shameful .

How can even think the two things are remotely comparable?

Can I ask you this - do you actually own an iPhone?

Parent

"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg