Results 1 to 5 of 5

Thread: ATTENTION: Android Users!!

  1. #1
    Join Date
    Sep 2006
    Location
    Texas
    Posts
    1,349
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Exclamation ATTENTION: Android Users!!

    I have been doing some research on computer viruses for a while now for a class project. I have stumbled upon this article:

    We often blame users for failing to deny permissions required by malicious applications on Facebook or various mobile platforms, but the truth is that the list of permissions is not necessarily an indication of the malicious intent - especially in this day and age when new malware is popping up daily and often uses previously unthought of approaches.

    To prove this point, a number of researchers from the City University of Hong Kong and Indiana University have developed a Trojan for the Android mobile OS that requires very few and seemingly innocuous permissions, which it uses to extract credit card and PIN numbers from phone conversations and send them to a remote server via another Trojan.

    The first Trojan is called Soundminer. It tracks phone calls and has the ability to recognize when credit card and PIN numbers are conveyed via phone conversations. It records only that part of the conversation and sends it to the server by using the Deliverer Trojan.

    Also, the numbers don't have to be spoken for Soundminer to extract them - they can be entered via the numeric keyboard. The tone every key produces while pressed is recorded by the microphone and "translated" into numbers, and again sent to the server.

    The researchers have intentionally developed two separate Trojans for this proof-of-concept attack, since the intent was to make it undetectable both by users and by antivirus software.

    The permissions needed by Soundminer and Deliverer are not unlike permissions asked by many other applications, but combined in one single list might raise the users' (and seller's) suspicion. Therefore, Soundminer only asks permission to record audio and Deliverer to have full Internet access.

    Communication between the two malicious applications and the transfer of the data is also low-key. The researchers took in consideration that the transmission options for the extracted information might be limited and prevented by Android, so they explored and used various covert channels to do it.

    They proved that the alteration of vibration and volume settings, screen states and other modifications that can be executed by applications can be used to stealthily exchange information between two applications. This exchange, the recording by Soundminer and the uploading by Deliverer were not detected by two antivirus solutions as malicious actions and the applications as malware.

    "We note that even though we use credit card numbers as a proof of concept, the same technique can be applied to target other valuable information such as shorter PIN numbers, social security numbers (the last four digits are often requested as part of authentication), passphrases such as mother’s maiden name, and so on," wrote the researchers.
    In other news, FireFox 4 has been released today.(Thanks Markus for letting everyone know.)

    Source: http://www.net-security.org/malware_news.php?id=1605

  2. #2
    Join Date
    Feb 2007
    Location
    Colorado, USA
    Posts
    3,716
    Mentioned
    51 Post(s)
    Quoted
    624 Post(s)

    Default

    Wow that's crazy, that soundminer malware that is.. just goes to show anything that's widely used will start having viruses made for it
    The only true authority stems from knowledge, not from position.

    You can contact me via matrix protocol: @grats:grats.win or you can email me at the same domain, any user/email address.

  3. #3
    Join Date
    Feb 2011
    Location
    Earth
    Posts
    1,784
    Mentioned
    1 Post(s)
    Quoted
    0 Post(s)

    Default

    I knew my Android's security wasn't quite as good as iOS, but it does frighten me a little to see how easily the Android security system was bypassed through trojans with barely any access(I have apps that need access to 6+ things).

    It's a good thing that I never trusted my personal information to my phone, or spoke about it to anybody without being in person. Just goes to show that where there are groups of people, others will be trying to manipulate and take advantage of the weak and foolish(Kinda like us here when you think about it).

    Currently: Working on Defending&Attacking in my Castle-Wars Script
    Project Rebuild: 90M/170M

  4. #4
    Join Date
    Aug 2007
    Location
    Colorado
    Posts
    7,421
    Mentioned
    268 Post(s)
    Quoted
    1442 Post(s)

    Default

    Yeah that's a spooky thought knowing that it's a possible way for people to steal information. I suppose it implies be very cautious of the apps you download and what permissions you give them.

    Current projects:
    [ AeroGuardians (GotR minigame), Motherlode Miner, Blast furnace ]

    "I won't fall in your gravity. Open your eyes,
    you're the Earth and I'm the sky..."


  5. #5
    Join Date
    Oct 2008
    Location
    /root
    Posts
    181
    Mentioned
    0 Post(s)
    Quoted
    1 Post(s)

    Default

    That's why I stick with my crappy old phone, no viruses are getting on this old technology! If I buy an Android phone, it will be purely for messing with it.
    Time is just an illusion, we are all dying from the disease of age.
    When in doubt, please go here.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •