There is a rogue application in the Android Market, from the Android Central post:
Lookout says that one or more of these apps are stealing your data and sending it to an unknown person or persons in China. Yup, innocent looking wallpaper apps. According to Lookout, the app(s) in question are collecting:
* browsing history
* text messages
* your SIM card data
* subscriber ID
* voicemail password
Click to expand...
Click to collapse
Follow the link provided for full information and remember, keep an eye on the permissions screen whenever you install an application!
Reporting a maliciois app in Android Market
RE: Homerun 3D and Slice It
I searched for a proper place to ask this, and describe what I found, and found this thread. I am aware Google has a malicious app reporting process, but I was wondering if any of the great minds here know of a more efficient means to get an app scrutinized by the Market powers-that-be.
The App is a duo, really, that I know of so far. I did not go too far with my investigations once I determined this is a Chinese company (remember the lcd picture frame Trojan?) and once I saw what I did.
I downloaded "Homerun 3D" for my EVO 4G (cyanogen mod), a kick ass batting game to which I quickly was addicted. However, as is common with many apps, during transitions (ad breaks) it would overlay a large ad for various other apps, but the most heavily pushed app (by an estimated 9:1 ratio relative to other apps) was "Slice It", offering extra bonuses in the Homerun 3D game if you DL'd it. I dl'd it and installed it, but once I opened it, superuser notified me it was attempting root access. Of course, this is a HUGE deal, in fact I'd say (and request feedback from those in the know) that proves it is a malicious app, given that no where did it mention that it needed or would use root access. I can't fathom this being an 'honest' developer's mistake.
So I denied it root access and it launched anyway. Hm. In other words, an ingenious method to check for unlocked doors without having to set up a complex ruse of creating an app that notifies it will need to have root access to work. Just write a kick ass fun and addictive 'innocent' app, heavily push and offer incentives to dl and install a so-so app that checks for an exploits unprotected root access, and wah-la, due to the intensely developed dun and addictive nature of the 'innocent' app, you have a much wider distribution of your Trojan that ostensibly gets more chances of hitting an unlocked door. By adding the extra layer of an 'innocent' app, that high-end intensely developed app continues to be listed on the market and continues to push the simple trojan app and so only the trojan app gets removed once discovered. All that the devs need to do then is quickly hammer out another trojan simple app, and update the high-end app to push the new low-end app, instead of developing a whole different kick ass app each time they're discovered.
It's the equivalent of a legit door-to-door cable tv salesmen heavily referencing an unscrupulous installer who is known to sneak around the your house looking for unlocked drawers, cabinets, etc. The fact that the legit cable salesman heavily references him makes that cable salesman very suspicious.
So, while I suspected the Homerun 3D app was complicite given the heavy pushing of the 'Slice It' root checking app, I kept poking around. I looked at the "credits" and while seemingly not hiding the fact they all had Asian sounding names, the use of the middle name nick (as in Jung "Madman" Li) seemed overdone, as if they used corny English nicks, almost too corny to be real, to appear disarming.
But the final straw was when I looked at one of the standard banner ads that run along the bottom of the screen during gameplay. It was a generic Best Buy (low res graphics at that) ad for a $349 laptop. I clicked it and it took me to an ad proxy URL which reported it could not resolve the URL. But get this...the URL of the ad proxy showing in my browser window was:
fraud.mojility.com.
Hm. Not sure why mojility would redirect a banner add to land on a URL with "fraud" in its address, and yet not explain why, but all my circumstantial evidence put together (as if Slice It's secret root checking is not enough in and of itself) warrants a report, I think.
1. Homerun 3D app heavily pushes obvious Trojan app.
2. Homerun 3D app contains at least one banner that directs to a fraud URL.
3. Homerun 3D app credits seem concocted.
4. Slice it app SECRETLY checks for root access, works anyway when denied.
So, thoughts about my tentative conclusion? And if it's agreed, anyone know a more efficient means to alert of a potential malicious app than the Android process?
I'm in contact with someone at Google about this, ohiojoe.
according to a post in a german forum the su request is caused by moblix ad sdk. Imho that doesn't make it any better but the contrary.
I reported them to Google. For me Com2us is dead, will ignore all their games from now on.
Damn, that's scary, thanks for the heads up!
There was some game I installed that was made by some Chinese company. Shortly after people on my gmail contacts started getting spam from me.
I logged into gmail and had a red bar that said my account was being frequently accessed from china.
I quickly changed the password and uninstalled the app.
Stonent said:
There was some game I installed that was made by some Chinese company...
Click to expand...
Click to collapse
Remember the name?
Sent from my Evo using mikfroyo 4.5
Yea, Android is so vulnerable, they should implement into the OS a tool that manages what parmissions a user allows or denies from an app. Like in the old times with Sony Ericsson Walkman phones.
Here in android you install and app, and everything it comes with it...
There an app called Permission WatchDog it's useful it identifies the permissions of apps, but just that.
I haven't been hacked on sending SMS spam, but I have received some spam, only in SMS thought. And just that thanks God.
Mostly after I had installed an app of galleries of pictures...
And what's obiously suspecious, are those.
And those that shows you a picture after you finish a call...-.- WHAT THA FCK!! How ridiculous!
Why tha #$%& would you ever install such crap app?
I ve never installed those, except the galleries ones (asian girls gotta say), but for some reason they're not working for me anymore, I wonder why?..
Neighter I install those crappy ass games, only Raging Thunder and such, which are worth of being developed for a "smart phone"....
Sent from my T-Mobile myTouch 3G Slide using XDA App
Damn,better install an antivirus...
thx for the heads up
Thank for the heads up!!!!
ohiojoe said:
RE: Homerun 3D and Slice It
I searched for a proper place to ask this, and describe what I found, and found this thread. I am aware Google has a malicious app reporting process, but I was wondering if any of the great minds here know of a more efficient means to get an app scrutinized by the Market powers-that-be.
The App is a duo, really, that I know of so far. I did not go too far with my investigations once I determined this is a Chinese company (remember the lcd picture frame Trojan?) and once I saw what I did.
I downloaded "Homerun 3D" for my EVO 4G (cyanogen mod), a kick ass batting game to which I quickly was addicted. However, as is common with many apps, during transitions (ad breaks) it would overlay a large ad for various other apps, but the most heavily pushed app (by an estimated 9:1 ratio relative to other apps) was "Slice It", offering extra bonuses in the Homerun 3D game if you DL'd it. I dl'd it and installed it, but once I opened it, superuser notified me it was attempting root access. Of course, this is a HUGE deal, in fact I'd say (and request feedback from those in the know) that proves it is a malicious app, given that no where did it mention that it needed or would use root access. I can't fathom this being an 'honest' developer's mistake.
So I denied it root access and it launched anyway. Hm. In other words, an ingenious method to check for unlocked doors without having to set up a complex ruse of creating an app that notifies it will need to have root access to work. Just write a kick ass fun and addictive 'innocent' app, heavily push and offer incentives to dl and install a so-so app that checks for an exploits unprotected root access, and wah-la, due to the intensely developed dun and addictive nature of the 'innocent' app, you have a much wider distribution of your Trojan that ostensibly gets more chances of hitting an unlocked door. By adding the extra layer of an 'innocent' app, that high-end intensely developed app continues to be listed on the market and continues to push the simple trojan app and so only the trojan app gets removed once discovered. All that the devs need to do then is quickly hammer out another trojan simple app, and update the high-end app to push the new low-end app, instead of developing a whole different kick ass app each time they're discovered.
It's the equivalent of a legit door-to-door cable tv salesmen heavily referencing an unscrupulous installer who is known to sneak around the your house looking for unlocked drawers, cabinets, etc. The fact that the legit cable salesman heavily references him makes that cable salesman very suspicious.
So, while I suspected the Homerun 3D app was complicite given the heavy pushing of the 'Slice It' root checking app, I kept poking around. I looked at the "credits" and while seemingly not hiding the fact they all had Asian sounding names, the use of the middle name nick (as in Jung "Madman" Li) seemed overdone, as if they used corny English nicks, almost too corny to be real, to appear disarming.
But the final straw was when I looked at one of the standard banner ads that run along the bottom of the screen during gameplay. It was a generic Best Buy (low res graphics at that) ad for a $349 laptop. I clicked it and it took me to an ad proxy URL which reported it could not resolve the URL. But get this...the URL of the ad proxy showing in my browser window was:
fraud.mojility.com.
Hm. Not sure why mojility would redirect a banner add to land on a URL with "fraud" in its address, and yet not explain why, but all my circumstantial evidence put together (as if Slice It's secret root checking is not enough in and of itself) warrants a report, I think.
1. Homerun 3D app heavily pushes obvious Trojan app.
2. Homerun 3D app contains at least one banner that directs to a fraud URL.
3. Homerun 3D app credits seem concocted.
4. Slice it app SECRETLY checks for root access, works anyway when denied.
So, thoughts about my tentative conclusion? And if it's agreed, anyone know a more efficient means to alert of a potential malicious app than the Android process?
Click to expand...
Click to collapse
Hmm. SliceIt does request root. That must be a new thing because it's never done it in the past. Its permissions don't look like anything serious, though.
stupid asians always wanna give us some viruses
Thanks for the look out, bro. What's the point of third party sabotage anywhays, haha
Sent from my HTC Desire Z / T-Mobile G2 (HTC Vision)
If u remove the app does it get rid of it all together r is it to late?
Sent from my SGH-T959 using XDA App
jstevenson1017 said:
If u remove the app does it get rid of it all together r is it to late?
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
In my case, I had removed the app already, I received like 2 or 3 sms spam messages but it later stopped.
Sent from my T-Mobile myTouch 3G Slide using XDA App
I better watch myself.
I'm the OP. Sorry just now getting back this. As I said before, I did not grant Slice It the access it wanted, and it launched anyway (meaning, it didn't need it....just 'wanted' it) but did NOT have any access to my root, so I had no issues.
However, Googling it I saw at least one nit wit (read: a text book example of why not just ANYone should root their phones) report that he gave the Slice It app Su access and was posting that he dint see why it needed it. So, Slice It apparently targets unprotected root phones and nit wit owners of Su protected root phones.
Sent from a corrective lens wearing eskimo translating Turkish smoke signals viewed over a streaming webcam at 640x480 resolution via a U.S. Robotics 14.4 Hayes compatible modem.
Related
http://www.engadget.com/2010/07/28/new-licensing-service-replacing-existing-copy-protection-metho/
Looks like pretty soon the days of people copy and pasting apk's all over the place are coming to an end.
I hope this doesn't make theming harder.. We'll see.
From reading that article,
Seems like airplane mode or a firewall would crush all the hopes and dreams of google and app devs.
It seems that every time we open an app it needs to verify that it's been paid for by contacting a "licensing" server and retrieving a response.
I feel like that could slow down launch times, and being unable to use an app when offline would be like UBISOFT hell all over again.
I really hope google puts a lot of thought into this..
I wonder if this if already being done? Every time I try to play that golf game on my EVO on an airplane while the radios are off I get a FC when it starts. As soon as I an on the ground and turn the radios on the game works fine.
Sent from my PC36100 using XDA App
what if you are in an area with no signal or on a plane or something? you cant open any apps???
This is already in place in a number of apps, one is IP Cam Viewer.
I paid the money for it. I transferred all my files to my wife's Evo 4G, and thought "hell I'll see if it works..." Well it didn't. When I try to open the app, it tells me that I have to purchase it from the marketplace.
I'm all for buying apps when they're good, and I understand single user licensing. Guess I was just hoping I wouldn't have to spend double the money for all the apps I use.
simplyphp said:
This is already in place in a number of apps, one is IP Cam Viewer.
I paid the money for it. I transferred all my files to my wife's Evo 4G, and thought "hell I'll see if it works..." Well it didn't. When I try to open the app, it tells me that I have to purchase it from the marketplace.
I'm all for buying apps when they're good, and I understand single user licensing. Guess I was just hoping I wouldn't have to spend double the money for all the apps I use.
Click to expand...
Click to collapse
I've heard of couples sharing the same email as apps get replicated on the two phone
I can confirm that they don't get replicated..
I have two evo's right now under the same email and they're definitely not replicating crap.
cahiatt said:
I wonder if this if already being done? Every time I try to play that golf game on my EVO on an airplane while the radios are off I get a FC when it starts. As soon as I an on the ground and turn the radios on the game works fine.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Now that's a problem I understand about paying for apps but not working when I'm in a place with no signal. I see a law suit brewing up. I paid for the app I should be able to use the app whenever I want to. Class action law suit coming real soon.
Sent from my PC36100 using Tapatalk
Crap....
"A limitation of copy protection is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, a copy-protected application cannot be downloaded from Market to a device that provides root access"
...Seriously???
EDIT - the above quote was misrepresented in the place I copied from...research shows it to be misleading. the actual bit of Google's text is posted over on page to of this thread. disregard my indignation in this post...
This is discouraging, because a lot of people like to try the full before they buy it expecting more than what full has to offer, only to be disappointed later.
willwgp said:
This is discouraging, because a lot of people like to try the full before they buy it expecting more than what full has to offer, only to be disappointed later.
Click to expand...
Click to collapse
You do get a 24 hour refund option when you buy from the market so I'm not worried about trying before you buy. I do worry about not being able to play something when I'm in the bathroom at work because I don't get a signal there.
well how many ppl do actually piracy apps??? oh my bad forgot that this is Android, for a second i though it was apple!!
Just to clarify a couple of things:
There are 2 ways to use the Licensing - one is Strict - you CAN NOT USE THE APP WITHOUT ACCESS TO MARKETPLACE. Personally, screw that.
Option 2, however, is a non-strict policy. Server managed, where the license is 'cached' to storage. You also can programmatically set how long your app can be used without any license check.
That'd be the way i go
josue85 said:
You do get a 24 hour refund option when you buy from the market so I'm not worried about trying before you buy. I do worry about not being able to play something when I'm in the bathroom at work because I don't get a signal there.
Click to expand...
Click to collapse
That'll be up to the developer. I like this approach, as I'd be happy to do say... a 5-7 day turn around on the license check. After 7 days with no data signal, seriously, where the hell are you? LOL
Besides, if you've used a paid app for 7 days, and by that time can't decide if you need it or not - wow.
And of course, as soon as you got signal again, the license check would go through and you can use the app again, no problem.
I'm sure there will be UbiSoft and EA style implementations though - way too damn draconian for my tastes. I don't care to know every single second that someone's using my app. I would just like to know that they haven't 'copied that floppy' as it were LOL
I have no doubts this will be defeated in time, though. All it would really take is mimicking the server license response, which can be extracted from the locally cached license of an actual paid product.
People that pirate software are going to do it, regardless. Don't make the honest people pay the price of draconian DRM.
The best approach I can make as a developer, is give my customers the features they want, in a stable, good performing package, and discourage 'casual' piracy. Beyond that, it's out of the developer's control, and honestly, any more than that usually just pisses off the customer and annoys the pirates for about a day and a half.
Ok...had to read the SDK paperwork as I really wanted to know this...my previous post was incorrect and here is the update...
From Google:
Android Market Licensing is a flexible, secure mechanism for controlling access to your applications. It effectively replaces the copy-protection mechanism offered on Android Market and gives you wider distribution potential for your applications.
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, an application using the copy-protection mechanism cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
With Android Market licensing, you can move to a license-based model in which access is not bound to the characteristics of the host device, but to your publisher account on Android Market and the licensing policy that you define. Your application can be installed and controlled on any compatible device on any storage, including SD card.
Click to expand...
Click to collapse
Also...there are options for the Devs to allow for apps to be used a chosen number of times before they need to check in for licenses. Strict has to check in every time....other option allows dev to choose based on times used or time since last check in.
SO...all in all I am much less worried about this now.
topdnbass said:
I can confirm that they don't get replicated..
I have two evo's right now under the same email and they're definitely not replicating crap.
Click to expand...
Click to collapse
With licensing the dev can choose whether an app can be accessed from different phones. It is an option...
(greeked...multiple times)
Question: Does that mean we won't be able to open, modify, and resign apks? Like...to change the appearance (make a widget clear, etc).
More like bad news for paying consumers. That's who always pays for everything. Those of us who actually buy the products.
I plan on speaking with my wallet. I wont buy any app that requires I have an internet connection.
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, an application using the copy-protection mechanism cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
Click to expand...
Click to collapse
Wait so according to google us rooted folk couldn't download copy-protected apps before now?
Urrr, i think im missing something
This is actually a nice implementation for both the software developer and the user. Most will implement this where it only has to check-in every week or two. So the odds of getting caught in a spot where there is no connection is low.
At the end of the day, it is a pretty straightforward way to handle copy protection that really shouldn't inconvenience anyone.
Also it will bring more developers to the platform if they know they don't have to worry as much about piracy.
Piracy will still run rampant. People will find ways to circumvent this, that's just how it is. At least it will curb some piracy since copying and pasting an apk file wasn't much of a deterrent.
Google pulls 56 malicious apps from Android Marketplace
original source: http://blog.mylookout.com/2011/03/s...-found-in-official-android-market-droiddream/
List of malicious Android App that steals your information and download additional craps to your phone
Full list Developed by “Myournet”:
Falling Down
Super Guitar Solo
Super History Eraser
Photo Editor
Super Ringtone Maker
Super Sex Positions
Hot Sexy Videos
Chess
下坠滚球_Falldown
Hilton Sex Sound
Screaming Sexy Japanese Girls
Falling Ball Dodge
Scientific Calculator
Dice Roller
躲避弹球
Advanced Currency Converter
App Uninstaller
几何战机_PewPew
Funny Paint
Spider Man
蜘蛛侠
Full list Developed by “Kingmall2010″:
Bowling Time
Advanced Barcode Scanner
Supre Bluetooth Transfer
Task Killer Pro
Music Box
Sexy Girls: Japanese
Sexy Legs
Advanced File Manager
Magic Strobe Light
致命绝色美腿
墨水坦克Panzer Panic
裸奔先生Mr. Runner
软件强力卸载
Advanced App to SD
Super Stopwatch & Timer
Advanced Compass Leveler
Best password safe
掷骰子
多彩绘画
Full list Developed by “we20090202″:
Finger Race
Piano
Bubble Shoot
Advanced Sound Manager
Magic Hypnotic Spiral
Funny Face
Color Blindness Test
Tie a Tie
Quick Notes
Basketball Shot Now
Quick Delete Contacts
Omok Five in a Row
Super Sexy Ringtones
大家来找茬
桌上曲棍球
投篮高手
Personal warning I'll also include AppsPlanet into those list if I were you.
Some of them seem like the standard spammy, suspicious apps that I naturally avoid, but some of them actually look like popular apps - i.e. the advanced stuff, app uninstaller. Fortunately I don't have any of those stuff on my phone though. And if I'm putting something up from non- android market like over here on XDA perhaps, that I'm suspicious of I tend to scan it first (both on my PC and then on my mobile as well). And even on market I prefer to download apps that have many downloads and comments. Can't be too careful.
What's that pewpew thing? Not the same as this:https://market.android.com/details?id=com.jyaif.pewpew&feature=search_result is it?
syrenz said:
What's that pewpew thing? Not the same as this:https://market.android.com/details?id=com.jyaif.pewpew&feature=search_result is it?
Click to expand...
Click to collapse
yes, it's that one, but seems like there was a fake copy of it floating in market
i was afraid too when i saw it, as i did install the legit one, but wasn't sure about the developers name
Yeah, that's the only thing that I installed so I was worried for a moment there.
The original source is reddit.
http://www.reddit.com/r/Android/comments/fvepu/someone_just_ripped_off_21_popular_free_apps_from/
The whole market is just plain broken and it's a nightmare. It's embarrassing that the author of one of the apps has been complaining through every means possible to google for over a week to get pirated copies of his software taken down (he didn't realize they were injected with malignant code though). So, finally someone notices the developer name looks fishy for one of these apps and is curious to take a look inside the files and sees rageagainstthecage, pokes further, is horrified consults others and posts to reddit. Android Police picks it up and the story starts to spread and then finally google pays attention.
Google really needs to respond. The market.android.com website is so freaking buggy. Imagine if someone figures out how to use web install to push infected crap onto peoples phones. It almost makes you pray to Motorola to also signature check /system. Almost.
What's the deal with raceagainstthecage? Isn't that what we used to root XT720?
syrenz said:
What's the deal with raceagainstthecage? Isn't that what we used to root XT720?
Click to expand...
Click to collapse
Indeed. We use rageagainstthecage to install superuser and then we use superuser instead of rageagainstthecage to get root afterwards. Superuser is designed to be well behaved and everything else is built to cooperate and behave with superuser. The trojaned apps use rageagainstthecage to basically do whatever they want. It doesn't use superuser, so you don't see any notifications.
that's for all the info Mioze7Ae
that's very insightful
As far as I see I did not install one of these apps- but I would like to know anyway what should be done if one did install a malicious app- just remove it? Or better reflash the rom?
Theres already a thread for a patch here at xda:
http://forum.xda-developers.com/showthread.php?t=977154
And somebody developed an apk to search for an infection and to create a so-called stop file to prevent infections in future.
DroidDreamKiller
Is this really checked thoroughly?
'Cause I know at least Finger Race isn't malware at all.
Vistaus said:
Is this really checked thoroughly?
'Cause I know at least Finger Race isn't malware at all.
Click to expand...
Click to collapse
I think clone apps were showing up. You really have to pay attention to the developer
Sent from my XT720 using XDA Premium App
exactly many legit apps and games
were cloned, then injected with Trojan, and then release back to android market.
it confuses the hell out of people
ronnbon said:
As far as I see I did not install one of these apps- but I would like to know anyway what should be done if one did install a malicious app- just remove it? Or better reflash the rom?
Theres already a thread for a patch here at xda:
http://forum.xda-developers.com/showthread.php?t=977154
And somebody developed an apk to search for an infection and to create a so-called stop file to prevent infections in future.
DroidDreamKiller
Click to expand...
Click to collapse
Apparently droiddream creates a /system/bin/profile as part of it's install process (doesn't exist otherwise). Creating that file tricks the current version of "droiddream" into thinking it's already been installed. The apps have been pulled from the market, so you won't be able to install it anyway without sideloading and you should always be cautious about that. I don't think /system/bin/profile trick will do much if anything to prevent the next version of this attack. Working around /system/bin/profile existing is trivial.
What would be better is some way to prevent rageagainstthecage. Once we've got root and superuser, we don't need rageagainstthecage anymore. Finding a new kernel exploit would be a slightly bigger hurdle for the bad guys. Too bad we can't patch our kernels. Thanks, moto for protecting the end users. /s
Then why didn't I have problems with Finger Race? Please explain.
And if it really was malware, then I should've already had problems when I first started to using it on Symbian and Nokia would've removed it from the Ovi Store by now.
But still, even with the Android-version, I don't have any problems with it. So please explain.
because the version that you have is probably the legit one, and not the imitation
the imitation is identical in every way, except that it has additional malware added in
also the stuff that it does to your phone, is in the background, you will never know about it, just like a windows malware, once on, it takes a lot of work, or a full wipe to remove
Just so everyone's aware, they found about 50 more apps with malware. http://blog.mylookout.com/2011/05/s...ew-malware-from-the-developers-of-droiddream/
Well, I've been saying since it started that google should fix the rage exploit, and that we should even be hoping/asking for it. I usually got flamed as a moron by noobs saying I clearly didn't even know what rage was for, haha. Of course I was using a device that didn't have a locked bootloader at the time, so root kernels were an option. Still root can be obtained from flashing the non-kernel part of the ROM too. These exploits are a mixed blessing. They ARE a major security hole on Google's part.
Anyway.. when I have to go through 15 apps to find one good one that works on my phone, sometimes I wish I had an iphone and less free stuff. Guess I better delete that super sex positions app now
If you haven't already check it out on the market. Those of you who do know what this app is, it could become a great success, perhaps as big as Foursquare if it's developed right. This is a discussion.
I I have a few great ideas that could really help the app, I emailed the Dev, but here are my ideas:
First, We need a concept for local small businesses to get involved. Like a local small business can sign up to be a hut for zombies or shelter for survivers, and they get something to print to put in their window--this can easily be implemented and will draw more attraction to the app.
Second, app needs checking in capabilities with a way to post on Facebook where you are at and if you are infected. This will encourage Facebook people who don't have the app to check it out, and those who do have the app will benefit because they will see you checked in somewhere do they will go over and try to attack/infect you.
Third, there needs to be some CPU players or computers for the time being--they should occasionally move around too, since the game isn't well adapted yet and not a lot of people have it.
Finally, the app needs push notifications via Google's cloud to device messaging (C2DM), and a widget so one can see newest info and if they are close to someone. Make the widget refresh time a fixed value of off or like 2 hours (obviously to force the user to check surroundings), and to manully refresh you have to press & hold your thumb on the thumb scanner on the widget.
Any ideas anyone else has?
Its interesting that I've not seen this as I search often for zombie games. I will need to get acquainted with the app but your ideas sound awesome.
Sent from my DROID X2 using xda premium
Hi ppl in the xda hood
I just write to let you know that ChompSMS has now been flagged as malware, both on 2 phone here locally with Avast as scanner, and subsequently by upload to Virustotal, and flagged by some of the major names too.
This concerns both the 5.30 and the update from tonight to v5.31
As Im new, I cannot post urls, but you can dump the apk from both versions, upload for a scan, and have a look at the report yourself from virustotal dot com
XDA must decide if its worth it alarming the community, but better safe than sorry, right?
I guess it could be a false positive, and I do know things should not be rushed about accusations of malware developing, but seeing that several of the major scanners is flagging it both before and after the update, certainly raises my concerns.
I hope those of you who knows your way around decompiling and analyzing code will look into this, so that we can get more eyes on it than "just" the AV companies reports.
Sincerely, Omnius
After a bit of micro-investigating I have so far found these domains in the code, so if you do HAVE to use ChompSMS, (I do) you can ad them to your HOST file, just for the sake of it.
I dont know when or why they will be used but as they are in the code, there is a potential connection lurking in it. Decide for yourself, untill further ppl have a close look than mine.
Im not a dev of any sort, but I do know how to poke around to learn. Therfore please do not just take my words for granted until more competent ppl here have their say.
I do know that a few of these is for "normal" android app ads, and analytics and so on, but these are my finding so far, so filter our what you like it to connect to yourself. If you dont mind ads connections in-app, serve your wish, so to speak.
millennialmedia.com
gateway.textfreek.com
report.bitesms.com
nexage.com
inapp.chompsms.com
adserver.com
greystripe.com
smsgateway.chompsms.com
m.advc.us
cvt.mydas.mobi
rest.starttalking.com
mobileads.google.com
I used to love chompsms... now i guess I'm using GoSMS...
Sent from my Nexus S using XDA App
All of them appear to be valid to the program. Half are ad for ads, the other half are for functionality in ChompSMS.
I would be careful on using go SMS as well.
Antivirus apps will pick up any app that by passes any normal OS use. This always has been and always will be the case.
Anything with ads will always be flagged as it connects to an unknown server.
zelendel said:
I would be careful on using go SMS as well.
Antivirus apps will pick up any app that by passes any normal OS use. This always has been and always will be the case.
Anything with ads will always be flagged as it connects to an unknown server.
Click to expand...
Click to collapse
chomp was never flagged before the 5.30 update a few days ago...
really bothers me, i love chomp. i donated to remove the ads. i'm hoping they fixed it with 5.31 and the virus scanners are just still reporting it as a false positive. until it's sorted out though, i uninstalled...
Update : avg doesn't detect anything wrong with the newest version, 5.31.
Lemme tell you...
I noticed the new permissions requested in 5.30 (special access to browser history/bookmarks), and kinda shrugged it off. Dumb move on my part. Immediately upon launching 5.30, I get a notification from ADWLauncher that it cannot fit a new shortcut on my desktop (because the main page was full). So I'm naturally all like WTF... so I flip through my desktop pages to notice that ChompSMS had made itself a shortcut to searchmobileonline.com.
I also heard that it replaces your default browser home page and search method with the same. I use xScope exclusively, so I haven't been able to check that yet.
Delicious, Inc. has really crossed the line with this latest stunt. What were they thinking!? ChompSMS was the best Android messaging app IMHO. Why jeopardize such a great reputation? If it's money they were after, I'd imagine they could've raked in a nice bundle of cash for selling the product to another company.
Does anyone have a copy of this apk that I could take a look at?
kyokeun1234 said:
I used to love chompsms... now i guess I'm using GoSMS...
Sent from my Nexus S using XDA App
Click to expand...
Click to collapse
GoSMS is a security risk
Sent from Narnia
xHausx said:
Does anyone have a copy of this apk that I could take a look at?
Click to expand...
Click to collapse
I know this is a old thread but better than starting a new one.
I would like to ask if there is any news on this. I love chomp SMS, imo the best messanger for my taste. I have bought the pro version, to stay away from ads and unnecessary internet data. I have chomp on a brand new phone, no sim card, no messages, just activated chomp and my firewall instantly found chomp active on internet. I watched this for some time and really chomp was trying to do something even I did nothing with it.
important note: there is no data mining in any of their terms. Or at least I did not find anything.
So I contacted chomp about the behavior and they said that "they never seen this before" and suggested reinstall. I did, didn't help.
On the second try, they told me that it is connecting because of ads, but I had the pro version (and they knew it). So no luck.
After the third attempt, they said that chomp is sending once a day info that it is installed so they know how many installs they have.
This sucks a lot. Security concerns appears instantly.
I think it would be worthy to literally sniff a bit around this, since so many people is using chomp.
I'm still newer to Android and today realized the permissions that apps request. Before I was quick to just accept & go. I was about to install an app that is requesting a LOT of permissions. Phone calls, hardware controls (pics/vids at any time), and network communication (SMS I believe). My questions are simple.
1. Do certain custom mods, like Synergy? Do some mods already implement certain things into itself to disable some of these features? I understand this is a mod-by-mod basis if so. Does Synergy do anything to disable this crap, anybody know?
2. How worried do I have to be about this? Will the app literally take pics and send them out without my knowledge? Or is it only the pics I take it can send out? How does this work?
3. Which of the permissions that apps request do I really need to keep an eye on and watch out for? AKA, what could take info/pics that I dont want it to?
4. Is Anti-Virus software REALLY necessary since I'm all rooted and such? I read articles saying it's useful and others saying it doesn't even provide much protection, and the chance to get something is quite rare if you only use google play/android market?
Thanks in advance for any and all help. I ditched Apple and AT&T for this thing, and with it being rooted, I am unbelievably happy I made the switch to both VZW and the S3! AWESOME phone, screen size, and customization!
Edit: Posted wrong forum....Shoulda been Q&A forum. Devs plz move.
1. Not sure. I haven't played with synergy.
2. What kind of app is it? This is huge into what kkind of permissions it needs. If its a live wallpaper app it shouldn't be asking to be able to read your contacts or send SMS. You just gotta think what does this app do and why does it need this permission. A launcher app like Apex or Nova needs A LOT of permissions. To be able to make calls and send SMS and work the camera as a launcher can do all of those. Does a game need the ability to do that though? No. It may ask to read your contacts so it can share crap with your friends though. It can be hard when you look at permission apps ask for to decide it its legit or not. If you can't decide just don't download.
I try to only download hugely popular apps that I know aren't malware. If its got over 100k downloads chances are it is a safe app.
Permissions are tricky and until you realize all an app can do you wont understand why it wants to do some things. It took me a good year of downloading apps and reading about things toto get a great grip on permissions.
The biggest thing is common sense. What does the app do and why should it need this permission. An SMS app needs permission to the camera and to send SMS that cost money and read your phone book and such. But if I download a live wallpaper or a weather widget...why would they need such abilities. That should raise a HUGE red flag. Anytime you see "can send SMS that may cost you money" in permissions try to figure out why it needs that. Cause the last thing you want is to DL it and tomorrow have $600 in txt fees.
I don't believe in anti virus on my phone. Yeah you can get em and some love em. But really. If you just use common sense and don't download suspicious things you shouldn't need one. I refer back to only download trusted apps. If it has less the 1k downloads. Be wary. It may be a new app that a dev just launched. Or it could be a reason for the lack of downloads. Look at reviews ALWAYS. Yes many are from morons. But some are helpful. Also if you want a popular game go straight to the devs for it in the market. Many times bogus apps are posted that spoof popular apps like angry birds. Download the one with millions of downloads. Not the one with a thousand.
The more you use your device the more you'll understand. I download plenty of apps from XDA with very few downloads in the market and have been safe. But this comes from knowing and trusting a developer. That's why these forums rock. You can get in on an app in its infancy and help test it and make it grow.
--Sent from GlaDos baked potato
Google is eventually going to have to step in and put a stop to this, but more and more apps are requesting permissions that they have no business requesting. It is unfortunate, especially when the intrusive app is one you would like to have.
I choose to completely disregard any app that asks for permissions it is obvious it doesn't need. The exception being internet access for ads, as incorporating ads into an app can be a legitimate way for an app developer to generate revenue. (And the unsightly ads can be removed with an ad blocker like AdAway, so it's kind of a win-win).
However, if there is an app that you just "need" to download or would just like better control of your phone, you could download an app called "Permissions Denied." This app let's you decide what permissions are granted to each app.
i use LBE Privacy Guard to help manage my permissions. You can mark certain apps as trusted and deny specific permissions for other apps. Also lets you know when a specific app is trying to access certain functions. Only had it for a couple days but liking it so far.
i used to run an anti-virus, AVG to be specific, but after a while just decided to get smarter about what i install and have been going without one.