A new form of Android malware can sneak onto your phone, show up as an icon resembling the Android app store known as Google Play — and send your phone number to criminals, who can then use it to send out text messages or launch a Distributed Denial of Service (DDoS) attack.
Russian security firm Doctor Web has issued a warning about the Trojan known as Android.DDoS.1.
“It is not quite clear yet how the Trojan spreads, but most probably criminals employ social engineering tricks and disguise the malware as a legitimate application from Google,” the security firm said on its site.
Once Android.DDoS.1 is installed on a phone, it creates an application icon that looks like that of Google Play’s. “If the user decides to use the fake icon to access Google Play, the original application will be launched, which significantly reduces the risk of any suspicion,” Doctor Web says.
The Trojan’s activities “can lower performance of the infected handset and affect the well-being of its owner, as access to the Internet and SMS are chargeable services,” the security firm says. “Should the device send messages to premium numbers, malicious activities will cost the user even more.”
How do you know whether you have this truly bad boy? You could install mobile security software. Doctor Web’s software can identify the Trojan, and it’s likely that mobile software from other firms including Lookout, Kaspersky, McAfee or Norton, can, or will soon, do the same.
As Kaspersky noted recently on its blog, “Cybercriminals love to offer their infected programs directly through the Google Play applications store … The first case of this was reported back in March 2011, and since then malware has appeared regularly in this online store. A combination of insufficient analysis of the apps on Google Play and customers’ continuing confidence in it as a safe source of software, means malware can survive there for days — sometimes weeks — infecting many devices.”
The Federal Trade Commission also recently posted a free Smartphone Security Checker for users of Android, as well as Apple’s iOS, BlackBerry and Windows phones. This online tool takes consumers through a 10-step security checklist tailored to their smartphone’s operating system. Even though it does not place malware protection software on your phone, it’s a good place to start.
A security company has identified five leading types of malware in the wild that could be dangerous to Android phone and tablet users, including one that snags personally identifiable information and another that can send and read text messages.
SophosLabs said Thursday it examined statistics from the installations of its Android mobile security app on devices in 118 countries, and the “volume of malware that we’ve discovered highlights that mobile security is a real and growing problem, especially on Android,” said Graham Cluley, senior security consultant at Sophos.
“Criminals are creating more and more targeted malware for different platforms, and smartphone users need to wise up to the fact that security is no longer limited to PCs, but mobiles and tablets are also at risk if not sufficiently protected.”
There are now more than 460,000 apps in the Google Play market for Android, according to AppBrain, although there are other sources for downloading Android apps. And it is those other sources than can cause trouble.
Chet Wisniewski, senior security advisor at Sophos, told msnbc.com that most users get infected when they “side-load” apps. “This is the act of loading programs from non-official sources … Often they are ‘paid’ apps offered for free by pirates who load them up with mobile Trojans.”
Naturally, there isn’t any obvious way to know when you’ve been infected, he said. “You might find out when charges appear on your mobile phone bill, or if your accounts start to become compromised. The best approach is to run security software on your phone to screen for anything malicious.”
In February, Google introduced “Bouncer,” a scanning service designed to identify malicious apps in Google Play. But recently, two security researchers crafted a malicious Android app called HelloNeon to the Play Market, and the app made it through Bouncer’s scan untouched.
We asked Google for comment about Sophos’ findings, and will update this post when we hear back. But when Bouncer was introduced, Google vice president of Android engineering Hiroshi Lockheimer wrote on the company’s blog that:
While it’s not possible to prevent bad people from building malware, the most important measurement is whether those bad applications are being installed from Android Market – and we know the rate is declining significantly.
Sophos said among the most frequently found types of Android malware in the wild were these:
1. Andr/PJApps-C. “Most commonly these are paid for apps that
have been hacked. They are not necessarily always malicious, but are
very likely to be illegal.”
2. Andr/BBridge-A. This one can “install additional malicious apps
onto your Android device. It uses HTTP to communicate with a central
server and leaks potentially identifiable information.
“These malicious apps can send and read SMS messages, potentially
costing you money. In fact, it can even scan your incoming SMS messages
and automatically remove warnings that you are being charged a fee for
using premium rate services it has signed you up for.”
3. Andr/BatteryD-A. “This ‘Battery Doctor’ app falsely claims to save battery life on your
Android device. But it actually sends potentially identifiable
information to a server using HTTP, and aggressively displays” advertising.
4. Andr/Generic-S. “These range from privilege escalation
exploits to aggressive adware such as variants of the Android Plankton malware.”
5. Andr/DrSheep-A. “Remember Firesheep?
The desktop tool that can allow malicious hackers to hijack Twitter,
Facebook and Linkedin sessions in a wireless network environment?
Andr/DrSheep-A is the Android equivalent of the tool.”
Sophos does have a free anti-malware program for Android users. Whether you choose it or another company’s, the time has definitely come to get protection.
Reuters / file
In less than six months since it became available, Amazon’s Kindle Fire has become the leading Android tablet in the U.S., representing a 54.4 percent share of tablets using Google’s operating system.
“Within the Android tablet market, Kindle Fire has almost doubled its share in the past two months from 29.4 percent share in December 2011 to 54.4 percent share in February 2012, already establishing itself as the leading Android tablet by a wide margin,” said research firm comScore in a report Thursday.
“With Amazon’s well-known brand name, marketing muscle and widely used distribution channel, it’s not surprising to see the Kindle Fire take a leadership position in the Android tablet market,” Sarah Radwanick of comScore told msnbc.com. “What is impressive is that it reached this position so quickly after its debut.”
The Kindle Fire came out last November and immediately caught fire with consumers for a variety of reasons, including its $199 price and the already known Kindle e-reader brand. No other Android tablet is holding a candle to Apple’s iPad, which is the leading tablet being sold. Worldwide, the iPad is projected to account for 61.4 percent of tablet sales this year; Android tablets, 31.9 percent, says Gartner Research.
Until the Kindle Fire came out, Samsung’s Galaxy Tab was the leading Android tablet; comScore notes how sales of the Galaxy Tab have declined since December, when it had 23.8 percent of Android tablets, and February, when its share dropped to 15.4 percent.
Motorola’s Xoom was in third place, going from 11.8 percent in December to 7 percent in February.
Tablet adoption by consumers “continues to climb as more devices
appealing to various price and feature preferences are introduced to the
market,” comScore said. One of the most important differentiators is screen size, with those tablets with bigger screens, not surprisingly, have more “page view consumption,” the firm said.
“Specifically, 10-inch tablets have a 39 percent
higher consumption rate than 7-inch tablets and a 58 percent higher rate
than 5-inch tablets.” (The Kindle Fire has a 7-inch screen; the iPad, 9.7 inches.)
And size makes a difference for good reasons, comScore said: ”With the emergence of a
growing number of smaller-sized tablet devices, advertisers and
publishers will need to understand whether these devices limit the
opportunity for advertising compared to their larger-screen
counterparts, or if they are able to build incremental reach and
engagement by presenting different use cases.”
News and reviews about the hardware you want and the software you need. For an up-to-date playlist of Gadgetbox videos and a full complement of the day’s gadget news, go here.
Google’s Chrome Web browser in Beta is available for Android phone and tablets users — but for now, that is going be a small number of them who have the latest version of the Android operating system, 4.0 (also known as Ice Cream Sandwich), on their devices.
The spare, uncluttered browser has a growing number of users.
Sundar Pichai, Google’s senior vice-president of Chrome and Apps, said in a blog post that “like the desktop version, Chrome for Android Beta is focused on speed and simplicity, but it also features seamless sign-in and sync so you can take your personalized Web browsing experience with you wherever you go, across devices.”
Among the features of Chrome for Android, Pichai said, is that users can:
- View open tabs: Access the tabs you left open on your computer (also signed into Chrome) — picking up exactly where you left off.
- Get smarter suggestions: If you visit a site often on your computer, you’ll also get an autocomplete suggestion for it on your mobile device, so you can spend less time typing.
- Sync bookmarks: Conveniently access your favorite sites no matter where you are or which device you’re using.
Right now, only about 1 percent of Android users have 4.0 on their devices, according to the Android Developers website. The vast majority of Android users have versions of Android 2.7 or earlier.
If you are one of the lucky 4.0 folks, Chrome in Beta is available for download from the Android Market. If you’re not, there’s no word from Google on when — or whether — Chrome will be adapted for pre-4.0 users.
Desktop browser market share figures as of September 2011.
Google’s Chrome Web browser continues to shine; it’s making its way up the list of top desktop browsers, according to Net Applications, which shows Chrome at 16.20 percent, compared to 8.76 percent a year ago around this time.
In contrast, Internet Explorer’s market share continues to decline, from 60.99 percent a year ago to 54.39 percent; and Firefox, which had 23.55 percent last year now has 22.48 percent of the desktop market share. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)
Apple’s Safari Web browser, like Chrome, also has come up in percentage; last year it had 3.87 percent, and is at 5.02 percent, as of September.
Desktop browser market share figures as of October 2010.
Unrelated to these figures, last Friday Microsoft’s security tools erroneously marked Chrome as malware and removed it from approximately 3,000 Windows computers.
It wasn’t about competition; it was about searching for a Trojan named Zeus, which cyber crooks have used to steal from people’s bank accounts worldwide.
“An incorrect detection for PWS:Win32/Zbot was identified and as a result, Google Chrome was inadvertently blocked and in some cases removed,” Microsoft said on its Malware Protection Center site. “Within a few hours, Microsoft released an update that addresses the issue.”
If you were one of those affected, check the website above for a fix, then reinstall Chrome.
“We apologize for the inconvenience this may have caused our customers,” Microsoft said.