from the here's-looking-at-^W^W-watching-you,-kid dept.
Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users' e-mail, text messages, locations, voice calls, and other sensitive data.
The apps, which made their way onto about 100 phones, exploited known vulnerabilities to "root" devices running older versions of Android. Root status allowed the apps to bypass security protections built into the mobile operating system. As a result, the apps were capable of surreptitiously accessing sensitive data stored, sent, or received by at least a dozen other apps, including Gmail, Hangouts, LinkedIn, and Messenger. The now-ejected apps also collected messages sent and received by Whatsapp, Telegram, and Viber, which all encrypt data in an attempt to make it harder for attackers to intercept messages while in transit.
To conceal their surveillance capabilities, the apps posed as utilities for cleaning unwanted files or backing up data. Google said the apps contained evidence that they were developed by a cyber arms company called Equus Technologies. In April, Google officials warned of a different family of Android surveillance apps developed by a different provider of intercept tools called NSO Group Technologies. Those apps were related to the advanced iOS spyware known as Pegasus, which was used against a political dissident located in the United Arab Emirates. In that case, however, the Pegasus-related Android apps never made their way into Google Play.
(Score: 5, Informative) by c0lo on Tuesday August 01 2017, @03:54AM (1 child)
Many Equus Software around, one start-up in Israel [forbes.com] is what you are looking for.
Or read it from the horse's mouth [googleblog.com] - google employees blog (an unfortunate bringing the name of a nice horse breed [wikipedia.org] in disrepute, but who's still checking the trojan horse's mouth nowadays?):
https://www.youtube.com/watch?v=aoFiw2jMy-0
(Score: 4, Insightful) by Rosco P. Coltrane on Tuesday August 01 2017, @11:31AM
The PHA had specific routines to retrieve data from each of the following apps:
•Gmail
•Hangouts
•KakaoTalk
•LinkedIn
•Messenger
•Skype
•Snapchat
•StockEmail
•Telegram
•Threema
•Viber
•Whatsapp
All apps and services that are designed to snoop on you and ass-rape your privacy in the first place. Surprise surprise... I guess their original creators are pissed off that someone else other than them managed to monetize the shit out of your personal data with their very own tools - otherwise you'd never have heard about the exploit.
Anyhow, since I avoid these apps/companies like the plague anyway, I'll be fine :)
(Score: 3, Interesting) by sjames on Tuesday August 01 2017, @04:59AM (3 children)
The scale of the crime is quite large and the perpetrator's location is known. The crime is well documented. So go get 'em!
(Score: 0) by Anonymous Coward on Tuesday August 01 2017, @10:41AM
Crime? What crime? Just good business.
(Score: 0) by Anonymous Coward on Tuesday August 01 2017, @02:08PM (1 child)
They're probably doing nothing because the user pressed "yes, I'll allow access to device filesystem" when opening the application for the first time.
(Score: 0) by Anonymous Coward on Wednesday August 02 2017, @04:17AM
Google has a terrible security model that they're using. The permissions are take it or leave it and are generally much broader than they should be. Apps themselves are allowed to opt you in to privacy damaging modes of operation internally unless you specifically opt out. Which is completely backwards, you should have to opt in to sharing things on your profile rather than out.
The sad thing is that it doesn't have to be such a mess, it's just that the developers didn't feel like doing it right. You shouldn't have to grant such wide access to the files on the phone just so that an application can write saves to a folder that's outside of the app's directory. One thing that *NIX get right is that the saves and configuration files are saved separate from the executables, so if you reinstall, you've still got them. But, you don't have to grant permissions for random other programs to access those directories if you don't want to.
I think the worst one is the apps requesting permission to make calls, that's not something that any app should do unless it's an actual dialer app. Any other app should have to specifically request permission every time it wants to call and not be allowed to call until and unless permission is granted.
(Score: 4, Insightful) by aim on Tuesday August 01 2017, @06:25AM (2 children)
Many Android apps ask for way too many permissions. When I look for some sort of tool, I make the permissions one of my main criteria - does it ask for stuff that it has no business looking at? If so, no thanks! Of course, these are at least obvious, rather than exploiting the OS.
It gets so tedious I hardly ever go through the motions anymore, only install stuff I absolutely have a need for on the mobile - rather than just do whatever it is on my computer.
Frankly, I don't see it matters that much whether you'd get spied on by some state (Equus is probably a front for some secret service), or by whatever private entities out there. Privacy ain't what it used to be... if ever.
(Score: 2) by c0lo on Tuesday August 01 2017, @06:46AM
You'll be surprised I guess by how much money one can make by crafting/selling surveillance tools as a private entity.
E.g.BAE [bbc.com]
https://www.youtube.com/watch?v=aoFiw2jMy-0
(Score: 3, Informative) by bart9h on Tuesday August 01 2017, @04:57PM
When I look for some sort of tool, I always check the F-Droid repository [f-droid.org] first.
In case you don't know, it's like an app market, but with only verified Free software. I currently have dozens of apps installed from there.
(Score: 0) by Anonymous Coward on Tuesday August 01 2017, @03:40PM
Whenever I think of ditching my iPhone to try Android, I read an article like this.
Android is just fundamentally less secure than an iPhone.
iPhone permissions tend to be more granular and the OS is always up to date (unless you decline the updates).
Android is kind of junky. A file cleaner? Or antivirus? What kind of phone needs that?
(Score: 2) by Phoenix666 on Wednesday August 02 2017, @01:07AM (1 child)
A fellow elected official told me she's gotten a couple voicemails from strange numbers the last three days that have my voice trying to sell her financial services. I've heard of voice morphing before but not for a case like hers. Could it be related to the apps in this article? Has anyone else run into something like this before?
Washington DC delenda est.
(Score: 0) by Anonymous Coward on Wednesday August 02 2017, @04:21AM
You can ignore those, they're probably from MDC.