Android malware infection

If you love your Google Android phone and keep up with the latest in Android-related news, the chances are that you came across some scary stories recently about a new, malicious program designed to infect them. DroidDream, was the subject of close coverage on Threatpost.com – and within the IT security community, which has been awaiting a tidal wave of mobile malware almost since the fi rst smart phones hit store shelves more than six years ago. But what is DroidDream? And is it something to worry about, or just another example of security companies crying ‘Wolf!’ over something you’re unlikely to ever come across in the real world? To answer your questions, Threatpost’s editors have put together the following Spotlight to take a close look at DroidDream and answer some basic questions that mobile phone users need to know about this new mobile malware.
E-MAN computer care has warned for a while now that as smartphones gain traction, there will be an increasing number of attacks. Anti-virus firm Symantec says that threats have been increasing significantly in recent months after being quite rare, often limited to more proof-of-concept type exploits.
Not only are today’s Smartphone the equivalent of a desktop computer, each one has a connection to not only personal information and the Internet, but also to a carrier billing system–putting would-be attackers one step closer to where the money is.
“For first time in history, a malicious attacker can send a packet of data and money goes flying”. Think about that.”
Already there have been attacks that cause an infected phone to send a premium text message, generating instant revenue for the attackers. Those attacks, against both Symbian and Android, have been confined largely to Europe and Asia–areas where premium SMS is more common and where carriers are sometimes less vigilant about monitoring traffic,
In general, Android malware has been attached to applications–often to legitimate applications–and posted to various third-party stores, rather than to the Google-run Android market. Indeed, sticking to the official stores has been one of two major recommendations from security experts (the other is to pay careful attention to what permissions an app is requesting).
Keeping up to date on a phone’s operating system can also help. Droid Dream, for example, exploited a security flaw that was closed with the Gingerbread release of Android. However, unlike on the PC side, users don’t always get to choose which updates they install, as carriers and device makers often get a say in which apps are provided to customers.
The Android attack is also sure to raise the question of whether an open platform is less secure than a more closed one and also whether it is better to have a curated market or one that is community-managed. Hering said it is not fair to say that Droid Dream suggests Android is more vulnerable, noting that both open and closed systems have their benefits. Open-source code does mean everyone can look at things, but it also gives the community a chance to report flaws before the bad guys do.
Naturally, there is also a market that has emerged for security software that can be installed on a device. Lookout and Symantec both offer phone products, and Hering said that Lookout’s software was updated within hours to protect against infected applications from both official and non-official sources.
Given how quickly Google removed the infected apps, it still makes sense for the cautious to stick to the Android market. However, it is clearly not a failsafe.
The other big recommendation is to not just blindly click OK to all those warnings that pop up when installing an app. On Android and many other platforms, users have to explicitly give an application permission to do certain things, such as access location data or make phone calls.
“If someone is downloading a scientific calculator and it wants to send text messages, it should raise some eyebrows,”
E-man Computer Repair Snohomish