Here's an interesting occurrence. A family member recently accidentally clicked on an advertisement posing as a facebook-esque message indicator. They mistook it for a valid part of the site, and it took them to the porn site "MFUN2U". The site then proceeded to trigger a download of "HotBabe_adm_~.apk" every few seconds. Apparently it was intended that the user click the download message (either accidentally or to see what it is), and hopefully be naive enough to click through the market install screen that would result.
So just a public service announcement to everyone; make sure you keep "Install from unknown sources" OFF whenever you are not actively using it, and watch what you click. Careful not to fall for banners claiming "You have a new message from a friend" or other similar phrases. And if you find yourself at a bad website, you can quickly close it by going into the "Windows" screen from the browser menu.
To those with root, be sure to pay attention to what programs you give access to.
And remember, no operation system that allows users to install programs is "virus proof". Android does not understand the intents of programs beyond its simple permissions, nor can it detect if a program is "good" or "bad". If you install a program that can read your text messages and access the internet, than it can freely do both things, even if it decides to send your texts to a third party site. It already has your consent; you agreed to the permissions when installing it.
For more info, the advertisement was served by AdMob on DeviantArt. The APK package was "com.firstlogix.streammedia.HotBabe", and had the permissions SEND_SMS, INTERNET, and ACCESS_NETWORK_STATE.
Are you sure it's malware and just not some random app that shows pr0n?
Either way, good looking out. Malware or not, I obviously don't want it on my phone.
Should an app to display pictures need to send SMS messages? It might not be, but considering the nature of "delivery", it certainly had bad intentions.
By malware, I don't mean trojans or anything of that nature. Consider that a program with those permissions could retrieve a list of phone numbers and messages from the internet and start sending them from your phone. Could be part of a bot net to send advertisements to others, or subscribe you to payed daily text messages.
At any rate, android has now become large enough to be targeted by things like this.
RoboPhred said:
Should an app to display pictures need to send SMS messages? It might not be, but considering the nature of "delivery", it certainly had bad intentions.
By malware, I don't mean trojans or anything of that nature. Consider that a program with those permissions could retrieve a list of phone numbers and messages from the internet and start sending them from your phone. Could be part of a bot net to send advertisements to others, or subscribe you to payed daily text messages.
At any rate, android has now become large enough to be targeted by things like this.
Click to expand...
Click to collapse
True, true. I'm just thinking to openly about it, lol. Way I look at it: MANY apps need control over things you wouldn't think they would need control over. Seeing as how it's delivered, as you said, certainly implies it's up to no good..
RoboPhred said:
Should an app to display pictures need to send SMS messages? It might not be, but considering the nature of "delivery", it certainly had bad intentions.
By malware, I don't mean trojans or anything of that nature. Consider that a program with those permissions could retrieve a list of phone numbers and messages from the internet and start sending them from your phone. Could be part of a bot net to send advertisements to others, or subscribe you to payed daily text messages.
At any rate, android has now become large enough to be targeted by things like this.
Click to expand...
Click to collapse
Yes, if it's a program that allows pictures to be shared by sms.
amazinglarry311 said:
Yes, if it's a program that allows pictures to be shared by sms.
Click to expand...
Click to collapse
You're way off subject, bro. Read all 3 posts first, not just the second to last.
I've said it before, and I'll say it again... Android's security system needs to offer the user the ability to selectively DENY a program the permissions that it requests.
Note however; this does not imply a virus.
In fact, android is more or less impervious to virii. A windoze virus works because it has ROOT PERMISSION -- does whatever it wants. A linux process is limited to the permissions given to that specific user -- this even applies to a VIRUS process.
In android, EACH APPLICATION (except for shared apps, but they need to be signed by the same key for this to work) has its very own user, so any one application can ONLY access ITS OWN files and that data (not files) specifically authorized based on the requested/granted permissions.
Also note: The access that an application gets from pulling data through the permissions is very limited -- it has to request data in certain specifically configured data sets, and the system responds in a very restricted way to those.
This particular application mentioned can access the internet, read network state (i.e. connected/disconnected), and SEND sms. It can NOT read contact list, and thus cannot spam your contacts. It cannot barf up your system. If you erase it, its gone without a trace.
The WORST it can do is send a billion SMS messages and/or basically hand over your phone number to phone-spammers (i.e. via callerid from the sms).
And contrary to what was said above, the permissions requested are a GREAT way to determine if a program is safe/sensible. If the program does not need the permission but still asks for it, you need to ask yourself WHY it would be asking for it... and IF that program REALLY DOESN'T need the permission, then it is one of two reasons: either the developer is a retard and asked for blanket permissions, or the developer has nefarious intentions. Either reason means that you don't want to install that application (or would, in the least, demand that the permissions be restricted to something more sensible).
If a program doesn't appear to need the permission, then it DOESN'T. Simple as that.
This program is not a virus. That doesn't mean that this program is a good program or is entirely benevolent.
"Virus" has come to be a blanket term now, rather than just something that just spreads itself around. Most would consider a trojan to be a virus, despite the fact that they are usually targeted and traditionally don't send themselves to others. Programs don't need root access to behave in ways you don't want them to. Ask anyone to describe "a program that sends text messages from your phone to spammer companies so they can get your phone number", and they probably would choose "virus".
At any rate, no one ever made the claim that the program was a virus in the traditional sense, just malware. Android certainly has very effective security features, and an apk can't take over the phone (without root permission anyway), but thats little consolation when you have to get a new phone number.
I feel I need to step back and say that this wasn't intended to be reactionary (nor are people treating it as such, but its getting close). This is just a general alert to remind people to pay attention to what they do with their devices, and to be suspicious of any unexplained downloads or other events.
Related
I'm looking at getting a tablet for someone who is not allowed to have unsupervised access to telephones or the internet.
Obviously, she will need to get new apps (that's the point) but she can do that with supervision. We could take her to a coffee shop once or twice a month and do that.
Here are my questions:
1. To prevent her from contacting people through the tablet, would blocking wifi be enough?
2. Is there an app that can password protect wifi? Maybe Tasker?
3. If we could get it blocked, is there a way to browse a list apps offline?
The way u worded this, it sounded like you kidnapped a young girl and your trying to keep her locked up and prevent her from contacting the outside world for help....just sayin
From the Tab.
www.twitter.com/ayman07
cynamun said:
I'm looking at getting a tablet for someone who is not allowed to have unsupervised access to telephones or the internet.
Obviously, she will need to get new apps (that's the point) but she can do that with supervision. We could take her to a coffee shop once or twice a month and do that.
Here are my questions:
1. To prevent her from contacting people through the tablet, would blocking wifi be enough?
2. Is there an app that can password protect wifi? Maybe Tasker?
3. If we could get it blocked, is there a way to browse a list apps offline?
Click to expand...
Click to collapse
In the event you have not kidnapped a child and instead are an overprotective parent please stop.
I work for T-Mobile and hear this too often. You want to do something nice and give them a tab/phone, but with strings attached. Generally if someone wants to do something like access the Internet they will. If you want to protect this person from the harmful things like Internet, porn, free speech, and abortion you should buy this person a book.
At the end of this you will fail. You will find out how to block the Internet or prevent some access, but they will find out how to get what they want out of the tab.
I was trying to be vague but I see people are filling in the blanks. I work as a behavior analyst. This particular client has a state-approved rights restriction that has to be evaluated annually and approved by a committee.
She has an intellectual disability and AFAIK never owned a computer. So we're not dealing with a hacker or a clever and determined kid.
I agree that there's no foolproof way to stop someone but I think a reasonable barrier will work for her. It has for telephone use.
Do you know of anything I could try? I'm not going to use anything that the team doesn't approve.
Ensure that all the other networks in the area are secured
Sent from my GT-P1000 using XDA App
In many application downloaded from market, like anysoftkeyboard, there is a popup warning window that says "the application may be able to collect all the text you type... passwords, credit cards numbers(!!!) etc.". The preinstalled applications on a device do the same? Finaly is the android applicable for secure usage in everyday transactions like online shopping or internet banking?
sinnaiy said:
In many application downloaded from market, like anysoftkeyboard, there is a popup warning window that says "the application may be able to collect all the text you type... passwords, credit cards numbers(!!!) etc.". The preinstalled applications on a device do the same? Finaly is the android applicable for secure usage in everyday transactions like online shopping or internet banking?
Click to expand...
Click to collapse
Not 100% sure as I didn't write the apps, but as far as I know, it doesn't actually "collect" your passwords and credit card numbers in the sense of stealing it...but rather certain keyboards allow you to add custom words into the dictionary. For example, if you were to write "ROFL," this obviously wouldn't be in the dictionary. If you choose to add this word to the dictionary, the keyboard will effectively collect (store) the word. So, as you see, the keyboard only "remembers" the words, with your approval, to make typing easier for you in the future.
Keyboard could collect key data, but they need internet access to send them to other people. So if the keyboard doesn't has got full internet access you're safe. (Unless it saves data to SD and another app sends that file to server, but most keyboard doesn't has got SD-card write access)
fifarunnerr said:
Keyboard could collect key data, but they need internet access to send them to other people. So if the keyboard doesn't has got full internet access you're safe. (Unless it saves data to SD and another app sends that file to server, but most keyboard doesn't has got SD-card write access)
Click to expand...
Click to collapse
In a perfect world this would be true but there are a few eploitable holes to pass that data to the internet.
Just because an app doesnt have the INTERNET permission does not mean it cant send out certain data.
Some of the exploits are known but I'm not going to go into detail about them. Just be sure you trust they keyboard people before installing their keyboard.
I think you don't have to be afraid as long as you use the stock keyboard. If you use an other one check what was said in tue prevoius posts. And don't forget, Google doesn't checks the apps, this message is shown for every keyboard to let you know the risks
Sent from my GT-I5700 using XDA Premium App
Hello all: I have an HD2 and gotta tell ya all that I simply can't fathom the amount of time and dedication that the developer of sd and nands have devoted to the cause of an improved hd2 enviroment. Thanks to all.
That being said, there are some things that if I weren't as old as I am and had some time and experience in this area, I would have changed. Those are: Sms redundancy. Yes, it's in the front screens (taskbar). that's one. It's in the inbox (ridiculous). It's in the bubbles (or without), but still in that component, and finally it's in regular sms. Please make it all one, please. You don't seem to be able to eliminate any of them.
Forget the request to download an mms. Come on, we've already paid for the service. Virtually every phone in the world has mms capabilities. It's become the world standard. so why even ask to download it and go through the trouble. Are we trying here to save some data charges or what?
Dual contacts apps within the roms is annoying, and unnecessary. Both have to be accessed separately in order to retrieve certain types of info, or add info, such as the way you want the contact filed. There's no provision for additional fields which is a real must for those in business who use the phone as a portable data device and office. If a developer actually gets the urge to do this, then have a translation of the field into an Outlook info data withing the contact instead making it disappear entirely. I can't tell you how many contacts I've lost because of that I know it's not your doing; it's MS. Also make the references to social services with the 'info' section of the contact, hidden. that's dumb. Also make the 'info' clear and immediately available on the opening screen of the contact. (I've come from two year user of the iphone within a T-mobile environment. Apple uses its cerebellum when devising contacts, calendar, alarms, reminders, notes, etc. I simply got away from it because I wanted to enter a true 3g environment and an improved camera).
I don't have the time to continue, but there are so many areas that could be improved on to give us all a really great phone experience. I know you'll say 'Android', but that is lacking in so many areas as well that I can't believe it's gotten the kind of accolades that it has. I could go on about that for an hour.
Anyway, again thnx to all who selflessly (I call it that cuz really the remuniration is minimal) have devoted the time to these roms.
It worrys me when I try to install a new app, only to see a long list of permissions its requesting. Why would a simple game require it access my call logs, phone number etc...
Is there anything built into custom roms that prevents this private data being sent out? Can these apps really pull your info such as your whole contact list and call history?
I just installed an app called LBE privacy guard, and even Launcher Pro is trying to access my call logs and sms messages. Ive set most all apps to restricted on it and my security log is full of downloaded apps trying to access my info.
redspeed said:
It worrys me when I try to install a new app, only to see a long list of permissions its requesting. Why would a simple game require it access my call logs, phone number etc...
Is there anything built into custom roms that prevents this private data being sent out? Can these apps really pull your info such as your whole contact list and call history?
I just installed an app called LBE privacy guard, and even Launcher Pro is trying to access my call logs and sms messages. Ive set most all apps to restricted on it and my security log is full of downloaded apps trying to access my info.
Click to expand...
Click to collapse
CM7 allows for the ability to restrict permissions for specific applications(not finished yet), but that's the only one.
FWIW, Launcher Pro requests those permissions to do little "pop ups" on the dock for missed calls and text messages.
Decad3nce said:
FWIW, Launcher Pro requests those permissions to do little "pop ups" on the dock for missed calls and text messages.
Click to expand...
Click to collapse
That makes me feel a little bit better at least. Thought Launcher Pro was betraying me by stealing my info
When an app requests permissions like read contact data- does it actually have the ability to go through my private contact list and send back the names and phone numbers to their server?
I've always thought it funny that people who worry about data security will install a ROM built by a semi-anonymous chef. At least when you deal with Samsung and Sprint you know who has to answer for any problems. With a cooked ROM, who knows what could be in there?
I don't know what they would want to do with anyone's contacts but like posted above most apps use notification features even though some don't use the feature that often it is still available I trust that Google's os has certain inalienable features to keep app in check and make sure data is safe..... I haven't heard of anyone being killed or follwed because location data was sent to a corporation .... now calleriq is something to be requined with...
No one show the OP what carrieriq is ...lol
Sent from my SPH-D700
poit said:
I've always thought it funny that people who worry about data security will install a ROM built by a semi-anonymous chef. At least when you deal with Samsung and Sprint you know who has to answer for any problems. With a cooked ROM, who knows what could be in there?
Click to expand...
Click to collapse
I believe moderators examine Roms for that sort of thing. Also, if it was found out that someone was doing that, there would be some major problems.
Someone please help! Having read the very little amount of content I can find so far, I am extremely concerned that somehow some or all of my text messages are being relayed to an email account via the Service (SmsRelayService) that is running under the app Exchange Services.
I don't seem to be able to find anything conclusive, but what I have found is that it is likely to be relaying text messages to an Exchange Account?
I can stop the Service and it stays 'stopped' until a text message is received and it starts running again.
Now have a Note 4, having upgraded because my last handset appeared to have been tampered with and was also behaving in this manner, as well as my Google Location History recording me in places that I never was. On that handset there were even more questionable apps running, one of which appeared to be some form of spyware when searched in Google!
Is there any way that you can dig deep into the operating system of the device and see what is going on?
Is there any way of identifying is my suspicions and those of others that I have seen post similar stories are correct?
One of the reasons I started to question it initially and then look into it was because I was receiving overly descriptive and some unnecessary text messages from someone and at the same time, another device nearby was demonstrating email notification sounds!
Not only that, but certain things that I had not discussed with certain people, but had discussed over text with others (in no way related or connected) were being brought up!
Help please.... is SmsRelayService under the app Exchange Services something to be worried about?????
I was also shocked by the lack of information on this "SmsRelayService" There are tunz of questions out there about it.
After much research and messing with my phone I feel the service is stock BUT can be hijacked by some unknown application to send all texts to a 3rd party. My x was getting my text messages somehow. In her email account i found she had set up a service on her own phone first to test and she would receive every text on the phone and also location. I assume she set it up on her own phone first to figure it out then she put it on my phone. I have a rooted phone with a custom rom. strangely the SmsRelayService had permission for EVERYTHING on my phone. From sms to photos and every single admin right possible. I doubt this is normal for that service. my custom Rom has a "App ops" menu that shows what the service has used or not. In my case it looks like she was only accessing my sms messages. Killing the service did not help as when a new text came in it started back up and accessed the new messages. Once i removed all the permissions for "SmsRelayService" in the "App ops" menu i no longer had the problem of the service accessing the texts. Without this menu option i don’t know how i would have stopped it. I'd assume there is an app or process killer out there that would have been able to shut it down but it'd take someone else with a normal rom to let us know.
in my case I’m lucky it was only sms's. It looks as though whatever she put on my phone was only getting sms's. the app having access to all rights on the phone a better or more in depth spy app/program could have accessed much more. Only spying my sms activity i did not notice ANY extra battery drain. Also this app is known with Microsoft exchange and that messes up a lot of the research. I have never setup any other account but a gmail account so without a link there i don’t know why else it'd been activated in the first place if not for a spy app. I'll try and post back in a few weeks after i'v been able to see if she suddenly doesn’t have information that she shouldn’t know.