Print 36 comment(s) - last by Nutzo.. on Aug 21 at 2:06 PM

Malware is stubborn and hard to remove

Since July, a new strain of malware has been attacking Android smartphones in China.  Dubbed SMSZombie.A, the malware spreads by wallpaper apps on China's largest apps marketplace, GFan.

The apps come with alluring titles, such as "Android Animated Screensaver: Animated Album I Found When I Fixed My Female Coworker's Computer".  

When the user sets the in-app wallpaper as their selected wallpaper, they receive a prompt requesting to download additional files.  Those files are a malware packaged dubbed "Android System Service".  Once installed, that package request administrative privileges, repeatedly popping up the dialogue until the user accepts.

As with various text message scams in the U.S., sending and receiving messages from premium SMS numbers make the bulk of the profit from the malware.  As carriers receive a cut of the profits from premium SMS messages, some carriers have been unwilling to block abusive premium SMS entities, even if it means their customers are being ripped off.  

The new Android malware is particularly clever as it deletes receipts from premium SMS services, disguising the fees from the user.  Researchers suspect the malware may also be attempting to steal bankcard numbers and money transfer receipt details.

SMS Zombie
The SMSZombie malware acts a malicious Trojan [Image Source: TrustGo]

So far 500,000 Android smartphones in China have been infected by SMSZombie, according to TrustGo, a mobile security firm.

As the actual wallpaper apps contain no direct malware, they are hard for mobile antivirus software to detect.  They also reportedly are resistant to removal.

Android malware is most prevalent in China, where poorly regulated third party applications markets dominate the Android software space.  Such markets are oft rife with pirated and malicious applications [1][2][3].

In the last quarter approximately 34 million Android smartphones shipped to the Chinese market, according Canalys [source].  The biggest player is Samsung Electronics Comp., Ltd. (KSC:005930), who is shipping close to 10 million units a quarter to the world's biggest smartphone market.  Huawei Technologies Comp. (SHE:002502and HTC Corp. (TPE:2498) also command large Android sales in the market.

Source: SMSZombie

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Yeah, well
By kleinma on 8/20/2012 1:53:54 PM , Rating: 5
Problem is that users are idiots, and will continue to be idiots. Most of the permissions being requested when installing apps are cryptic as hell and I wouldn't expect a non tech person to even know what they are saying, let alone comptemplate the ramifications of allowing them.

I don't know why Google is trying to relive what MS went through over the past 10 years.

RE: Yeah, well
By chris2618 on 8/20/2012 2:04:30 PM , Rating: 2
As you need to tick the box to allow 3rd part apps i think you can assume the person knows what they are doing.

RE: Yeah, well
By kleinma on 8/20/2012 2:30:58 PM , Rating: 2
Except Amazon AppStore requires that and offers a video for doing that on their site, so once someone was brave enough to figure out how to get the amazon app store on their phone because someone told them they could get a free app everyday, their phone is now wide open to it.

likewise I have no idea how things are done in China, and it could very well be that outside apps are allowed by default on some of those handsets. My guess is China, the handset makers that we don't hear about globally are just using android because it is free.

RE: Yeah, well
By chris2618 on 8/20/2012 4:04:16 PM , Rating: 3
If you don't know what it does and can't be arsed to investigate the consequences of your actions then "a fool and his money are soon parted" comes to mind.

The makers using android for free are mostly going to use a stock version which would have it off by default

RE: Yeah, well
By Flunk on 8/20/2012 2:32:17 PM , Rating: 2
No, no you don't. To most users that box is basically a big switch that says "click me now". They don't even really know what it does, they just know that they have to tick it.

RE: Yeah, well
By chris2618 on 8/20/2012 3:49:27 PM , Rating: 1
"No, no you don't"
Well you do need to tick the box

"click me now"
Really, its under the security options and a clear notice comes up when you try to allow. At most its a big switch that says "call son before allowing"

RE: Yeah, well
By Tony Swash on 8/20/12, Rating: 0
RE: Yeah, well
By Argon18 on 8/20/12, Rating: 0
RE: Yeah, well
By kleinma on 8/20/2012 2:40:16 PM , Rating: 5
Any sophisticated device that holds such access to one's personal data needs to be respected though. iPhone users can't just assume everything will always be safe and secure because Apple says so and acts as gate keeper. There have already been numerous iOS/OSX flaws exploited, perhaps not the extent of Android, but they do exist. Security through obscurity is never a good solution, and users of any platform need to understand what they are doing.

RE: Yeah, well
By Tony Swash on 8/20/12, Rating: 0
RE: Yeah, well
By chris2618 on 8/20/2012 4:15:03 PM , Rating: 2
"vastly reduced price for software"

Are you kidding, most are only worth a couple of quid if that and the vast majority of games are nothing better than internet flash games which are free.

RE: Yeah, well
By Reclaimer77 on 8/20/2012 4:23:31 PM , Rating: 3
In Tony's mind, without Apple we would be paying $60 for mobile apps lol.

The idea that Apple has ever been about "reduced prices" made me shoot Coke through my nose.

RE: Yeah, well
By Argon18 on 8/20/12, Rating: -1
RE: Yeah, well
By Reclaimer77 on 8/20/2012 4:37:27 PM , Rating: 4
$29 OSX upgrades? Microsoft wants $129 or more.

Nice try. Those OSX "upgrades" amount to a Windows Service Pack, which last time I checked was free.

Also since OSX only runs on Apple hardware, which is always overpriced, meh.

Sounds like you've been drinking too much of that Coke then.

Better than the Kool Aid you're gorging on.

RE: Yeah, well
By kleinma on 8/20/2012 4:37:43 PM , Rating: 3
Lets not confuse OS upgrades with Service Packs.

.99 cent apps were not groundbreaking with the iPhone, what are you smoking? I was buying .99 cent apps written for BREW on Verizon Wireless dumb phones before Apple even made the iPod.

They didn't pioneer shit. They simply wrap up what everyone else is doing in a neat little package and call it revolutionary, and you and Tony gulp their koolaid without question.

RE: Yeah, well
By Tony Swash on 8/20/12, Rating: 0
RE: Yeah, well
By wordsworm on 8/20/2012 7:59:54 PM , Rating: 2
I don't agree that Apple was the first. Ubuntu beat them all to it, except that their apps are free.

RE: Yeah, well
By bug77 on 8/20/2012 4:58:25 PM , Rating: 1
From time to time people grow tired of democracy, too. Not many good things come out of that.

RE: Yeah, well
By Argon18 on 8/20/2012 4:36:11 PM , Rating: 2
First of all kleinma, you're confusing the issue here. The issue is not exploiting security flaws. The issue is malware. Trojans. Things that look innocent at first glance, but are really malicious, and are designed to trick the user into installing them or agreeing to them. This problem is non-existant on Apple devices. Period.

Second of all, calling iOS "security through obscurity" is about as far from reality as one can get. OSX, iOS, Linux, are all unix-like OS's that are mostly or entirely based on Open Source code. Microsoft is the only one with the closed source obscurity-security model. Every one else is open via open source code. Hiding your source code is the ultimate in obscurity based security.

RE: Yeah, well
By Nutzo on 8/21/2012 2:06:44 PM , Rating: 2
So, again, this is a problem unique to Android in that it so easily allows users to install just about anything they want.

Which is one of the main reasons I bought an Android phone.
Need more storeage space - just add an SD card (at least with Samsung)
Have some non-authorized apps (like emulators) you'd like to run - no problem.

RE: Yeah, well
By mocyd on 8/20/2012 3:01:39 PM , Rating: 2
That sentence essentially sums up the design flaws in the whole Google/Android conception. After the endless and very silly hysteria about Apple's curated apps store model this just shows what the alternative is.

The same design flaw in the statement you reference exists in every usage model, even Apples.

But this comment shows an even deeper lack of understanding of software as a whole: as long as the user has any type of control over what goes on the device, the user will always be the primary point of attack. Whether it's weak passwords, or UAC style controls (which MS, Apple, and Google all use), ultimately, if the user has control, the user is the weak point. And it's not hard to find a whole lot of them in any ecosystem (admittedly it's harder to find them when your user base is as small as Apples).

While you call this a "flaw" in the Google/Android concept, it's probably one of its biggest assets- acknowledging consumer choice and freedom is why Android is the handset of choice for network providers offering faster speeds across its network and why users are picking Android devices 2-1 over iOS devices.

As a user, I don't care about Apple's market cap or what an investor thinks the value of the company is- I care about device choice and network performance that's faster than my cable modem, as well as the ability to tether to my device for free.

And if I install malware on my phone- it's my fault alone. I'm not going to go blame Google just for some minor talking point on a forum that's ultimately meaningless when Google did me the favor of giving me the full value of choice in my purchase. I treat any software install the same- I research the software regardless of the source.

RE: Yeah, well
By Gio6518 on 8/21/2012 10:18:15 AM , Rating: 2
Well lets see if Apple has any flaws this week Hmmmmm.

RE: Yeah, well
By Reclaimer77 on 8/20/2012 2:50:44 PM , Rating: 5
I don't know why Google is trying to relive what MS went through over the past 10 years.

I guess you and Tony missed the part where apps on the official Google app marketplace aren't the ones infecting these phones.

The same thing could happen to people with jailbroken iPhones.

So sorry to burst your bubble, but this isn't a Google or Android problem. If you don't want malware etc etc, don't use shady third party marketplaces.

RE: Yeah, well
By tayb on 8/20/12, Rating: 0
RE: Yeah, well
By Reclaimer77 on 8/20/2012 3:41:06 PM , Rating: 2
So... yes, it is a Google/Android problem

Nope, it's not.

It seems to me that you have to be a real dumbo to have this malware. You can't always fix stupid...


RE: Yeah, well
By tayb on 8/20/2012 6:10:12 PM , Rating: 1
Nope, it's not.

Yes, it is. This game is fun.

Simple question. On a standard WP7 or iOS5 device, without "hacking" or circumventing built in security measures, is it possible to install an application from a third party app source that contains malware or a virus? Everyone knows the answer to this question.

No one is saying that WP7 or iOS are immune to malware or viruses but there is no other popular mobile OS platform that allows unauthorized third party app installation or third party app stores by the check of a box. With Apple and Microsoft you have to purposefully "hack" the device and circumvent built in security to make this happen. So, again, this is a problem unique to Android in that it so easily allows users to install just about anything they want.

RE: Yeah, well
By invidious on 8/21/2012 9:55:22 AM , Rating: 2
Google needs to allow users to deny individual privilages that an Apps request while still allowing installation of the App.

"And boy have we patented it!" -- Steve Jobs, Macworld 2007

Latest Headlines
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
The Samsung Galaxy S7
September 14, 2016, 6:00 AM
Apple Watch 2 – Coming September 7th
September 3, 2016, 6:30 AM
Apple says “See you on the 7th.”
September 1, 2016, 6:30 AM

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Laptop or Tablet - Which Do You Prefer?
September 20, 2016, 6:32 AM
Update: Samsung Exchange Program Now in Progress
September 20, 2016, 5:30 AM
Smartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki