1 2 Previous Next 11 Replies Latest reply: Apr 1, 2011 9:42 AM by droidsw RSS

    Mother Of All Android Malware

    Djsmurf

      I have been a bit busy trying to work with the real Android Devs reguarding this issue.

       

      Why is there nothing, (not that I looked very hard) on the verizon fourm about the recent 2 (very serious) trojans that are going around? Not even a decent mention of Droiddream, wow.

       

      The Android Police reported this days ago (Glad their there Verizon seems to not be worried about the fact that tens of thousands of users on their network could be infected)

       

      I could go on and on but, seems Verizon and the great fourm people here  are not all that worried about it, so it should be ok, right.

       

      (This Malware was installed via pulling apps from the market, injecting code into them and replacing them into the market.  The first of the two roots the user’s device via rageagainstthecag ,  steals nearly everything it can: product ID, model, partner provider, language, country, userID,  IMEI and IMSI.  (Most/all of the apps have been removed from the market now, new ones?)   The kicker is once this is on your system even if you remove the app.  it can still install more code..... its reported that before google could remove the malicious they had already been downloaded 50,000 times, that was a few days ago and more apps with the malicious code were released and downloaded before being removed, so the full number is unknown.  

       

      The second one  well its a little more complicated considering the code itself is more encrypted then Fort Knox,  what is known, well it starts a timer (what happens when that hits 0 is anyones guess).

       

      As bad as google has been with getting back to people who report malicious, or priated apps oddly enough today they jumped and removed hundreds of them, sounds like something has them worried.

       

      Hey you could be a rooted user and not even know it.

       

      In Verizons defence anyone who is using android 2.3 (gingerbread) is/was safe, now if you have gingerbread on your X raise your hand.........

        • 1. Re: Mother Of All Android Malware
          gerio

          You got one thing right there, DJ...

           

          YOU DIDN"T LOOK VERY HARD...

           

          So what do you call this?...

           

          http://community.vzw.com/t5/DROID-Apps/Google-pulls-Market-apps-with-root-exploit-one-patched-in-AOSP/td-p/462512

           

          This was posted 3 days ago. Or did you look over it because it was posted by the guy that you were ripping over the screen issue? And there are 2 other posts asking about the need of AV programs, of which I haven't read because I know the answer (now more than ever). 

           

          Your post actually has some merit, it you didn't have your usual pompous, holier-than-thou attitude about it, particularly towards Verizon. That's like bashing Gateway over viruses when Microsoft is the OS maker that needs to be addressing the virus and malware issue. And what would you have Verizon do? Much like it's Microsoft's duty to send out virus alerts (oh, and you Mac people better get used to dealing with malware, too, as the popularity increases), it's Google's duty to address the issues, too.

           

          As for not seeing much conversation about it here, have you looked around the land lately? Middle East coming un-glued? $4.00/gallon gasoline? Food prices going out of sight? Politicians can't do anything without looking like third-graders fighting on the playground? Economy nearly comatose? Weather freaking out? The General Public has been so hammered lately that the Android virus and malware issues, while certainly a big concern to smartphone users, frankly doesn't bug me as much as spending $70.00 to fill my gas tank when it used to take $50.00.  I'll admot that it doesn't bug ME so much because I have already, for some time now, taken steps to avoid being affected (infected?) by the malware issues.

           

          At the same time, there are other sources of tech info that could do more to make people aware of the fact that viruses and malware are becoming a problem. Yes, a couple of well-placed stickies in the forum by the Mods would be a good idea. 

           

          It's good of you to want to look out for the common man's well-being, but if you continue to post in the condesending manner that is typical of your postings, you will continue to be engaged in back-and forth sniping between yourself and people like me who don't believe in putting up with bad behavior. Or better yet (or worse, depending on the point of view), totally and completely ignored by people that have more sense than either of us.  You seem to be intelligent and have good points to offer, but when people are treated like bugs to be walked on and squashed, they are going to tune out. And quickly.

           

          Geri "pliers in hand" O (just consider that a little tweak for when, not if, you respond to this)

           

           

          • 3. Re: Mother Of All Android Malware
            droidsw

            A little to add to Gerio's comments......

             

            Those that spend more time here other being negative and insulting people were aware that the subject was also discussed, as Gerio mentioned, within the contents of other threads, including "Are Scanning Apps Needed", for one.

             

            As for droiddream, by the time information was out about it, the suspect apps had already been pulled from the market and there wasn't much left for the consumer to do but read about it, anyway.

             

            That "news" was on CNN, Google news and a plethora of  "tech" sites (androidpolice, droidlife, cnet), etc. that, to be honest are better sources for the latest news. Didn't get the impression that these forums were supposed to be CNN. However, for you: 

             

             

            Today's Headlines: 

             

            Gadhafi Won't Step Down 


            Wisc Still in Fight With Unions

             

            Charlie Sheen Still "Winning".

             

             

            • 4. Re: Mother Of All Android Malware
              HappyJackDaddy

              Wow!  Nice post, Gerio.  You go!

              • 5. Re: Mother Of All Android Malware
                droidsw
                Here is an update explaining Google's reaction and steps to prevent a repeat.

                The attack never threatened Android versions 2.2.2 or higher.

                http://googlemobile.blogspot.com/2011/03/update-on-android-market-security.html
                • 6. Re: Mother Of All Android Malware
                  Wildman

                  Yeah I seen that up date and that should smooth over some users concerns but proves that any OS has possibilities of envy...

                  • 7. Re: Mother Of All Android Malware
                    droidsw

                    Did anyone read the comments in the Googlemobie blogspot article link I posted? There are people that are furious that Google not only pulled the malicious apps from the market, but that they also pulled the apps off devices they were downloaded onto.

                     

                    There are people thinking it's an outrage that Google has access to our phones. One comment even compares it to the situations in the Middle East and implied that our govt might use Google's "authority" to disable US citizen's phones to prevent such uprisings here.......

                     

                    Are people just plain raging insane, or what????????????

                     

                     

                     

                     

                    • 8. Re: Mother Of All Android Malware
                      Djsmurf

                      @ Gerio 

                       

                      "pliers in hand" you might not want to do that, I hear Verizons new CLNR program charges $299 if the phone your sending them is damaged :smileysurprised:

                       

                      On another note I just found it funny that this post is "Top Kudoed Posts in 'DROID X by Motorola'", ( in the last 30 days) do you think thats because you were talking about $4.00/gallon gasoline?

                       

                       

                      • 9. Re: Mother Of All Android Malware
                        vereyezuhn

                        Djsmurf wrote:

                        @ Gerio 

                         

                        "pliers in hand" you might not want to do that, I hear Verizons new CLNR program charges $299 if the phone your sending them is damaged :smileysurprised:

                         

                        On another note I just found it funny that this post is "Top Kudoed Posts in 'DROID X by Motorola'", ( in the last 30 days) do you think thats because you were talking about $4.00/gallon gasoline?

                         

                         


                        Was reading through this whole post, and this one here in particular confuses me. 1. Why would you need a refurbished phone if yours wasn't broken to some degree, and how would Verizon know what "damage" was causing the phone's problem and when it happened?? (I've gotten multiple certified like new replacements and sent in broken phones that were severely cosmetically damaged, even though that did not cause the phones' problems) And 2. This post has 3 kudos, none of which are on your two posts here. I really don't get what you're trying to say with either of these comments.

                        1 2 Previous Next