Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

New Android Adware Affects Thousands of Apps

posted by martyb on Friday November 06 2015, @10:51AM   Printer-friendly
from the great-deals-coming-to-E-Bay dept.

fliptop writes:

Researchers at Lookout Security have discovered more than 20,000 adware samples that masqueraded as legitimite apps like Facebook, Twitter and Snapchat. Calling it "trojanized adware", they described what they found:

By taking legitimate apps from the Google Play store, malicious actors will repackage the app with baked-in adware, and serve it to a third-party app store. In many cases, the apps are still fully functional and doesn't alert the device owner.

It works like this: the user installs an app from a third-party store, and the app auto-roots gaining access to the entire phone's system -- an act alone that punches a hole in Android's security, opening up more ways for hackers to launch their attacks. Periodically from there, the app will serve ads, which generates money for the attacker.

The good news is there's no indication apps installed from the official Google Play store are affected. The bad news is, that short of reflashing the device's ROM, it's almost impossible to remove, forcing most users to replace their devices entirely.

Original Submission

 
This discussion has been archived. No new comments can be posted.
New Android Adware Affects Thousands of Apps | Log In/Create an Account | Top | 11 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by frojack on Friday November 06 2015, @09:22PM

    by frojack (1554) on Friday November 06 2015, @09:22PM (#259666) Journal

    Exactly.

    user installs an app from a third-party store,

    Ok, train left the tracks right there!

    Don't come crying if you get crapware from a warez site. Everyone knows the risks by now.

    Oh, and don't come around whining that I'm blaming the the victim, because that is EXACTLY what I'm doing.

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 1) by anubi on Saturday November 07 2015, @01:33AM

    by anubi (2828) on Saturday November 07 2015, @01:33AM (#259756) Journal

    On the PC, I can at least do a form of integrity checking on the thing I download ( MD5 ).

    There are several sites I can go to and tell them the MD5 I got and they will tell me what I have ( their database is keyed to the MD5 ).

    This has helped me a lot in avoiding incidental malware installs.

    Something like this needs to be done for phones, where you can have your whatever vetted by some sort of digester which puts out the wrong digest if the thing has been monkeyed with.

    In the PC world, its very common for me to see well known packages bundled inside of hostile "installers", often from well publicized sites which give all appearances of authenticity. Be very wary of having *anything* installed from a site.

    Download the thing. Do NOT execute it. Let a MD5 digester look at it first and give you the hash. Google your hash. Then make your decision based on what you get back from Google.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]