Despite some security improvements in recent releases, Android continues to have a major malware problem. The United States Department of Homeland Security has issued a report this summer outlining the threat that malware poses to emergency responders and security personnel who may find their Android devices compromised if they don’t take the proper precautions. The report says that devices that are still running on Android 2.3 Gingerbread are particularly vulnerable to attacks and that users should make sure they have devices with the latest versions of Android installed. The department also recommends that users install at least one Android mobile security suite as well as the Carrier IQ Test app to weed out malicious software.
As the prevalence of Android malware grows, its sophistication is naturally growing as well. Kaspersky researcher Roman Unuchek writes that he and his team recently stumbled upon a new Android Trojan that he calls the most sophisticated one he’s ever seen. What makes this Trojan, dubbed “Backdoor.AndroidOS.Obad.a,” so bad? Unuchek says that it’s a “multi-functional Trojan” capable of “sending SMS to premium-rate numbers; downloading other malware programs, installing them on the infected device and/or sending them further via Bluetooth; and remotely performing commands in the console.” More →
One downside of shifting to a post-PC world is the inevitable development and refinement of post-PC malware. Technology Review this week spoke with security researchers who say that they’re seeing an upgrade in both the quantity and sophistication of mobile malware attacks as hackers try to create a winning formula for distributing malware to mobile devices. At the moment, the researchers say that cybercriminals are experimenting with injecting malware into popular mobile websites and quietly installing it onto users’ devices whenever they visit compromised pages.
The latest numbers from Google (GOOG) reveal that Gingerbread was still the most widely used version of the Android platform as of October. The two-year old operating system is powering more than 50% of all Android devices in use and because of that, it is being targeted with malware more than any other mobile platform. According to a report from Kaspersky Lab, Android 2.3.6 Gingerbread accounted for 28% of all blocked malware attempts in the third quarter of 2012, while Ice Cream Sandwich accounted for 22% of blocked attempts. More →
If your sweet old grandmother sends you an email threatening to slit your throat, don’t worry: It’s just the malware talking. NBC’s TechNewsDaily reports that there’s a new strain of malware going around in Japan that takes control of users’ email accounts and uses them to send out death threats to a variety of targets. In fact, the malware is apparently so convincing that three people in Japan so far have been arrested because their email accounts have sent out death threats they didn’t write. More →
Apple’s (AAPL) stiff rules and extensive testing procedures have done a great job of keeping malware out of the iOS App Store. With just a few notable exceptions, iOS users have been able to download apps without having to worry that their personal data or their device itself might be compromised. As discovered by users and recently noted in Apple’s own support forum, however, iPhone, iPod touch and iPad owners who download apps using iTunes on Windows PCs might want to start exercising some caution. More →
Symantec has discovered a new piece of Android malware, since removed from the Google Play store, that managed to chalk up between 50,000 and 100,000 downloads of malicious apps before being identified. In a post on his company’s blog, Symantec researcher Irfan Asrar details how the malware disguised itself as popular games such as Super Mario Bros. and Grand Theft Auto 3 Moscow City, and then delivered its payload in incremental downloads to make it harder to detect. More →
Apple’s spotless record of keeping the App Store clear of malicious spam apps has been tarnished. Researchers at Kaspersky have discovered an app called “Find and Call” in Apple’s iOS App Store and the Google Play marketplace, Forbes noted on Thursday. The malicious app masquerades as a tool for simplifying contact lists but it instead uploads a user’s full contact list to a remote server and proceeds to send SMS and email spam to every person in the list. “It’s not for the first time when we see incidents related to user’s personal data and its leakage,” Kaspersky’s Denis Maslennikov wrote in a post on the company’s blog. “It’s for the first time when we have a confirmed case of malicious usage of such data… Yes, these pieces of malware are not that ‘cybercriminalistic’. But malware is malware and in this case it steals user’s phone book and uses it for SMS spam.”
UPDATE: Apple has pulled “Find and Call” from the App Store. More →
Anyone who hasn’t scanned their computer for malware some time during the past year should seriously do so before this coming Monday. That’s because the FBI estimates that roughly 277,000 computers worldwide — including 64,000 computers in the United States — will be knocked offline on July 9th due to a piece of malware that first started infecting PCs more than a year ago. Per The Associated Press, the malware in question was originally part of data-stealing scam that would rewrite machines’ DNS information to reroute sensitive data traffic such as credit card information to hackers’ servers. Although the FBI has successfully disrupted the scheme, it will shut off the hackers’ servers on Monday, meaning any user that still has the malware on his or her computer won’t be able to access the Web once they’re turned off. Anyone concerned that a machine might be infected can use the DNS Changer Check-Up website to see if the computer is still looking up IP addresses properly. More →
Google’s security blog on Tuesday revealed new details on how the search giant is keeping Internet users safe from malware. The Mountain View-based company protects 600 million users through built-in protection for Chrome, Firefox, and Safari that warns users of dangerous websites. Every day the company encounters about 9,500 new websites that have been compromised or specifically designed for malware distribution. Approximately 12 million to 14 million Google Search queries, and 300,000 downloads, also trigger the company’s warning to caution users on a daily basis. “By protecting Internet users, webmasters, ISPs, and Google over the years, we’ve built up a steadily more sophisticated understanding of web-based malware and phishing,” Google wrote. “These aren’t completely solvable problems because threats continue to evolve, but our technologies and processes do, too.” More →
Symantec recently discovered what it’s calling “bizarre malware” that has been created to infect Android phones of fans who are voting in Japan’s premier annual girl-band election. Wait, what? Here’s the lowdown: there is a super-popular girl band in Japan called AKB48 that is made up of a rotating lineup of 64 — yes, 64 — different members. Every year, fans of the group vote for their favorite band members in a “general election.” The winners of the election then go on to record a single together that will be released in celebration of girl-band democracy. More →
Security firm Kaspersky Lab has begun to independently examine Apple’s Mac OS X platform and found that it’s highly vulnerable to malware. “As Mac OS X market share continues to increase, we expect cyber-criminals to continue to develop new types of malware and attack methods, ” the company’s CTO Nikolai Grebennikov said. “In order to meet these new threats, Kaspersky Lab has been conducting an in-depth analysis of Mac OS X vulnerabilities and new forms of malware.” Kaspersky Lab co-founder and chief executive Eugene Kaspersky previously said that Apple is a decade behind Microsoft in terms of computer security, a view Grebennikov shares. More →
Microsoft researchers recently discovered a piece of Mac OS X malware that exploits a three-year-old flaw in old versions of Office for Mac. The threat uses a multi-stage attack, just like a Windows virus would. While Microsoft did fix the problem in 2009, the software giant notes that not every machine is up-to-date. The company’s data indicates, however, that the malware is not widespread. “No operating system that exists outside a laboratory is entirely immune to malware,” Microsoft stated on its blog. “As different operating systems continue to gain in popularity they attract more attention from would-be attackers – especially since, as we see in the example analysis above, the techniques and understanding needed to do so may be much the same as those used against other platforms. And even though an operating system may include many risk-reducing mitigation technologies, any machine’s defenses against vulnerabilities are directly related to how current its security updates for applications are kept.” Microsoft concludes by warning users of Office 2004 for Mac, Office 2008 for Mac or Open XML File Format Converter for Mac to update their software in order to protect themselves from possible threats. More →