Virus writers hit Google Android phones

[Admin]

Virus writers hit Google Android phones.

11 August 2010 Last updated at 07:35 GMT
http://www.bbc.co.uk/news/technology-10928070

A malicious application that can steal cash via phones running Google's Android operating system has been found.

The program poses as a media player but once installed starts sending premium rate text messages.

The service being sent messages is operated by the malicious app's creator, who scoops up the fees.

Discovered by Kaspersky Labs, it is believed to be the first booby-trapped application for Android.

In a security advisory Kaspersky said that the virus - Trojan-SMS.AndroidOS.FakePlayer.a - is being spread by text message. The message prompts users to install an application, 13KB in size, which purports to be a media player.

The virus was most prevalent among Russian Android users. The risk to Android owners worldwide is believed to be low.

'Trusted model'
 
In its advisory it said that the huge growth in the number of Android applications was likely to make the phones tempting targets for criminals.

"We can expect to see a corresponding rise in the amount of malware targeting that platform," said Denis Maslennikov, mobile research group manager at the firm.

Simeon Coney, spokesman for mobile security firm AdaptiveMobile said booby-trapped applications that run up big bills via premium rate numbers were very common on other platforms such as Symbian.

Symbian is the most popular smartphone operating system, commonly used on handsets built by Nokia and Sony Ericsson.

"There are a significant number of Java based mobile viruses that do exactly the same malicious activity of sending out premium rate (i.e. reverse charge) SMS," he said.

Like other mobile application stores, Google has a system in place that can revoke malicious applications and stop them running on handsets.

"Our application permissions model protects against this type of threat," said a spokesperson for Google.

"When installing an application, users see a screen that explains clearly what information and system resources the application has permission to access, such as a user's phone number or sending an SMS.

"Users must explicitly approve this access in order to continue with the installation, and they may uninstall applications at any time.

The spokesperson said the firm advises users to "only install apps they trust".

"In particular, users should exercise caution when installing applications outside of Android Market."

[Admin]

Secure your Android phone against Trojans
By Thomas Newton on Thursday, 12th August 2010

http://recombu.com/apps/secure-your-android-phone-against-trojans_M12171.html



Earlier this week the first SMS Trojan for Android phones was detected by Russian security firm Kaspersky Labs. A prompt to download an app called ‘Movie Player’ appeared in the notification bar of victim’s phones. Once installed the virus would send out text messages to premium rate numbers, with the victim having to foot the bill.

Luckily the virus - now referred to by Kaspersky as "Trojan-SMS.AndroidOS.FakePlayer.a" - appears to be confined to Russian mobile networks so hopefully we won’t see it in the UK. Also it doesn’t look like the fake app can be accidentally downloaded from the Android Market, so there’s no worries to be had there. That’s not to say that you shouldn’t be careful what you download and install on your phone. We’ve put together a quick guide of how to best way to prevent your Android phone from trojans and malware.

Install a security app

The first step to safeguarding your Android phone is to download a dedicated security app. Lookout Security, MyAntiVirus Pro and Super Security scan apps from the Android Market as you install them and allow you to perform manual scans of everything on your phone.

Any malware, dodgy apps or other risky items will be highlighted by the apps and you’ll be given the option to delete them from your phone.

Lookout Security and Super Security both give you the option to save contacts and pictures to a remote server. So that in the event of your phone getting stolen or picking up a virus which requires a factory reset of the phone, you can get all of your old stuff back.

Check app permissions before installing

Even with a security app running under the hood, we’d advise you to be prudent about what you download from the Android Market all the same.

Before you install an app from the Android Market, you’ll be given a list of your phone’s features the app has access to. Things like your GPS location, audio settings, memory card settings, when you’re using your phone to make a call, access the internet or send a text. These appear in orange text and have an exclaimation mark icon next to them.

To review permissions of apps you've already installed on your phone, go to Settings > Applications > Manage Applications.

The offending TrojanSMS FakePlayer app caught by Kaspersky had the “Services that cost you money (send SMS messages)” permission checked prior to you installing it. So if you download a wallpaper or theme app that wants to modify your SD card and know when you’re calling and texting people you have every right to be suspicious.

Of course some apps require certain phone functions to work. Google Maps for example needs to know your location otherwise it can’t do it’s job. Just because an app wants to know when you’re using your phone to call someone, or when you’re connected to the internet doesn’t mean you shouldn’t trust it. Think about what the app does before installing it and ask yourself whether or not the permissions are valid.

Check for unknown sources

Sometimes you’ll want to install apps and files on your phone from outside the Android Market - from a developer’s site for example. In order to do this, you’ll need to head into Settings > Applications and check the 'unknown sources' box to allow installation of non-Market apps. Be aware that doing this leaves you vulnerable to damage caused to your phone. When you check the ‘unknown sources’ box, your Android phone will remind you that you are responsible for any loss of data or damage caused as a result of installing apps from outside the Market.