Database Info

Evil Android

There’s a new threat in town. And by town, I mean China. Malware authors have created a bit of code called Geinimi that hitchhikes on existing apps when they are redistributed on third-party markets. At the moment it doesn’t do much but lurk, but its capabilities resemble that of a botnet server, according to Lookout, a company that makes antivirus software for Android.
So far the code has been identified as being able to send out your location, IMEI, app list, and to download apps. There could be more. Users outside of China are apparently at little risk, and at any rate your security is in your own hands: if you’re downloading a to-do list app and it wants access to your GPS and calling functions, that’s probably bogus.
Stay safe out there, kids.
Not to sure if this has been posted or not.

This is very disturbing...anything to get info on people..

I don't install antiviruses on my phone,because android is based on linux, and linux doesn't have viruses because of the strong kernel, plus its semi possible that you will have a virus on your phone.:thumbup:
Sent from my GT-S5660 using xda premium

Octane70 said:
There’s a new threat in town. And by town, I mean China. Malware authors have created a bit of code called Geinimi that hitchhikes on existing apps when they are redistributed on third-party markets. At the moment it doesn’t do much but lurk, but its capabilities resemble that of a botnet server, according to Lookout, a company that makes antivirus software for Android.
So far the code has been identified as being able to send out your location, IMEI, app list, and to download apps. There could be more. Users outside of China are apparently at little risk, and at any rate your security is in your own hands: if you’re downloading a to-do list app and it wants access to your GPS and calling functions, that’s probably bogus.
Stay safe out there, kids.
Not to sure if this has been posted or not.
Click to expand...
Click to collapse
Its not a new threat, lookouts announcement of it was in 2010 and in 2011 it was picked up by more press but is actually a two year old threat which afaik never did cause any problems but is checked for by google and therefore probably other app distributors.
Dave
( http://www.google.com/producer/editions/CAownKXmAQ/bigfatuniverse )
Sent from my LG P920 using Tapatalk

I hear Android 5 (JellyBean) includes some kind of in-built malware protection.
Gotta wonder why...
Sent from my unrooted DroidX using Tapatalk

Nate2 said:
I hear Android 5 (JellyBean) includes some kind of in-built malware protection.
Gotta wonder why...
Sent from my unrooted DroidX using Tapatalk
Click to expand...
Click to collapse
Not heard that, would be surprised if it did as google use bouncer to combat the malware problem.
Dave
( http://www.google.com/producer/editions/CAownKXmAQ/bigfatuniverse )
Sent from my LG P920 using Tapatalk

Pancakes_Gio said:
I don't install antiviruses on my phone,because android is based on linux, and linux doesn't have viruses because of the strong kernel, plus its semi possible that you will have a virus on your phone.:thumbup:
Sent from my GT-S5660 using xda premium
Click to expand...
Click to collapse
Wrong in many ways, it doesn't have viruses because the market is next to non-existent and getting a virus on an android device is more and more common.

Welp, as they say. Only install from trusted sources and always check the permissions the apps ask for. If you don't want the risk, go buy an Apple product and play by their rules. These are the risks that open-source brings and one that all of us bears in mind when tinkering with such power.

z33dev33l said:
Wrong in many ways, it doesn't have viruses because the market is next to non-existent and getting a virus on an android device is more and more common.
Click to expand...
Click to collapse
Actually linux does have them, see http://en.m.wikipedia.org/wiki/Linux_malware for some examples.
Linux has few simply because it tends to get patched quicker. Malware on android devices will increase more this year as its the most used mobile os and so offers more potential victims which makes it a more enticing prospect for hackers.
Dave
( http://www.google.com/producer/editions/CAownKXmAQ/bigfatuniverse )
Sent from my LG P920 using Tapatalk

That and there's no real security built-in to android and it's the easiest one to pirate apps on. I personally believe the people trying to get the apps free deserve the viruses though. Does the patching have to do with the Linux distro or the kernel? Serious question as I know little about Linux malware and only briefly used Linux.

i know kernels get patched, i think distros do as well.

alpha-niner64 said:
If you don't want the risk, go buy an Apple product
Click to expand...
Click to collapse
You're joking, right? TLDR: How do you think jailbreaking is possible if Apple is so secure? Indeed, it's the false confidence that comes from them telling users that it's so secure that's precipitated so many of the blunders.

z33dev33l said:
That and there's no real security built-in to android and it's the easiest one to pirate apps on. I personally believe the people trying to get the apps free deserve the viruses though. Does the patching have to do with the Linux distro or the kernel? Serious question as I know little about Linux malware and only briefly used Linux.
Click to expand...
Click to collapse
Kernel gets updated with patches but individual distributions also get system patches or did a few years ago when I last used linux.
I'm curious why you think there's no security built into android, as can be seen at http://developer.android.com/guide/topics/security/security.html there are a number of security measures in place.
Dave
( http://www.google.com/producer/editions/CAownKXmAQ/bigfatuniverse )
Sent from my LG P920 using Tapatalk

Use your brain for security
All the android malware reports I have ever read are just scare tactics used by various news agencys, blogs, etc to generate more views for their site. Almost all android malware can be avoided by simply being smart with where and what you download. Using iOS doesn't make you safe; downloading well known apps from the play store that only use permissions that are appropriate for its described functionality makes you safe.

z33dev33l said:
That and there's no real security built-in to android and it's the easiest one to pirate apps on. I personally believe the people trying to get the apps free deserve the viruses though.
Click to expand...
Click to collapse
I agree 120% with you, cheating people's hard work will get you burnt!
Sent from my HTC Wildfire S A510b using xda premium

Ashmere69 said:
I agree 120% with you, cheating people's hard work will get you burnt!
Sent from my HTC Wildfire S A510b using xda premium
Click to expand...
Click to collapse
Exactly. Buy the app and you don't have to worry about it. Besides, it's not like these apps are fifty bucks each. Pay a couple of dollars and support the ecosyste

I think some of the real culprits to an evil Android is self-awareness on the handset, they always seem to delete and corrupt your stuff before you know it, but yeah, bootlegs are not good at all.

Octane70 said:
There’s a new threat in town. And by town, I mean China. Malware authors have created a bit of code called Geinimi that hitchhikes on existing apps when they are redistributed on third-party markets. At the moment it doesn’t do much but lurk, but its capabilities resemble that of a botnet server, according to Lookout, a company that makes antivirus software for Android.
So far the code has been identified as being able to send out your location, IMEI, app list, and to download apps. There could be more. Users outside of China are apparently at little risk, and at any rate your security is in your own hands: if you’re downloading a to-do list app and it wants access to your GPS and calling functions, that’s probably bogus.
Stay safe out there, kids.
Not to sure if this has been posted or not.
Click to expand...
Click to collapse
Eek!

iPhone doesn't have this problem...

L33t Masta said:
iPhone doesn't have this problem...
Click to expand...
Click to collapse
Think again.
Sent from my Inspire 4G using Tapatalk 2

Exclusive: Someone Is Getting All Your Data And We Know How To Stop Them!

Well well well we just found out all your data is going to an Amazon server if you updated to the new 2.3.4 EVO and Sensation users. How long you use an app, What app you are using, The fact that you are rooted, the location you are using it from etc etc (without QIC) is being uploaded to an Amazon server un-encrypted. How's that for security? However thanks to Synergy team developer TrevE users of Synergy and the upcoming Eternity ROM from Virus will be secure against this obvious infringement of your privacy. What is HTC up to? And furthermore what other manufacturers are using similar methods? One thing Trev pointed out was your warranty can be voided immediately. They know you are rooted! The repercussions of this are astounding and frankly I am proud to be breaking this story with all of the work I have done here recently speaking out when I find are data being wrongly horded and used in nefarious ways. Kudos to TrevE and Virus for showing me this and helping the community find a way to put a stop to it. This is an ongoing game people and it is the aftermarket guys like Team Synergy and even journalist like myself who are a pretty good line of defense when crap like this comes up. They have your IMEI they know your location from the cell towers in hex and they know you are rooted. The best way to defend yourself is by rooting and flashing these guys ROMS period and that's a win win. Top of the line performance and defense against heinous invasion of your privacy.
for technical details including the nefarious code you can go HERE. The user behavior logs and other info are right in the thread of our sister site InfectedROM.com
The Synergy team and Revolution for the win... oh and when your using Synergy ROM and Eternity ROM this is what HTC will see..... Beat By Team Synergy. Jokes on them. I'm certainly laughing.
Kidromulous
Editor in Chief
AndroREV
We Are AndroREV WE ARE!
Someone pointed this out to me so I thought I'd share it with you all.
Link to article

The reason it's going to Amazon is because HTC has servers with Amazon obviously... Damn this is a dumb, FUD-spreading, post.

persiansown said:
The reason it's going to Amazon is because HTC has servers with Amazon obviously... Damn this is a dumb, FUD-spreading, post.
Click to expand...
Click to collapse
I dont think so...I am curious to know also....What are they doing with this data that they have NOT asked us to collect.

I think the op is going way overboard assuming these STATISTICS are being used " nefariously " sure, point it out, bit don't start throwing out accusations without evidence that harmful acts are being perpetrated and scaring the community into a state of paranoia.

I think the OP just copied and pasted the article, so no need to blame him.
And yea, the way the article is written just makes it seem like a rant and not very credible...

dear Op,
please tell us about the services activated under account and sync. then disabled them all and see, how like magic that traffic then is gone...

LOL. This is really written in such a sensational way that it's pretty funny that I really am fifty fifty believing this post. It's like the posts on the web that mention gain six pack ABS in six weeks no exercise. Ah well. Good thing I'm rooted and failed the update.
Sent from my HTC Sensation 4G using XDA App

OK, I'm calling BS, or at the very least calling it inaccurate. If you look up those IPs, they belong to amazonaws.com. If you look this up, you get Amazon Web Services. It's basically a bunch of cloud/database services they offer, for people and other companies to utilize. So while it may go to an Amazon server, it is most likely not actually going to Amazon. It is still just HTC, nothing different, just a different server. Also, WHO THE HELL CARES? It's not like it is constantly sending this data all the time. In fact, I'd be willing to bet this only gets sent when you actually submit one of those 'Tell HTC' forms that show up sometimes.

Well, one more spying us is not a problem

What an interesting post. Is there any kind of independent watchdog group who goes over all the code in these roms to see what is actually going on? I assume it's all open source, so they can't really hide what they're doing. How it works in the real world, however, I don't know.

"Exclusive: Someone Is Getting All Your Data And We Know How To Stop Them!"
Really?
This is an internet forum, not a tabloid newspaper/self-help magazine.

sound like to me that you just want people to download and use your rom. because if you knew a way to stop this why not post the fix ,no instead you want us to use your rom go suck and egg.bs

Now I get it...
Posts like these, thats what the 10 post minimum was all about. Too bad it missed this clown. If you've got a fix, post it. Shove your weak ROM and your weak tabloid marketing in your very loose arse. Jive... Is this where XDA is heading?

z3r0d3vil said:
Posts like these, thats what the 10 post minimum was all about. Too bad it missed this clown. If you've got a fix, post it. Shove your weak ROM and your weak tabloid marketing in your very loose arse. Jive... Is this where XDA is heading?
Click to expand...
Click to collapse
you my good sir... are exactly what we need around here hahaha hilarious

Can they even do that as in htc? Isnt it like trespassing other people privacy?
Sent from my HTC Sensation Z710e using XDA Premium App

MxFadzil92 said:
Can they even do that as in htc? Isnt it like trespassing other people privacy?
Sent from my HTC Sensation Z710e using XDA Premium App
Click to expand...
Click to collapse
Apparently they can, take a look in setting > about phone > legal information > HTC legal, its all there..
HTC Swyped from my Sensation using XDA Premium

*damo* said:
Apparently they can, take a look in setting > about phone > legal information > HTC legal, its all there..
HTC Swyped from my Sensation using XDA Premium
Click to expand...
Click to collapse
well that is one clever move made by htc. -.- wthell man. no privacy !!! anyway thanks for the info though... cant believe that they did this kind of thing to their customer.

persiansown said:
The reason it's going to Amazon is because HTC has servers with Amazon obviously... Damn this is a dumb, FUD-spreading, post.
Click to expand...
Click to collapse
The article is not questioning Amazon but HTC. And its a fact so FUD spreading I think not

Setting the Record Straight.
For the record I would never post anything that I wrote here on XDA i'm not responsible for the post. To the people who were interested in the information imparted in said post. Glad it helped. To the folks who think it's FUD. Too bad. To the folks who think I write a tabloid... well thats for the people reading it to decide. To the folks who think the fix isn't in the piece. Get your reading glasses. Oh and to the folks who don't like the fact that I promoted the developers who created the fix and think Synergy is a crappy ROM take that up with the developer of said ROMs. Thanks a million and have a blessed day.

daman215 said:
sound like to me that you just want people to download and use your rom. because if you knew a way to stop this why not post the fix ,no instead you want us to use your rom go suck and egg.bs
Click to expand...
Click to collapse
z3r0d3vil said:
Posts like these, thats what the 10 post minimum was all about. Too bad it missed this clown. If you've got a fix, post it. Shove your weak ROM and your weak tabloid marketing in your very loose arse. Jive... Is this where XDA is heading?
Click to expand...
Click to collapse
I don't necessarily believe it either but I wonder if you guys even clicked on the link because there's actually a bunch of source there, and explanations of what happens when you delete certain files that are harvesting info, and the source code that was used to "defeat" the info harvesting behaviors. I think this is interesting at the very least, if not true even if it was definitely presented in a sensational way.
I don't particularly care WHERE the data is going, I want to know WHY it's being collected in the first place, especially if it is not vital to the functioning of our mobile devices, which it seems pretty clear to all of us, it isn't. Even if YOU don't care about your info and data being harvested by google, some of us do and many of us find it very disconcerting.
Also, a guy with 14 posts trolling and asking where "XDA is heading" am I the only one that appreciates how ridiculous that is?

Is this latest virus info true?

http://wmpoweruser.com/androids-mal...s-472-increase-in-android-malware-since-july/
Any truth.

Idk, i still have to find a one.
Anyway, if Mcafee says "go buy my antivirus from the market, hurry or your phone will kill your cat and rape your kids!1!1" then it's most likely to be a serious issue...oh wait.

+1 on finding one lol there may be some but chances of downloading imo are slim
Sent from my PC36100 using xda premium

But anti-virus programs are not trustable too

Just a question. Wmpoweruser is known to bash without reason.

z33dev33l said:
Just a question. Wmpoweruser is known to bash without reason.
Click to expand...
Click to collapse
Hehe i see it. The guy who wrote this sounded like loling pretty hard at the end of the article

Regardless whether it's true or not, it wouldn't surprise me to see the android ecosystem get targeted more than the others due to the sheer number users on it. Also the percentage figures are very misleading. If it went from 2 to 4, it would say 100% increase

ph00ny said:
Regardless whether it's true or not, it wouldn't surprise me to see the android ecosystem get targeted more than the others due to the sheer number users on it. Also the percentage figures are very misleading. If it went from 2 to 4, it would say 100% increase
Click to expand...
Click to collapse
I've seen a couple of fake security programs pop up (and disappear) from the market. I see kids download all kinds of junk without even looking that the permissions the programs use.

Really the best security, mobile or otherwise, is just don't be stupid about it. Security isn't too hard a thing to achieve, so long you don't go clicking on every link you see and downloading every app on the market.

Google announces privacy changes across products; users can’t opt out

Do you think anyone can develope a program to prevent google from capturing this information about their users? Maybe at least on a android based platform even. This really chaps my a$$
Code:
http://www.washingtonpost.com/business/technology/google-tracks-consumers-across-products-users-cant-opt-out/2012/01/24/gIQArgJHOQ_story.html?wpisrc=al_comboNE_b

Whats the big deal? Google cuts down on paperwork and the policies haven't changed, they are just merged/ It eliminated redundancies and wasted effort.
what difference does it make if you are giving your personal information to Gmail or to youtube? If google has it, Google has it, period. It is still a Google based service, combining the private policies of all of the services into one makes perfect sense.
Google has stated they still have no plans to change how they handle the data.

The big deal is I NEVER CLICK YES for gooble to collect anything on me, which means I "opt-out" now I have a contract on a phone I dont want to touch. great, a 700$ paperweight , not including the service. screw you google.

I will not tap "yes" for google
Are you sure that they are 700 $?

Rage! An ad/marketing company makes my OS and wants to show me ads relevant to me rather than random ads. A company wants to make money off of a product they've created and are heavily vested in? Who'd have thunk it?
Don't like it? There's other choices out there. WP7 is pretty hot ;-)

z33dev33l said:
Rage! An ad/marketing company makes my OS and wants to show me ads relevant to me rather than random ads. A company wants to make money off of a product they've created and are heavily vested in? Who'd have thunk it?
Don't like it? There's other choices out there. WP7 is pretty hot ;-)
Click to expand...
Click to collapse
Wait til wp7 phones get ads lol
Have to say though to op its not like google are pushing ads to your device. If you browse net you get same problem. I think they have messed up somewhere cos on my laptop I always get ads for things I already have. But I don't get ads on my phone unless on a webpage or using an ad funded app so no different to a pc or any internet device.
Dave
Sent from my LG P920 using Tapatalk

mistermentality said:
Wait til wp7 phones get ads lol
Have to say though to op its not like google are pushing ads to your device. If you browse net you get same problem. I think they have messed up somewhere cos on my laptop I always get ads for things I already have. But I don't get ads on my phone unless on a webpage or using an ad funded app so no different to a pc or any internet device.
Dave
Sent from my LG P920 using Tapatalk
Click to expand...
Click to collapse
Microsoft is a software company, Google is a marketing company.

z33dev33l said:
Microsoft is a software company, Google is a marketing company.
Click to expand...
Click to collapse
Hence the lol
But the point is google aren't sending ads any different than on a pc. Whatever phone pc or tablet people use makes no difference, google and others can and do still collect data when you browse.
And some collect other data even when you opt out such as wp7 collecting user data that caused them to get sued last year. Its impossible to have a smartphone and not have someone collect data of some sort.
Dave
Sent from my LG P920 using Tapatalk

mistermentality said:
Hence the lol
But the point is google aren't sending ads any different than on a pc. Whatever phone pc or tablet people use makes no difference, google and others can and do still collect data when you browse.
Dave
Sent from my LG P920 using Tapatalk
Click to expand...
Click to collapse
I am not fond of google. I use Bing and have visited YouTube maybe 3 times this year. That said, Bing does the same thing to me.

Well **** that.. i am going back to Symbian s60v3... At least i wont have the damn adds
~§~

Xxul said:
Well **** that.. i am going back to Symbian s60v3... At least i wont have the damn adds
~§~
Click to expand...
Click to collapse
Lmao.
Sent from my GT-I9100 using xda premium

z33dev33l said:
I use Bing...Bing does the same thing to me.
Click to expand...
Click to collapse
Bing probably does other things that would scare the hell out of you if you were aware of them. Google is nosy. M$ is evil.
Sent from HTC G2

Crashdamage said:
Bing probably does other things that would scare the hell out of you if you were aware of them. Google is nosy. M$ is evil.
Sent from HTC G2
Click to expand...
Click to collapse
Color me intrigued, what makes Microsoft more evil than google?

What would be the best way to avoid this?
a problem I could see is if like, I have my son over on a weekend and he jumps on...idk, nickelodeon. com or something, will it show ads for all the porn sites I visit?
I sure as hell wouldn't want him reporting that to his mother and even possibly the appropriate authorities...

just curious but in what way is this different, if not dramatically worse, than everything CarrierIQ was accused of a few months back.

I wonder if this will affect things like StartPage which bills itself as being completely private but is "enhanced by Google"

This is why I have dead email addresses. I've got one for Gmail just for my phone. Never use it for anything else. Just the phone.
Don't Be Evil, just make lots and lots of money.

The real problem is the internet. There are always the spammers that get a kick out of just breaking someone else's things, and that's why almost all websites log things. It also creates privacy concerns for those trying to follow the rules. So if it bothers you so much that Google knows you search for a laptop, and it suggests that there is a better, cheaper one, next time you use gmail, then you have problems. I personally love this, now when I go between Google services, I don't have to log in again. Google provides you with great services for free, why not give them the ability to advertise to you? The world is dangerous, get over it.
Or you could do the most practical thing, ad block. Its on Firefox and chrome, so that should cover almost everybody. If your stuck with ie, well, god help you.
Sent from my Bad-Ass Acer Iconia Tab a100

dead78 said:
just curious but in what way is this different, if not dramatically worse, than everything CarrierIQ was accused of a few months back.
Click to expand...
Click to collapse
Carrier IQ records keystrokes, text messages and other private stuff Google does not. And without even telling anyone it was there.
Sent from HTC G2

nazsa said:
The big deal is I NEVER CLICK YES
Click to expand...
Click to collapse
You agreed to their terms of service. As has been pointed out, the information is used so they can show ads that pertain to you specifically. I view this as a good thing.
If you don't want a company to know your browsing and purchasing habits, you should buy a cabin in the woods and live off the grid, no electronics, no grocery stores, completely self sufficient.
Good luck!

Major uptick in Android Malware

I don't know how many of you pay attention to security issues but I thought I would post a link to this Threatpost article.
http://threatpost.com/en_us/blogs/staggering-increase-android-malware-variants-trojan-apps-051612
It behooves one to pay attention to what you are installing and what permissions apps are requesting. I just ditched Evernote due to increased permissions, even though it is from what one might call a trusted source.
Edit: I have not finished perusing the F-Secure Mobile Threat Report, but so far it is a good read.

I've never once had a problem with any kind of malware or virus on my phone. Then again I'm careful and use common sense. Which goes a long way
Sent from my SGH-I777 using xda premium

Phalanx7621 said:
I've never once had a problem with any kind of malware or virus on my phone. Then again I'm careful and use common sense. Which goes a long way
Click to expand...
Click to collapse
Common sense does go a long way. With some of the posts I've seen on XDA, there seems to be a lack of that not-so-common attribute. Flashing without thinking, sideloading apps from unknown sources, etc.
Google appears to be reacting (albeit slowly) with Bouncer, trying to police Market/Play. I'm not sure if Amazon is doing anything similar for their app store. The big picture still looks rather grim. Will we be looking at large scale botnets this year? Hopefully not. The idea of Android botnets makes me a bit ill.

Unless malware can show up on the store, I don't see the issue here. It's a risk we've all known about since the day Android came out.

alpha-niner64 said:
Unless malware can show up on the store, I don't see the issue here. It's a risk we've all known about since the day Android came out.
Click to expand...
Click to collapse
Malware has shown up on the store. The issue is that Android is increasing its market share by leaps and bounds, black hats are writing more sophisticated malware, and more people are hacking their devices without a clue as to what they are doing. If you read the F-Secure Mobile Threat Report (linked in Threatpost), the number of detected malware APK's has grown tenfold over the last year.

Golly gosh.
Sent from my GT-I9100 using XDA

Phalanx7621 said:
I've never once had a problem with any kind of malware or virus on my phone. Then again I'm careful and use common sense. Which goes a long way
Sent from my SGH-I777 using xda premium
Click to expand...
Click to collapse
Exactly the same here

Windows has had malware threats for well over a decade and as it matured the OS was patched to deal with it. Android is more secure than Windows is, you not only have to download a malicious app you also have to install it before anything bad can happen.
Google will hopefully implement a more effective way of preventing malware from entering the Play Store but this may have the side effect of false positives on certain rooting/tweaking apps.

As pc are being replaced by tablets, its a juicy business for anti virus companies.
So i wouldn't trust any report from av companies...
It's usually pretty vague. Which app on android market?
As you get virus when you install warez games on pc, the same goes for android if you manually install an apk out of android market. Nothing new.

rchtk said:
As pc are being replaced by tablets, its a juicy business for anti virus companies.
So i wouldn't trust any report from av companies...
It's usually pretty vague. Which app on android market?
As you get virus when you install warez games on pc, the same goes for android if you manually install an apk out of android market. Nothing new.
Click to expand...
Click to collapse
I think you guys are missing the OP's point. You dont have to manually install an .apk.
A fake company called "MYOURNET" (touche for the name, rather ironic now) took a bunch of real apps from the market, injected them with malware and resubmitted them back onto the marketplace. The new malware could root your phone, steal your data, and keep a backdoor open for more goodies. Crazy ****.
http://androidcommunity.com/android-virus-served-up-by-user-myournet-20110302/

I admi i didn't open the pdf (pdf is now the number one virus vector ;-) but as far as i see it didn't mention reinjection in the market. Well.. pay attention to permissions..
Nothing else to do.
How to define a virus? That is the question..
Only install trusted editor from the market. Only install applications which provide ttheir source code and read it..

Easy answer for malware pike: piracy, period