BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 08-10-2010, 03:39 PM   #1 (permalink)
Appleinator
 
Dubdub's Avatar
 
Join Date: Nov 2005
Location: New Hampshire
Model: App5
OS: AJBR549
PIN: Ask
Carrier: ATT & Verizon
Posts: 20,035
Post Thanks: 54
Thanked 782 Times in 742 Posts
Default Let the Droid Viruses begin!

Please Login to Remove!

Security firm Kapersky Lab has issued a warning for users of Android handsets. Kapersky says it has discovered the first Trojan-SMS that specifically targets Android devices.

The Trojan, named SMS.AndroidOS.FakePlayer.a, tricks users into downloading it by posing as a media player. After the 13Kb app is installed, it begins sending SMS messages to "premium rate numbers" unbeknownst to device owners. The result is that end users are hit with unwanted SMS-related charges on their wireless bill. Kapersky cautions that Android users pay close attention to the services that applications request to access before installation.
__________________
-->>BB FAQ

-->>Stinsonddog's Tip Site!

-->>Twitter


If someone helps, tell them by clicking the Thanks button.!!
Offline  
Old 08-10-2010, 06:26 PM   #2 (permalink)
BlackBerry Genius
 
TBOLTRAM's Avatar
 
Join Date: Jun 2007
Location: Houston, Texas
Model: 5S
OS: 8.1
PIN: & Teller
Carrier: Verizon
Posts: 5,239
Post Thanks: 71
Thanked 111 Times in 77 Posts
Default

Sounds like a non-secure phone operating system. So much for the fad of the month.
__________________
There is no Hope. She left last week.
Offline  
Old 08-10-2010, 06:28 PM   #3 (permalink)
BBF Moderator
 
akosnitzky's Avatar
 
Join Date: Jul 2005
Location: Southern Florida
Model: 9650
OS: 6.0.0.333
Carrier: Verizon BIS
Posts: 14,484
Post Thanks: 6
Thanked 7 Times in 7 Posts
Default

I guess my blackberry is a nice thing to have with all the Droid Hype.
Posted via BlackBerryForums.com Mobile
Offline  
Old 08-10-2010, 07:21 PM   #4 (permalink)
BlackBerry God
 
aiharkness's Avatar
 
Join Date: Jul 2005
Location: Florida Panhandle
Model: BBPP
OS: 10.3.0
Carrier: T-Mobile USA
Posts: 13,752
Post Thanks: 16
Thanked 503 Times in 489 Posts
Default

Security is something I didn't think a wit about when I bought my first blackberry. But it's something I've come to appreciate. If I ever contemplated switching to another system, secuity would be the top consideration; but I don't know what compares to blackberry, really, in a device that I would use.

Today I followed some news alert links to new articles about the anticipated blackberry tablet. The latest articles said it will be running android. I said to myself, geeze, no, please no. Then read a post at BGR discounting that rumour and referring to RIM's purchase of a company called QNX. Googled QNX and feel better.
__________________
- Ira
Offline  
Old 08-11-2010, 10:34 AM   #5 (permalink)
New Member
 
jsconyers's Avatar
 
Join Date: Jul 2007
Location: In a van down by the river.
Model: NOTE2
OS: 4.1
PIN: <- Where do I find this?
Carrier: Sprint
Posts: 15,071
Post Thanks: 139
Thanked 140 Times in 121 Posts
Default

In all fairness, the user has to go into their security settings and uncheck a setting to allow unsigned apps. Even after that, they are prompted with a screen that shows what the app will need to access (like the permissions screen on the BlackBerry) and they have to okay it.

Why would any user install a media app that asks for permission to access SMS? No matter how secure a device is, the weak link is the user. This isn't a sign of an non-secure OS, the security flaw here is the user.
__________________
The difference between stupidity and genius is that genius has its limits.
When you take things for granted, the things you are granted, get taken.
Even a mosquito doesn't get a pat on the back until it starts to work.
Too many people miss the silver lining because they're expecting gold.
[BES 5.0.3 / GroupWise 2012 HP2]
Offline  
Old 08-11-2010, 01:13 PM   #6 (permalink)
BlackBerry Genius
 
TBOLTRAM's Avatar
 
Join Date: Jun 2007
Location: Houston, Texas
Model: 5S
OS: 8.1
PIN: & Teller
Carrier: Verizon
Posts: 5,239
Post Thanks: 71
Thanked 111 Times in 77 Posts
Default

Quote:
Originally Posted by jsconyers View Post
In all fairness, the user has to go into their security settings and uncheck a setting to allow unsigned apps. Even after that, they are prompted with a screen that shows what the app will need to access (like the permissions screen on the BlackBerry) and they have to okay it.

Why would any user install a media app that asks for permission to access SMS? No matter how secure a device is, the weak link is the user. This isn't a sign of an non-secure OS, the security flaw here is the user.
JS, you are an educated user. I wonder how many of the other users are? How many people will try and get something free? The real problem is that it is going to get worse.
__________________
There is no Hope. She left last week.
Offline  
Old 08-11-2010, 01:20 PM   #7 (permalink)
BlackBerry God
 
aiharkness's Avatar
 
Join Date: Jul 2005
Location: Florida Panhandle
Model: BBPP
OS: 10.3.0
Carrier: T-Mobile USA
Posts: 13,752
Post Thanks: 16
Thanked 503 Times in 489 Posts
Default

I can't cite any details, but generally speaking, it would be possible for malware to get installed on a blackberry if the user were tricked into installing it, correct?

If what JS says is true -- and I believe him -- then you can't blame the OS.
__________________
- Ira
Offline  
Old 08-11-2010, 01:58 PM   #8 (permalink)
Appleinator
 
Dubdub's Avatar
 
Join Date: Nov 2005
Location: New Hampshire
Model: App5
OS: AJBR549
PIN: Ask
Carrier: ATT & Verizon
Posts: 20,035
Post Thanks: 54
Thanked 782 Times in 742 Posts
Default

I think all viruses and trojans, et al, get to your PC by some sort of user disconnect. They don't get there totally by themselves.
__________________
-->>BB FAQ

-->>Stinsonddog's Tip Site!

-->>Twitter


If someone helps, tell them by clicking the Thanks button.!!
Offline  
Old 08-11-2010, 02:17 PM   #9 (permalink)
BlackBerry God
 
aiharkness's Avatar
 
Join Date: Jul 2005
Location: Florida Panhandle
Model: BBPP
OS: 10.3.0
Carrier: T-Mobile USA
Posts: 13,752
Post Thanks: 16
Thanked 503 Times in 489 Posts
Default

Quote:
Originally Posted by Dubdub View Post
I think all viruses and trojans, et al, get to your PC by some sort of user disconnect. They don't get there totally by themselves.
I think it may be more correct to say most do; but plenty of windows user get their PC infected even when doing everything they are supposed to do. Don't know about newer windows, but winxp and earlier, certainly. There are things users can do (sandboxes and so forth), but those solutions are so far separated from out-of-the-box secure it isn't funny.
__________________
- Ira
Offline  
Old 08-11-2010, 10:16 PM   #10 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

Quote:
Originally Posted by Dubdub View Post
I think all viruses and trojans, et al, get to your PC by some sort of user disconnect. They don't get there totally by themselves.
Sometimes they do get there by themselves, with no user action. This can happen by landing on a page with an invisible iframe redirecting to a malicious site running exploits. Happens quite often actually. Not just Windows exploits, also Firefox, Adobe Reader and Acrobat, Quicktime, java, Wordpress and the list goes on and on.

The bad guys hack good normal websites and plant malicious code to spreak their evil.

Also there are worms that roam the internet waiting to infect unprotected, unpatched systems. This is from a few years ago, I don't think it happens so much now.

Infected in 20 minutes • The Register

Anyone remember the slammer worm?
Study: Slammer was fastest spreading worm yet | Networking - InfoWorld
I'll never forget that night when it hit, watching website after website go down. Didn't know what it was til the next morning. Very freaky.
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 08-11-2010, 10:21 PM   #11 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

First SMS Trojan detected for smartphones running Android


Moved to security section.
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!

Last edited by daphne : 08-11-2010 at 10:28 PM.
Offline  
Old 08-12-2010, 12:47 AM   #12 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

Technical analysis of the trojan:
Jaime Blasco Blog : /Malware/Analysis_of_Trojan-SMS.AndroidOS.FakePlayer.a.html
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 08-12-2010, 01:55 PM   #13 (permalink)
Talking BlackBerry Encyclopedia
 
Preroll's Avatar
 
Join Date: Nov 2008
Model: 9930
OS: 7.0.0.254
PIN: N/A
Carrier: Verizon
Posts: 424
Post Thanks: 0
Thanked 6 Times in 5 Posts
Default

Quote:
Originally Posted by TBOLTRAM View Post
JS, you are an educated user. I wonder how many of the other users are? How many people will try and get something free? The real problem is that it is going to get worse.
The guy who developed that stupid flashlight app for the iPhone wasn't so stupid. That app was a) free and b) infringed on your privacy by grabbing all your email addresses off the phone and sent them back to the developer. The developer then sold all those email addresses to marketing firms. He made $1500 in the first day and it was downloaded over 4 million times. Do the math, that guy made a fortune. These developers use the acronym TANSTAAFL = There ain't no such thing as a free lunch. They make these apps free to get you to download it. They'll make more money this way then actually charging for the app itself. Ironically, some paid apps still infringe on your privacy just like the free ones (that's really a double whammy)!

I delete any app that won't work because it requires me to allow access to user data! Also, use your firewall!

As for viruses, well that's another story all together....

Last edited by Preroll : 08-12-2010 at 01:56 PM.
Offline  
Old 01-03-2011, 04:39 PM   #14 (permalink)
Talking BlackBerry Encyclopedia
 
Preroll's Avatar
 
Join Date: Nov 2008
Model: 9930
OS: 7.0.0.254
PIN: N/A
Carrier: Verizon
Posts: 424
Post Thanks: 0
Thanked 6 Times in 5 Posts
Default Re: Let the Droid Viruses begin!

Here's a scary one for the Droid! Hence why I keep the FW turned on all the time on the BB.

Android Trojan Discovered, Sounds Terrifying - Gearlog)
Offline  
Old 01-03-2011, 06:52 PM   #15 (permalink)
Thumbs Must Hurt
 
Join Date: Dec 2010
Model: 8520
PIN: N/A
Carrier: vodacom
Posts: 85
Post Thanks: 4
Thanked 2 Times in 2 Posts
Default Re: Let the Droid Viruses begin!

Phonesnoop is detected as malware.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.