Linked by David Adams on Tue 2nd Aug 2011 22:40 UTC
Privacy, Security, Encryption A new Trojan horse app has emerged to target Android devices, and this one's particularly creepy. The app records a user's phone calls and then uploads them to a remote server. The app was revealed Tuesday by security researcher Dinesh Venkatesan on the Security Advisor Research Blog, published by CA Technologies, now known as Total Defense. While this particular Trojan doesn't appear to be a threat in the wild--at least not for North American users--it's a good reminder of the growing threat of mobile malware.
Order by: Score:
Geez
by WorknMan on Wed 3rd Aug 2011 00:04 UTC
WorknMan
Member since:
2005-11-13

It's just sad that we need a damn firewall on our smartphones now days. I'm not saying this as a rant about how insecure these phones are, as this probably can't be helped... just grieving over the sad state of humanity that this is even necessary. Way too many assholes in the world.

Reply Score: 4

RE: Geez
by _xmv on Wed 3rd Aug 2011 07:39 UTC in reply to "Geez"
_xmv Member since:
2008-12-09

these guys are nothing next to large companies lobbies and banks. thats whats really sad ;)

Reply Score: 6

Just say no
by Macrat on Wed 3rd Aug 2011 04:02 UTC
Macrat
Member since:
2006-03-27

Don't install junk.

Reply Score: 2

Another pubivertizing
by _xmv on Wed 3rd Aug 2011 07:42 UTC
_xmv
Member since:
2008-12-09

Id like to note as well that its this another advertisement article for a company selling "security software" for android.

I dislike those quite a bit and I wonder how its linked on osnews.

Reply Score: 2

RE: Another pubivertizing
by geertjan on Wed 3rd Aug 2011 07:54 UTC in reply to "Another pubivertizing"
geertjan Member since:
2010-10-29

Agreed. Also, from what I've heard, this app can hardly be called "malware", as it's just a normal app that you have to install manually and asks your permission to your data, just like any other app.

Reply Score: 2

RE[2]: Another pubivertizing
by righard on Wed 3rd Aug 2011 10:31 UTC in reply to "RE: Another pubivertizing"
righard Member since:
2007-12-26

I think you are confusing the term malware with virus, but I agree with your sentiment.

Reply Score: 2

minor malware
by rsmithers on Wed 3rd Aug 2011 13:46 UTC
rsmithers
Member since:
2011-08-03

Most of the article's advice is for laymen. And while it's important that much of it be followed, I have some issues with the information presented:

1. Security software can only do much to protect you if it has root access -- because you have to assume that your malware will.

2. Locking your phone doesn't protect your stolen device much if you're one of the plethora of people who leave USB debugging enabled OR install APK files that they've backed up on their unencrypted SD card. No special equipment required.

3. None of this takes into account more significant efforts. The malware that can be subverted by the article's recommended steps is hardly visionary. See: http://bit.ly/mkDUVM (this article is apparently more poignant than I originally gave it credit for, as after mentioning it in a comment on Android Central, the comment was removed and my account was disabled).

Reply Score: 2

bloodline
Member since:
2008-07-28

One could allow the mobile device vendor to vet and approve each app before allowing the user to install it. This is the simplest solution and in practice very effective ;)

Reply Score: 1

leech Member since:
2006-01-10

Nah, that still doesn't work 100%. Better yet is to use something like the N900 that actually has a community repository and a testing environment that weeds out all the nasties.

That and it runs a REAL Linux distribution rather than just a Linux Kernel with a Java VM.

Reply Score: 3