New DroidKungFu Malware


Well there is something not being talked about a lot. NC STATE UNIVERSITY professors have discovered malware being distributed from 3rd party app sites (people getting paid apps for “free”). You can read the FULL ARTICLE here, but here is a synopsis:

These sites give paid apps for free. Often times they have permissions the original app did not ask for. Why?

Because it can use your phone as a bot, making it run scripts that you don’t even realize. It can read your contact data, your history, your chats, etc. It’s bad people.

What can you do?

Use Legal Markets!

Pay notice to app Permissions.

PAY for PAID apps – support the people making your phone better.

Thoughts?

Advertisements

About s15274n

I will do what I can to help support the Android Community!

Posted on June 7, 2011, in Malware and tagged , . Bookmark the permalink. 9 Comments.

  1. Based on my experience with Applanet, I absolutely HAVE to get security software for my phone – even willing to pay if it’s a good one… Any recommendations?

    • I believe the majority of people would say that Lookout Mobile is the best. Here is a LINK to it man!

      • Awesome… just downloaded and now I’m more scared then before! Should I be paranoid? I have 19 apps that can track my location, 30 that read identity info, 4 that access messages and 6 that access contacts. My biggest concern (besides Big Brother tracking my every move (c; is the contacts! Why do I have to allow these apps to get information about all of my friends? This just seems like a direct marketing scam and nothing else… I know they’re standard apps (Pandora, Google Maps) but Barcode Scanner? LinkedIn (my own fault, I’m sure…) I’m fine with sharing my own information, but have a big issue with selling out my friends…

        Is there anything I can do? Should I be paranoid? Is this just the level of privacy we have grown to accept in technology? I don’t even have a MyFace account, how does my personal information get sent so many places?

  2. Haha, Lookout does have the ability to scare you. Things to note, that are important…. some of those apps legitimately need those permissions to perform the functions the market demands from the app.

    ie, Pandora.. yeah, it streams music… why would it need contact access?

    Well, perhaps you want to share the latest song you tracked with a friend, or email it to yourself as a reminder or post it on twitter. These things are normal, and NOT something to be concerned about.

    You noted Barcode Scanner (amazing app) and it too has the ability to share tagged items. Not a concern. Email or post anytime you have a question on this man.

    Lookout has the ability to run in the background on a schedule… you can also hide the amazingly annoying notification icon!

  3. Kiteflyer130

    Ok, that’s a great explanation…

    In the words of the great Harvey Danger (Flagpole Sitta’) “paranoia paranoia everybody’s coming to get me/
    just say you never met me/ i’m going underground with the moles”

    (Funny, but I just learned the end of that line… never could understand it in the song…)

  4. Two suggestions:

    1. Don’t steal apps. Stolen “warez” apps are very likely to contain a virus. I might be wrong, but I was under the impression that “applanet” was a warez website offering hacked paid apps for free.

    2. LBE Security App. It’s free in the market, and lets you know (and BLOCK) what apps are accessing what permissions when, and keeps a log of it all. Block apps from getting your IMEI, or accessing contacts, or the web. Set it up to automatically block, always allow, or “Prompt” each time. Excellent security app!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: