http://blog.mylookout.com/2011/05/s...ew-malware-from-the-developers-of-droiddream/
is the list of apps that were just discovered over the last few days by Google.
In reading other articles, I see Google will remove them and I wouldn't have a problem, but I'm sure a few of the games I got from Amazon.
Does anyone know how Amazon handles this removable...do I manually look for and delete the games? Guess, I'm assuming Amazon's would hold the possibly of malware, also.
I haven't been through this before, so wanted to ask.
I, also, saw an app Google uses - Android Market Security Tool, I wonder if that's helpful for me for anything from Amazon that I might have downloaded?
Thanks
so be honest what one of the Hot Girls programs listed did you download.
tonyz3, LOL - that's funny.
Well, I did another 30 min. research on web about how Amazon may handle any apps with malware and couldn't find a thing.
So I sent Amazon an e-mail, hopefully I got the right department(s). Telling them I do have some games on that list from them, wanting to know if there's any action I should take or will they?
Apparently Google is on top of it (although they slipped through), but I don't know that Amazon is at this point.
I'll let you know if I hear back from them.
Edit: I should add I'm not having any problem with my TF or apps..just trying to stay ahead of the game.(s) My TF will be 3 weeks old tomorrow, love it and my dock gets here tomorrow-yea!
I don't see a denial there so maybe it's all of them he has installed. Anyways thanks for the heads up. Glad I dont have any of those apps. For future use you may wish to consider installing the AVG free android app called 'Anti-Virus Free'. You can get it HERE.
stuntdouble said:
I don't see a denial there so maybe it's all of them he has installed. Anyways thanks for the heads up. Glad I dont have any of those apps. For future use you may wish to consider installing the AVG free android app called 'Anti-Virus Free'. You can get it HERE.
Click to expand...
Click to collapse
Big Thanks, stuntdouble! For the info and the link.
I'm off to get it now...sounds good.
I just received a response from Amazon, when I questioned the safety of their apps for malware....and they even went the extra mile when I sent a link from mylookout.com listing the apps, they doubled check and they don't carry any of them.
Ok, guess I panicked & I don't have any apps from Amazon on that list(s). But, now I know-lol
Here's their reply:
"All of our games downloads go through a review process which includes virus and
spyware scanning. This is done with software from multiple vendors, and our
games are considered virus-free. I also looked into the article you reference
and was not able to find any of the Apps listed on our website.
Our goal is for Amazon Appstore customers to have a good experience with every
app they buy from the Appstore. As a result, we test all apps and updates prior
to making them available in our store to verify that each app works as outlined
in the product description, does not impair the functionality of the mobile
device, and does not put your data at risk once installed.
I hope this helps, Thanks so much for your interest in the Amazon Appstore.
Did I solve your problem?"
Very nice reply! And I now have AVG and Lookout app on my tablet.
sunsetbay said:
Very nice reply! And I now have AVG and Lookout app on my tablet.
Click to expand...
Click to collapse
I'm curious, did either of those anti-virus apps identify those apps as being malware prior to them being pulled? It doesn't look like it.
"The Lookout Security Team identified the malware thanks to a tip from a developer who notified us that modified versions of his app and another developer’s app were being distributed in the Android Market."
I have nothing against Lookout or any other Android anti-virus, but have the anti-virus apps ever actually found anything? It's not a rhetorical question. I don't use them and truly don't know.
ad1980,
Well, in the end I feel a bit foolish...remember I said I panicked.(s)
Two of the games I thought I had were by a different developer and Tetris that I deleted a couple of weeks ago from my tablet isn't showing up in Google's or Amazon's library any longer. So I'm sure who that developer was.
Sorry, I should have dug further before I started this thread on the developers/games.
In the end, I learned a bit more about malware on a tablet and how Amazon and Google handles it. Right now I have AVG and Lookout Mobile Security that doesn't seem to be slowing me down in any way. Looks like I'll keep both and let them scan
as I download, etc.
Hey I'm glad you posted! I'm curious if anyone has seen some benefit from using these Anti-Virus apps. It sounds great in theory, but does it actually do anything? It appears to me that there's little benefit. From what I can tell it goes something like this:
Malware appears in the Market
Someone informs Lookout/ElGoog/AVG etc...
All companies block/remove the offending apps at about the same time
I guess if you use those shady appstores you could benefit if these specific Malware apps still exist in those places.
I'm still interested to hear if anyone has seen/heard of these apps having a positive effect.
Ad1980 and all, I see this a.m. more malware has been discovered in the Google Market and this article may answer your question on how well anti-virus works - not(s).
http://www.informationweek.com/news/230600068
What I come away with is one person, Xuxian Jiang, discovered them and then reported them to Google and various anti-virus companies. Doesn't sound too proactive does it?
I almost think my Lookout got an update this week, maybe it was this...after the apps have been out for 2 months. But, Lookout did discover the last batch, this one they didn't. Hmmm, I know still in the beginning stages.
One of these Angry Birds add-ons I almost bought, but the reviews were so bad I didn't...guess now I know why it didn't work.(s) Real close that last week I almost did buy it for 2nd or 3rd time, since I'm not doing so well with beating Angry Birds(s).
Just a note to OP: the article you linked states the malware is run by reading phone state, if you hadn't noticed the TF101 is a tablet and not a phone and thus the malware wouldn't ever run.
Ofseshmaru, Oh, you are so right - sorry. And Thank you for correcting me that it's about phones.
Of course, I know TF101 is a tablet and I did miss in reading the article that it's about phones only.
Guess I just saw the malware connection to Google market place again and how it relates to viruses and malware being discovered...still interesting.
In the end looks like that one app add-on I wanted, I wouldn't have been able to get anyway.
@Sunsetbay
Yeah, that's exactly what I'm talking about. It looks like all Lookout would do here is prevent you from downloading a known-malware-laden app. But, if the app is already known to have malware, then Google takes it down and there's no point in having Lookouts protection.
I would love to have a virus protection app that works, but from what I've seen Lookout and the others are all completely retroactive. Anyone have any different experience?
So does this mean there's no use whatsoever in installing anti-malware?
bimmer69 said:
So does this mean there's no use whatsoever in installing anti-malware?
Click to expand...
Click to collapse
If you're only installing apps from Google's market, then you'd likely receive zerobenefit from using any of the anti-malware utilities- as they won't really be offering anything that Google isn't already (the removal of known malware). Even for sideloaded/from other markets, I have to question how effective things like Lookout would really be. It's extremely easy to get root on pretty much any device out there, and once an app has root it's pretty much game over for everyone else on the system.
Anti-malware will always be pretty much the worst line of defense out there (phone, tablet, or desktop- doesn't matter which). They're reactionary in nature, and add a rather large amount of overhead to many common operations on a system.
Unfortunately, until the manufacturers and Google start taking security updates seriously, our phones' security amounts to about as much as a piece of swiss cheese at stopping a typhoon.
Related
Hi guys
i just read about trojan attack on android phones and hence i am planning to install antivirus software.
Could you please guide which is the best antivirus for galaxy tab which should not be very resource hungry.
Thanks in advance
Sent from my GT-P1000 using XDA App
I use look out
Sent from my SGH-T849 using Tapatalk
pda_crazy said:
Hi guys
i just read about trojan attack on android phones and hence i am planning to install antivirus software.
Click to expand...
Click to collapse
A report that was released by a company selling anti-virus products for Android. A report that has since been attacked for its credibility, as it seems the "trojan" may simply have been a legitimate (if intrusive) reporting mechanism used by the Chinese store selling those apps.
Bottom line: If you don't side-load content, you simply do not need anti virus on Android. It's a waste of time, money, processing power and battery life. I'm not aware of any known exploits on the Android ecosystem that don't require the user to side-load malware from sources outside the official Android market.
Android isn't windows. Android is a secure architecture from the ground up. Android doesn't have OS holes that need plugging. Android doesn't offer itself up to be infected every time an email is received.
If you're really worried about viruses, simply don't install apps from anywhere except the official Android market. Doing this single thing will do far more to guarantee safety than any anti-virus software.
Now if you do side-load content from questionable sources, an anti-virus product could potentially provide protection. In the real word, anti-virus software rarely recognizes new, zero day exploits. so not all that much protection at all.
After hearing such good things about android i am feeling proud to be android owner.
Sent from my GT-P1000 using XDA App
Do we really need an Antivirus on the Galaxy Tab?
Better safe than sorry especially since there is no rejection poilicy for the market
Sent from my GT-P1000 using XDA App
i think your better served reading the permissions of apps installed.
Things like Applanet that ask for access to log in credentials are far more dangerous then malware.
That is as long as your not getting your apps from chinese markets.
NetQin Android Antivirus
pda_crazy said:
Hi guys
i just read about trojan attack on android phones and hence i am planning to install antivirus software.
Could you please guide which is the best antivirus for galaxy tab which should not be very resource hungry.
Thanks in advance
Sent from my GT-P1000 using XDA App
Click to expand...
Click to collapse
NetQin Android Antivirus, works fine!
TainT said:
i think your better served reading the permissions of apps installed.
Things like Applanet that ask for access to log in credentials are far more dangerous then malware.
That is as long as your not getting your apps from chinese markets.
Click to expand...
Click to collapse
This.
Antivirus apps are not required. These "reports" are from antivirus creators designed to make you think you need one.
Actually read the reports? They are not viruses, but simply permissions you give it when installing anyway.
I wouldn't have thought antivirus was required, especially given Android's base as a Linux. All it would do is waste CPU cycles.
Spent the last 5 years as a Symbian user listening to people claim that AV on the phones was a 'must have'.
Glad to see some things are the same on Android!
A Trojan Horse on Android/Linux is like an upper class chav, it's not going to happen.
Sent from my GT-P1000
EStrong Security manager isn't an antivirus per se but it seems to do a manual scan for malicious apps. They're very vague as to what it actually does though.
I don't really understand why people feel the need to get anti-virus for linux. To get something malicious you've got to install it yourself and thats pretty damn hard considering the phone will tell you what the app is tring to access and even then the app doesn't have any access to any other apps nor does it have root access to the phones file system.... the most it could really do is collect data about you, or maybe delete files on your SD card or something like that.
there is some very naive linux fanboys in here. there is plenty of reasons to have some sort of malware/privacy security on android. there have been various independant confirmations of apps in the market place containing malware espesially in the last month or so.
lookout is a good one or kaspersky. the both have good scanners and also can protect personal info aswell.
TheATHEiST said:
there is some very naive linux fanboys in here. there is plenty of reasons to have some sort of malware/privacy security on android. there have been various independant confirmations of apps in the market place containing malware espesially in the last month or so.
lookout is a good one or kaspersky. the both have good scanners and also can protect personal info aswell.
Click to expand...
Click to collapse
I would think that since the last reply was from January, people would have learnt that.. The last malware incident that got Google involved within 5 minutes and had over 50 apps pulled was pretty well publicized.
Anyway, people have got to realize that no one OS is invulnerable. It's just a matter of time before people start finding exploits when an OS gets popular - for Android that time is now. Heck, not sure how many people are aware, but roots and jailbreaks ARE exploits themselves. Trying scanning the rooting/jailbreaking tools with your desktop AV and all becomes clear.
darkwoof said:
Heck, not sure how many people are aware, but roots and jailbreaks ARE exploits themselves. Trying scanning the rooting/jailbreaking tools with your desktop AV and all becomes clear.
Click to expand...
Click to collapse
Precisely. A rooted device is the best to attack for malware apps. If there's a developer that's smart enough, they can get pretty much anything if you're rooted.
Sent from my GT-P1000 using XDA Premium App
Since I'm rooted, I installed Lookout too.
Funny coz it's easily uninstalled eventhough has apps policy/administrator (I forgot the name)
Well.. I use it mainly for the Missing Device feature (paired with PREY also).
GANJDROID said:
Precisely. A rooted device is the best to attack for malware apps. If there's a developer that's smart enough, they can get pretty much anything if you're rooted.
Sent from my GT-P1000 using XDA Premium App
Click to expand...
Click to collapse
dude you did not understand the last post at all!
you dont need to have your device rooted. a normal market app can root your device without you knowing it, and can then do whatever with your device.
how do you think z4root does root your device? (z4root is an app that does root the phone for you, normally with your knowledge)
Geletis said:
A report that was released by a company selling anti-virus products for Android. A report that has since been attacked for its credibility, as it seems the "trojan" may simply have been a legitimate (if intrusive) reporting mechanism used by the Chinese store selling those apps.
Bottom line: If you don't side-load content, you simply do not need anti virus on Android. It's a waste of time, money, processing power and battery life. I'm not aware of any known exploits on the Android ecosystem that don't require the user to side-load malware from sources outside the official Android market.
Android isn't windows. Android is a secure architecture from the ground up. Android doesn't have OS holes that need plugging. Android doesn't offer itself up to be infected every time an email is received.
If you're really worried about viruses, simply don't install apps from anywhere except the official Android market. Doing this single thing will do far more to guarantee safety than any anti-virus software.
Now if you do side-load content from questionable sources, an anti-virus product could potentially provide protection. In the real word, anti-virus software rarely recognizes new, zero day exploits. so not all that much protection at all.
Click to expand...
Click to collapse
Dude, You have absolutely no clue what you are talking about. MANY malware have been discovered as been submitted and released via market.
http://pocketnow.com/android/google-removes-ten-malware-infected-apps-from-android-market
I thought I was ready for a tablet....... I'm still working on getting anti-virus loaded. CA has sold 2 two versions of their anti-virus and I still haven't gotten one to work. Does anyone out there have an anti-virus that will load without me talking for an hour to someone overseas???
Why would you need Anti-Virus on this thing? If you use everything as a regular user you shouldn't get infections. This isn't Windows
checkout Andtoid Antivirus probably all you need
check for dr web, but I agree not sure why you need an anti virus on android yet...
I needed one, got a virus downloading a game from a website. Corrupted most of my installed programs. I use Lookout now and only go to market related sites.
D Wright said:
I needed one, got a virus downloading a game from a website. Corrupted most of my installed programs. I use Lookout now and only go to market related sites.
Click to expand...
Click to collapse
You probably should only D/L from the market! There is a lot of malicious code out there people created to deter people from downloading an app illegally to save a couple of dollars and lose all your data... just sayin
Did your tablet pop up with Charlie Sheen saying "Duh! WINNING!" lol
I thought all devices going onto the web needed it. I have a ton of stuff to learn. Thanks to all who offered assistance. I think I will look into what was offered. I have a teenager using a twin to mine. She's going off to college in the fall.
I too have resisted putting A/V on my tab & phone. Just more "bloat". As stated, stick to pretty safe places (Market) and you should be Ok, Right?
Well, just look at the most recent issue where malicious code made its way onto the market. Don't think that code in particular did any horrible things, but it just goes to show that the Market is not fully policed (I think that's a good thing, actually ... if I wanted the reverse, I'd have an iPad)....
I recently started using this:
http://www.xda-developers.com/android/protect-your-android-with-lookout-mobile-security/
Since its an XDA member, I feel a little bit better about it.
So I have been looking around online just some basic stuff about privacy on the android phones and so forth.
I have also looked around the xda forums about Privacy and Protecting your ID or anything that you dont want to get out or w.e the case maybe so Im looking for some help and maybe this can help others about this if they wish to.
Well im looking for something that I can have the most protection toward viruses/malware/ID theft or any "stealth" like traces after uninstalling apps and anything that falls into that category. I have came across something called DroidDream Not sure if this is still going on in the world of android or some other form of it. But over all its something that the malware is designed to only run while the android phone is sleeping. Also talks about Once the Android smartphone is rooted, DroidDream searches for a specific package named "com.android.providers.downloadsmanager". If the package is not found, DroidDream silently installs a second malicious app without the user's knowledge. Other malicious apps can be installed in stealth from the DroidDream command and control servers I did find this info from pcworld site but thats some basic stuff..also it talks about the the update of gingerbread helped fixed that issue.
But like I said was looking for something that I can use or other members if they are not aware of such to help lock/protect their phones. I also did come across this link int he xda forums http://forum.xda-developers.com/showthread.php?t=1357056&highlight=Privacy
Also check this out https://www.androidpolice.com/2011/...-and-carrieriq-in-a-new-class-action-lawsuit/
This app seems to be prefect for what im looking for or maybe anyone may have other ideas for something like this.
Thanks for all who reply and is helpful..
When I had a BlackBerry there were a ton of malware apps and I've only seen one or two for android. There was one that I used for a bit before rooting but ill have to get back to you on the name.
But definitely a good idea I always wondered after rooting if that made my phone more vunerable to "hacks" e.g. so if there were a safety feature like that I would definitely use it
I know one of the most popular used is locked out and norton,avg, kaspersky mobile and another one something like netQuin I think but I know when I had the avg and when I scan my phone it said I had a virus but then I try the lock out anti virus and it said I did not.so idk ..
HTC Inspire
NetQuij is the one I used for a few days. Not sure of how well it worjed but thats definitely the o.e I was thinking of
As long as you only install apps from a known good source you have almost no worries. The security is only as good as the hacker. In other words if the hacker what's in your phone bad enough the only way to stop him is to shut it off. Mainly when running a rom like MIUI that use root exploits like crazy.
The main time this happens is when people download pirated apps from servers in Europe and in that case then they deserve what they get. All the antivirus programs really are pointless and slow up the phone. So just be careful and never try to get paid apps for free and you will be fine.
As for the programs showing different results that is due to something being labled a virus and others not. Take the hack kit. Any virus program will remove parts on DL even though it is not a virus at all.
zelendel said:
As long as you only install apps from a known good source you have almost no worries. The security is only as good as the hacker. In other words if the hacker what's in your phone bad enough the only way to stop him is to shut it off. Mainly when running a rom like MIUI that use root exploits like crazy.
The main time this happens is when people download pirated apps from servers in Europe and in that case then they deserve what they get. All the antivirus programs really are pointless and slow up the phone. So just be careful and never try to get paid apps for free and you will be fine.
As for the programs showing different results that is due to something being labled a virus and others not. Take the hack kit. Any virus program will remove parts on DL even though it is not a virus at all.
Click to expand...
Click to collapse
Thanks zel for that info.. and I didn't know miui had stuff like that
HTC Inspire
I don't know how many of you pay attention to security issues but I thought I would post a link to this Threatpost article.
http://threatpost.com/en_us/blogs/staggering-increase-android-malware-variants-trojan-apps-051612
It behooves one to pay attention to what you are installing and what permissions apps are requesting. I just ditched Evernote due to increased permissions, even though it is from what one might call a trusted source.
Edit: I have not finished perusing the F-Secure Mobile Threat Report, but so far it is a good read.
I've never once had a problem with any kind of malware or virus on my phone. Then again I'm careful and use common sense. Which goes a long way
Sent from my SGH-I777 using xda premium
Phalanx7621 said:
I've never once had a problem with any kind of malware or virus on my phone. Then again I'm careful and use common sense. Which goes a long way
Click to expand...
Click to collapse
Common sense does go a long way. With some of the posts I've seen on XDA, there seems to be a lack of that not-so-common attribute. Flashing without thinking, sideloading apps from unknown sources, etc.
Google appears to be reacting (albeit slowly) with Bouncer, trying to police Market/Play. I'm not sure if Amazon is doing anything similar for their app store. The big picture still looks rather grim. Will we be looking at large scale botnets this year? Hopefully not. The idea of Android botnets makes me a bit ill.
Unless malware can show up on the store, I don't see the issue here. It's a risk we've all known about since the day Android came out.
alpha-niner64 said:
Unless malware can show up on the store, I don't see the issue here. It's a risk we've all known about since the day Android came out.
Click to expand...
Click to collapse
Malware has shown up on the store. The issue is that Android is increasing its market share by leaps and bounds, black hats are writing more sophisticated malware, and more people are hacking their devices without a clue as to what they are doing. If you read the F-Secure Mobile Threat Report (linked in Threatpost), the number of detected malware APK's has grown tenfold over the last year.
Golly gosh.
Sent from my GT-I9100 using XDA
Phalanx7621 said:
I've never once had a problem with any kind of malware or virus on my phone. Then again I'm careful and use common sense. Which goes a long way
Sent from my SGH-I777 using xda premium
Click to expand...
Click to collapse
Exactly the same here
Windows has had malware threats for well over a decade and as it matured the OS was patched to deal with it. Android is more secure than Windows is, you not only have to download a malicious app you also have to install it before anything bad can happen.
Google will hopefully implement a more effective way of preventing malware from entering the Play Store but this may have the side effect of false positives on certain rooting/tweaking apps.
As pc are being replaced by tablets, its a juicy business for anti virus companies.
So i wouldn't trust any report from av companies...
It's usually pretty vague. Which app on android market?
As you get virus when you install warez games on pc, the same goes for android if you manually install an apk out of android market. Nothing new.
rchtk said:
As pc are being replaced by tablets, its a juicy business for anti virus companies.
So i wouldn't trust any report from av companies...
It's usually pretty vague. Which app on android market?
As you get virus when you install warez games on pc, the same goes for android if you manually install an apk out of android market. Nothing new.
Click to expand...
Click to collapse
I think you guys are missing the OP's point. You dont have to manually install an .apk.
A fake company called "MYOURNET" (touche for the name, rather ironic now) took a bunch of real apps from the market, injected them with malware and resubmitted them back onto the marketplace. The new malware could root your phone, steal your data, and keep a backdoor open for more goodies. Crazy ****.
http://androidcommunity.com/android-virus-served-up-by-user-myournet-20110302/
I admi i didn't open the pdf (pdf is now the number one virus vector ;-) but as far as i see it didn't mention reinjection in the market. Well.. pay attention to permissions..
Nothing else to do.
How to define a virus? That is the question..
Only install trusted editor from the market. Only install applications which provide ttheir source code and read it..
Easy answer for malware pike: piracy, period
I am a Galaxy Note user and it is my first android phone. Love it so far but worry about security sometimes given the permissions are so vague.
Anyway I found this article interesting:
http://blogs.cio.com/mobile-security/17170/android-malware-scam-nets-265k-lands-it-execs-tokyo-jail
What do you guys (and girls) think?
Is this tip of the ice berg type stuff? Or just stuff that porn addicts are going to run into?
Could any AV really have detected and stopped this thing?
Interested in all opinions.
Cheers!
First things first: If you are rooted, use LBE Privacy Guard to add a bit of protection to your phone. That way they can't just send all your contacts out without you knowing about it. Make sure you set individual permissions for every app you install.
Secondly, if I get any annoying notifications, I just uninstall the app that's causing them. Since Android does not execute application code when uninstalling, you don't have to worry about the app trying to break your phone (which is really hard considering the sandbox design of Android) as a final revenge of some sort.
Third, I think most of the articles about malware are pure fear mongering. They are usually posted by AV software makers who want to sell their own products. As long as you stick to the Play Store and always check app permissions, you should be safe. If you start installing any app you find without checking where it came from or what permissions it wants, you will have malware issues soon. Self protection and a little bit of common sense will help you quite a bit in this matter.
Sent from my GT-I9300
Thanks for the recommendation on LBE -- I will check it out.
Yes -- I see most of the high volume posters here say that AVs are a waste of time and system resources.
Permissions can be tricky. Case in point -- I am looking at an anti-theft for my phone and am considering Avast and Cerberus. BOTH are very intrusive (requiring root access for advanced features. Avast is a large and reputable company so that alleviates my concerns a bit. Cerberus is a better developed offering in terms of features and benefits (they have a portal while Avast is still stuck on SMS only management of lost phones). The problem is I know nothing about the company or people behind then and I pretty much have to give them access to my entire phone in order to use all the features. As a relative noob it is really difficult to make an informed decision on whether to give all these permissions or not.
I'm using Cerberus. I've tried it a couple of times, works perfectly. But as always, you never get 100% security.
Sent from my GT-I9300
Yes -- I trialled it and decided to buy yesterday. Features and benefits wise its an easy decision if you want an anti-theft app. I worry a bit though that they seem so small --- I hope they properly secure the infrastructure from which they host all these accounts.
member68 said:
I'm using Cerberus. I've tried it a couple of times, works perfectly. But as always, you never get 100% security.
Sent from my GT-I9300
Click to expand...
Click to collapse