John Leyden, The Register, 11/21/2011

Related posts:

1. Sprint’s Android update plans highlight fragmentation Nancy Gohring, IDG News Service, 12/14/2009 It could be seven...
2. Webroot gets into Android security with new app Don Reisinger, CNET News, 4/4/2011 Security firm Webroot has announced...
3. New Trojan Hits Android, Study Suggests Better Smartphone Security Mark Kurlyandchik, DailyTech, 9/13/2010 While viruses are not nearly as...

Tech Laze, 10/24/2011

It seems that the Firefox for mobile project is in full swing. With tablet support already underway, Firefox’s Android version will soon be getting a bunch of exciting new features. Planned for Firefox 10 are features like Flash Support, camera UI and safe browsing which will put the open source browser at par with competitors like Dolphin and Opera. Here’s a look at the features in a little more detail.

While Flash support isn’t the most exciting feature around, it is still an important prerequisite for Firefox to compete with Android’s default browser. Many pages on the web still use Flash and not being able to view them on Firefox might cost it a lot of users. If you have Flash player installed on your Android device, Firefox will use it as a plugin, thus getting rid of those empty boxes you currently see. If all goes well, expect to see this feature in Firefox 10 which hits Aurora on November 8, 2011.

Also in the pipeline is a feature called Camera UI, which will give Firefox the ability to take a picture from the phone’s camera and use it in a web application. This is especially useful for taking pictures and uploading them to sites like Facebook, right from the browser. Even though it is not a major feature, Camera UI will definitely integrate Firefox more tightly with the rest of the system. Camera UI has already landed in Aurora Channel and will be going into beta from November 8, 2011, so, users can expect to find this feature in Firefox 9.

The third and the most important feature that is currently under progress is safe browsing. Expected to land in Firefox 10, safe browsing is a set of server-side features that check a URL against a list of blacklisted URLs in order to keep the user safe. This will give Firefox the edge over other browsers when it comes to security. Overall, the list of features is quite impressive, but Firefox still has a lot of catching up to do before it takes on other heavyweights like Dolphin, Opera and of course the default browser.

Related posts:

1. Mobile Firefox Skips Flash In Favor Of HTML5 Erick Schonfeld, TechCrunch, 3/29/2011 A week after launching the official...
2. Firefox 4 for Android launched, ready to Sync and speed up your browsing Vlad Savov, Engadget, 3/29/2011 It was a release candidate just...
3. Full Flash Support May Give Android a Competitive Edge Barry Levine, MobileTechToday, 4/28/2010 The next version of Android will...

Josh Ong, AppleInsider, 8/24/2011

A new study has found that iOS remained untouched by malware during the second quarter, while Android faced 76 percent more threats than in the first quarter, making it the most targeted mobile platform.

McAfee detailed the information in its Second Quarter 2011 Threats Report, noting that the “threat landscape of 2011 is undergoing a year of chaos and change,” as noted by MacNN.

Google’s Android platform jumped from being the third-most targeted platform for mobile malware in the first quarter to taking the number one spot with 44 cases of malware. Java ME, the second-most targeted platform, had one-third the volume with just 14 exploits.

“This increase in threats to such a popular platform should make us evaluate our behavior on mobile devices and the security industry’s preparedness to combat this growth,” the report said.

Several security firms warned early this month that Android has become increasingly susceptible to attack, while at the same time noting that Apple’s platform is relatively more secure than its rival. In June, Symantec issued a report that found iOS to have “full protection” against malware attacks, while Android was characterized as having “little protection.”

McAfee did note that Apple’s Mac platform has faced a threat from a fake anti-virus malware called MacDefender. The firm speculated that such attacks would eventually make their way to the iPhone and iPad, calling it a “case of “when” rather than “if.”"

In addition to Apple’s iOS, HP’s webOS was the only other mobile platform to avoid any attacks, though the platform’s inability to attract user interest may explain the lack of malware.

Intel surprised Wall Street by purchasing McAfee last year for $7.68 billion. The world’s largest chipmaker has expressed an interest in implementing security features at the chip level with the help of McAfee.

Related posts:

1. Android, Symbian have most malware among mobile platforms Dan Seifert, MobileBurn, 6/2/2011 A new report on mobile security...
2. Malware writers gunning for Google Android Ellen Messmer, Network World, 5/10/2011 Apple iPhone threats increasing, but...
3. Expensive malware appears for Microsoft’s Windows Mobile Prince McLean, AppleInsider, 6/5/2010 Malware embedded into legitimate-looking games designed...

Lance Whitney, CNETNews, 8/16/2011

A new flavor of Android malware is disguising itself as a Google+ app in an attempt to capture instant messages, GPS, location, call logs, and other sensitive data.

Uncovered by the team at Trend Micro, the new malware known as ANDROIDOS_NICKISPY.C can also automatically answer and record phone calls. To capture data, the app loads at boot-up and runs certain services that can monitor messages, phone calls, and the user’s location, thereby stealing e-mail and other content.

Detailing its findings in a blog Friday, Trend Micro said it discovered that the malicious app tries to trick people by installing itself under the name Google++.

But instead of providing access to Google’s new social network, the app sends its stolen user data to a remote site where presumably cybercriminals can grab it. Unlike some malware in the past that masqueraded as legitimate apps through Google’s Android Market, this particular one must be downloaded by an unsuspecting user from a malicious Web site and then manually installed.

And even if installed, the app can be uninstalled from an Android device by selecting Settings > Application > Manage applications, choosing Google++ and then clicking Uninstall, according to Trend Micro.

Trend Micro gives the app a low-risk rating, but it’s still something that Android owners should be sure to avoid.

Related posts:

1. Twenty-Five More Malware Apps Turn Up In Google’s Android Market Andy Greenberg, Forbes, 5/31/2011 Rogues apps in Google’s Android App...
2. Malware writers gunning for Google Android Ellen Messmer, Network World, 5/10/2011 Apple iPhone threats increasing, but...
3. Google Pulls 21 Apps In Android Malware Scare Jolie O’Dell, Mashable, 3/1/2011 Google has just pulled 21 popular...

TechCrunch, 8/11/2011

You’re all aware of the increase in “hacktivism” and malware we’ve been seeing over the past few months, and as it turns out, the carriers are aware of it, too. Just yesterday, Sprint announced the availability of its McAfee security apps for Android, and today AT&T is looping in Juniper Networks for its new mobile security platform.

Though it’s not quite rolled out yet, the first phase of AT&T’s security platform will be the launch of its AT&T Mobile Security app, which will be based on Juniper’s Junos Pulse client. The app won’t launch until later this year. According to the release, the application will help keep both personal and enterprise phones safe by offering control and monitoring of apps and enabling anti-virus and anti-malware on the phone.

The truth of the matter is you can never be too secure when it comes to technology, especially with our banking and personal contact information all stored away in our smartphones. There are already plenty of anti-virus and anti-malware apps available in both the Android Market and the App Store, along with various other application stores, but it’s definitely good to see the carriers get involved.

Related posts:

1. Security flaw creates Android, Palm Pre snoop risk John Leyden, The Register, 8/13/2010 Security researchers claim to have...
2. ‘Suspicious Code’ in Fake Android Security Patch Michelle Megna, InternetNews.com, 3/10/2011 A security patch for Android smartphones...
3. Webroot gets into Android security with new app Don Reisinger, CNET News, 4/4/2011 Security firm Webroot has announced...

John Leyden, The Register, 8/4/2011

Android users at front line of attack

The number of apps on mobile marketplaces contaminated with malware grew from 80 to 400 during the first half of 2011, according to a study by Lookout Mobile Security.

Android users are particularly at risk of downloading contaminated apps from markets and download sites. Two of the most commonplace threats, DroidDream and GGTracker, were regularly hidden into repackaged gaming apps or utilities and uploaded to Android app marketplaces.

Based on data culled from its mobile threat network, Lookout reckons between a half million and a million users were exposed mobile malware in the first six months of 2011.

Threats include malware strains that send text messages from compromised phones. These types of attacks mainly affected Android users in China, Russia and Eastern Europe but arrived in the US last month with a threat called GGTracker.

Web-based threats mean that security risks exist for mobile users outside the Symbian and Android families, the two mobile platforms most commonly targeted by virus writers. Lookout reckons VXers are increasingly looking to redirect surfers to malicious sites contaminated with malware that triggers a download as an alternative to tricking them into opening malicious (Trojanised) applications directly. Update attacks, where an attacker first publishes a legitimate application with no malware – it is only updated with malware components once it has a large user base – have also begun to appear.

“As mobile devices grow in popularity, so do the incentives for attackers,” says Kevin Mahaffey, CTO and co-founder of Lookout Mobile Security. “We’ve seen the prevalence and the level of sophistication of mobile malware attacks evolve significantly in the first six months of 2011. We expect this trend to continue as more and more people adopt mobile devices.”

Related posts:

1. Android mobile malware has botnet-like traits Jeremy Kirk, ComputerWorld, 12/29/2010 Hackers are aiming for users of...
2. Twenty-Five More Malware Apps Turn Up In Google’s Android Market Andy Greenberg, Forbes, 5/31/2011 Rogues apps in Google’s Android App...
3. Apple’s iOS unaffected by malware as Android exploits surge 76% Josh Ong, AppleInsider, 8/24/2011 A new study has found that...

Brad Reed, Network World, 7/14/2011

Android users hit by banking Trojan that has plagued Symbian, BlackBerry and Windows Phone users

A banking Trojan that has plagued Symbian, BlackBerry and Windows Phone users has now made its way to Android devices.

The Zitmo Trojan, which has been used by the ZeuS criminal gang to steal banking information, was confirmed to be on Android devices by security firm Fortinet last week. In a blog post on the company’s website, senior antivirus analyst Axelle Apvrille said that the Trojan poses as a banking activation application and then once installed sniffs out SMS sent from the bank to the user. It then combs through the SMS to pull out the mobile transaction authentication number (mTAN) that is used as a one-time password to complete mobile banking transactions.

As outlined by the S21Sec security blog last year when the Trojan first made appearances on other mobile operating systems, the Trojan is a clever way to sneak around banks’ two-factor authentication systems for performing mobile transactions. First, ZeuS-created malware must obtain a person’s bank account user name and password. From there, it acquires the user’s cellphone number and sends an SMS purporting to be from the bank that contains a malicious application posing as an online banking app. Once this app is installed, it sniffs all incoming SMS for mTANs that it can use to perform transactions on the user’s account.

“In the background, it listens to all incoming SMS messages and forwards them to a remote Webserver,” explains Apvrille. “It’s simple, but just enough for the ZeuS gang to grab your banking mTANs.”

Although the Zitmo Trojan is a potentially expensive headache for Android users, it isn’t at all unique to Android devices and is unrelated to security issues Android has had in the last year with its online Android Market application store. The most high-profile problem came in March when Google removed around 50 applications from the Android Market that contained malicious code. Google has long had a policy of allowing any developer to post mobile applications on the Android Market and relying on users to flag malicious apps for the company to remove.

Related posts:

1. Banking trojan hits Android Gareth Halfacree, Bit-Tech, 1/1/2010 A malicious application has been removed...
2. New Trojan Hits Android, Study Suggests Better Smartphone Security Mark Kurlyandchik, DailyTech, 9/13/2010 While viruses are not nearly as...
3. Zeus Trojan Infects BlackBerry via SMS Nan Palmero, BlackberryCool, 3/8/2011 BlackBerry is a mostly secure platform,...

Dan Seifert, MobileBurn, 6/2/2011

A new report on mobile security by McAfee suggests that Android and Symbian are the most targeted mobile platforms for malware.

McAfee says that the ability for Android phones to sideload apps and the fact that there is no centralized place for Google to check for malicious behavior as the reasons why malware has propagated on the platform.

Malware creators have also put their efforts towards attacking users on the Symbian and older Windows Mobile platforms. Many of the attacks had been aimed at stealing users’ banking information.

Not mentioned in the report are RIM’s BlackBerry platform and Apple’s iOS, both of which are considered to be more secure than other mobile platforms on the market.

Related posts:

1. Apple’s iOS unaffected by malware as Android exploits surge 76% Josh Ong, AppleInsider, 8/24/2011 A new study has found that...
2. Malware writers gunning for Google Android Ellen Messmer, Network World, 5/10/2011 Apple iPhone threats increasing, but...
3. Expensive malware appears for Microsoft’s Windows Mobile Prince McLean, AppleInsider, 6/5/2010 Malware embedded into legitimate-looking games designed...

John Leyden, The Register, 6/1/2011

Fake security updates and other Windows malware-style trickery

Related posts:

1. Android, Symbian have most malware among mobile platforms Dan Seifert, MobileBurn, 6/2/2011 A new report on mobile security...
2. Android Phones Get Lockdown, Remote Wipe Tech Mark Hachman, PC Magazine, 2/18/2010 F-Secure has begun offering a...
3. Apple’s iOS unaffected by malware as Android exploits surge 76% Josh Ong, AppleInsider, 8/24/2011 A new study has found that...

Andy Greenberg, Forbes, 5/31/2011

Rogues apps in Google’s Android App Market may be slowly shifting from an occasional outlier to a routine annoyance.

On Sunday night, mobile security firm Lookout announced it had found 25 more malicious programs in Google’s app store, likely created by the same developer as the DroidDream malware that was found to be included in 50 of Google’s apps last March.

Lookout says it told Google about the new malware, a simpler version of DroidDream’s malicious code that Lookout is calling DroidDreamLight, and Google has already removed the offending apps from the market while it investigates. Lookout estimates that between 30,000 and 120,000 users’ devices are already infected. If Google confirms Lookout’s find it may use its remote kill switch to wipe the programs from users’ devices as it did with the original DroidDream batch in March.

I’ve contacted Google for more information but haven’t yet heard back from the company.

According to Lookout’s analysis, DroidDreamLight can be activated with a phone call after it’s downloaded, and sends identifying information from target phones to one of three remote servers, including the phone’s unique identifiers and information about what other programs are installed. It can also install more malicious software, though not without prompting the user for confirmation.

The malware was packaged in copies of legitimate apps, listed below, and posted to Google’s Android market by four fraudulent developers, Lookout says: Magic Photo Studio, Mango Studio, E.T. Tean, and BeeGoo. If one of the following apps is installed on your device, check the developer to make sure it’s the real author and not one of those four impostors.

Here’s the list of potentially infected apps:

• Sexy Girls: Hot Japanese
• Sexy Legs
• HOT Girls 4
• Beauty Breasts
• Sex Sound
• Sex Sound: Japanese
• HOT Girls 1
• HOT Girls 2
• HOT Girls 3
• Floating Image Free
• System Monitor
• Super StopWatch and Timer
• System Info Manager
• Call End Vibrate
• Quick Photo Grid
• Delete Contacts
• Quick Uninstaller
• Contact Master
• Brightness Settings
• Volume Manager
• Super Photo Enhance
• Super Color Flashlight
• Paint Master

DroidDreamLight doesn’t seem to represent the same level of threat as its predecessor from March, which infected a quarter of a million users and carried an exploit payload capable of gaining complete access to their phones. Given that this simpler version of the Android malware requires users to verify any subsequent downloads, it can’t easily hijack many of the phone’s functions.

But the new malware outbreak shows that Google’s rogue app problem continues, as cybercriminals shift their sights to mobile devices. And for users, it should inspire caution, particularly when approving an application’s access to your phone’s sensitive data, says Lookout chief technology officer Kevin Mahaffey.

“When you download apps, if some sexy girl app needs to access your phone’s state and identity, that’s a tip off something weird is going on,” he says.

Related posts:

1. Google Pulls 21 Apps In Android Malware Scare Jolie O’Dell, Mashable, 3/1/2011 Google has just pulled 21 popular...
2. Malware sneaking into Android market John Burke, DownLoadSquad, 1/15/2010 It was bound to happen. In...
3. Mobile app malware menace grows John Leyden, The Register, 8/4/2011 Android users at front line...