Jump to content

Beware: New Android malware is ‘nearly impossible’ to remove


RV_

Recommended Posts

There is a certain irony in my passing along this information. It wasn't too long ago, 7 or 8 years, when Windows was the primary target of malware and the folks with little market share in PCs were not being attacked as much if at all, and it appeared they were inherently uninfectable to their users. There are folks who still say that and believe it then admit that their favorite OS has been compromised both directly via vulnerabilities and by user error from social engineering getting them to click on an unexpected email attachment or link to a freebie.

 

In the mobile world today the numbers are reversed. Remember when Apple had 4-5% market share in PCs and Windows had all but a percent or two that Linux had.

 

Today Windows mobile has 4-5% and is not really a target yet, because the big money and easy low hanging fruit are the Android and the iOS users today who have the other 95% of market share between them. My mobile Window mobile Lumia phone is not any more secure or less. But I now have security by obscurity. I am not laughing nor trolling or baiting the Linux and Apple folks because Android is a Linux fork OS no?

 

Excerpt:

 

"The company says it observed over 20,000 samples of this type of adware in the digital wild. Some of the malicious apps functioned like their real counterparts, but they all also quietly gain "root access" to a device and install themselves as system applications. That means they have practically unlimited access to files on the device -- a big security and privacy risk. That's why it is so difficult to totally remove the apps

But, luckily, there is a pretty easy way to avoid them: Only install apps from Google's official Play Store.

"Malicious actors behind these families repackage and inject malicious code into thousands of popular applications found in Google Play, and then later publish them to third-party app stores," Lookout noted in a blog post about the malware. That means the victims here were people who went outside of Google's official channels to install the imposter apps.

Some users turn to such markets to take advantage of offers of free or discounted apps, or find apps that don't make the cut in official market places -- sometimes because they rely on pirated material or are hyper-localized to a specific geographic market.

Google did not immediately respond to a request for comment on this story, but the company has long tried to limit suspicious apps in the Google Play store by scanning the market for signs of malware. It hasn't always been 100 percent successful in those efforts, nor has Apple, its main competitor in the mobile operating systems market."

 

The whole article with live links and related content is here:

https://www.washingtonpost.com/news/the-switch/wp/2015/11/06/beware-new-android-malware-is-nearly-impossible-to-remove/?wpmm=1&wpisrc=nl_tech

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Probably the only benefit of Apple reviewing all apps before allowing them on iTunes. Although clever developers can have the code run server side and not have to worry about the review process when updating.

Jayco Featherlite TT

Mets Fan

5 States to GO!

Owner of BasicRV.com

Discount RV Covers, Parts and Supplies

Link to comment
Share on other sites

BasicRV, you missed a key point here, this impacts folks that have disabled the basic Android security policy on apps, not sure if you can do that on Apple or not so it may not apply to them.

 

For Android users, if you disable the basic Android security policy that blocks untested apps from third party app stores you can download something with malware in it? Seems to me that is easy enough to solve, either don't turn off the security or make sure you can trust the third party app store.

First rule of computer consulting:

Sell a customer a Linux computer and you'll eat for a day.

Sell a customer a Windows computer and you'll eat for a lifetime.

Link to comment
Share on other sites

Stanley P. Miller, on 10 Nov 2015 - 5:54 PM, said:

BasicRV, you missed a key point here, this impacts folks that have disabled the basic Android security policy on apps, not sure if you can do that on Apple or not so it may not apply to them.

 

For Android users, if you disable the basic Android security policy that blocks untested apps from third party app stores you can download something with malware in it? Seems to me that is easy enough to solve, either don't turn off the security or make sure you can trust the third party app store.

 

Typical Stan, everything is FUD! Umm Stan, that was the warning, not to go outside the stores either Apple or Android in this case. You did read the article above? That was understood by all. and Yes I had Android and had the setting that prevented me from downloading accidentally or intentionally from outside the Google Playstore turned on to keep it secure.

 

Now Stan, as the article said there are almost impossible to clean infections going on out there if you go outside the respective Android and Apple stores, despite some slipping in in the past.

 

Are you saying these infections do not exist?

 

Stan, why are you restating the obvious?

 

captain_obvious.jpg

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

RV, I believe that was a bit of excessive vitriol.

 

There are several points to the cited article and others:

 

1) If you disable the basic security precautions preset on your device, you are making yourself extremely vulnerable to this sort of attack.

2) If you maintain your basic security presets, there still is, though remote, the possibility of becoming vulnerable. Not all checks by Apple or Google have been 100%.

3) It is extremely difficult to the point of impossible for the average user to totally clean and repair an infected device.

 

Summary: If you dance on the dark side or play it loose with your settings, you are just asking for trouble. If you don't have a virus and malware scanner/cleaner or other protection, now would probably be the time to research, procure and USE one.

Berkshire XL 40QL

Camphosting and touring


Link to comment
Share on other sites

Yep,

Exactly why I posted the article, good reminder to stick with the official store. But the new malware aren't removed by a rest. So now doubly important to not take easily avoidable chances. That's not FUD, that's a fact.

Thanks!

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Chris n Dennis, I'm not sure if a scanner would catch these or not, one sure wouldn't be a bad idea if you are using third party software sources.

 

Since I have a couple Androids that load from third party sources (I do beta testing where this is needed) I gave this a bit more of a look and from what I'm seeing the Shedun, Shuanet, and ShiftyBug malware is using attacks that have been patched on most of the big player's systems, older un-updated ones are still at risk though.

 

The "throw away your phone" claims depend on your device and your skills, if you don't have a factory ROM image available to reflash your phone you'll probably have to toss it and if you don't know how to flash the ROM yourself you need someone that does or you'll need to toss the phone.

 

I see some discussion no removing these from rooted devices that involve loading additional applications that may not be available for all devices and that require a bit of skill beyond Googling up a how-to article.

 

I do agree with your summary, Android or Apple stick to known good software sources and don't root your device or be prepared for aggravation or on unsupported devices pitching them in the trash.

First rule of computer consulting:

Sell a customer a Linux computer and you'll eat for a day.

Sell a customer a Windows computer and you'll eat for a lifetime.

Link to comment
Share on other sites

If you only allow Google Play apps, you also cut off good suppliers like Amazon. I personally don't use Amazon (or anyone else's apps) on my Android devices, but just an observation. Some people like Amazon Prime and their services such as apps you can't get elsewhere.

 

Also, I am using a very comprehensive MacAfee security system on my Android and Windows 10 (as I travel world wide quite a bit) and sometimes it is a pain because of the restrictions but I prefer an occasional extra step or too over the alternative.

 

John

2015 Entegra Aspire 44B diesel pusher with 2017 GMC Acadia Denali toad
Web site, albums, blog and more here

Link to comment
Share on other sites

Hey, don't get me wrong, 3rd party sources can have some really nice wares and yes, I'm sitting on a rooted Samsung phone, and two tablets because I am a budding developer. In all three cases I have knowingly accepted the risks associated with the actions and I'm extra vigilant in knowing what these devices are doing at any given time.

 

What I was referring to are the average users who simply want the durn thing to work right and have some neat things available.

Berkshire XL 40QL

Camphosting and touring


Link to comment
Share on other sites

Same here Chris.. I post for my friends here who are not developers, testers or otherwise very savvy.

I started this out as a FIY for the average users around here, and there was no mention of you Stan,

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

John, Good point. I am an Amazon Prime member and use it extensively on my PCs and of course Lumias. But those just for content like movies, and research/purchases.

 

I chose to go Windows tablets and phones after having Samsung Galaxy Tab 10.1 and 7", and Galaxy Phones for a couple of years. I like the idea of a unified system. But the inevitable growing pains will be there now and into the future. I am sure I'm in for some imperfections and glitches in Windows mobile 10 when they upgrade my phones to10.

 

But I still have my hand in Android only because a person offered me their current model Amazon Fire 7" HDX tablet for 50 bucks like new. We have Kindles and they both were unlighted a basic model and a lighted one. When I got the Fire They put the New Kindle Paperwhite on sale one day for $79.00. Since I have the Fire Tablet with backlight I got my wife that one. But the reasons I am having trouble deciding is not because of money, as the Fire will go for more than the Paperwhite costs.

 

I'm considering keeping it because Amazon offers unlimited photo storage and I can download Prime movies to the device free to watch offline! That is unique! Lots of other bennies with the Fire. The only drawback is the Amazon Android backbone. I do not mind Amazon having my shopping info because they do not send me ads or sell my info to their competitors! Bezos ain't stupid. The screen is gorgeous despite being 7".I just leave it turned off all the time except at night when I read. I keep the WiFi off until I need to do a download found from my other MS devices that is advantageous to do with the Fire. I have only had it a month and like the Voyo micro desktop with the tablet architecture and the Z3735/2GB RAM and 64GB SSD, which dual boots to Android 5 or something, I have had most of my time taken up by the new house and moving in and am still not through finding new places for my old stuff in my new office.

 

So I have to learn a bit about the new Android as I have no touch screen for it. I run the Tablet with a Logitech K-400 keyboard and it is in the LR HDMI out to the TV. It will be interesting only in that I can download the Office for Android Apps and play with them. I found the basics and how to switch back to Windows 8.1. I can learn it more fully later when we have found our permanent TV black Friday ,Cyber Monday, or perhaps even later as we are fine with a plain vanilla 40" LED from the 5th wheel we have for now. We sold the 60" Plasma Panny 1080 we had, another Black Friday deal from several years ago.

 

So I have some Android and Amazon incentives to figuring out the newer Android versions.

 

So I have a dog in this fight, of avoiding infections, especially severe ones in the OS I am least familiar with today.

 

Great point, thanks, I need to be aware too.

RV/Derek
http://www.rvroadie.com Email on the bottom of my website page.
Retired AF 1971-1998


When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius

 

“Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...