{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Is it because Android is the most popular smartphone platform in the world right now, or is it because it’s just fundamentally easier to attack? In any case, Google’s mobile juggernaut Android continues to be the world’s biggest magnet for mobile malware. According to a report out today from security specialists F-Secure, Android accounted for 79% of all malware in 2012, up from 66.7% in 2011 and just 11.25% in 2010. On the other side of the spectrum,*Apple’s iOS, the world’s second-most popular platform for smartphones in terms of new purchases, remains one of the least compromised, with 0.7% of malware on its platform.
Symbian, whose market share is in rapid decline*and is being left for dead by its former parent Nokia, is down to 19% of all malware, compared to 62.5% two years ago. F-Secure predicts that it will go the way of the dodo bird and become extinct in 2013, as users replace their Nokia handsets with Android devices. Meanwhile, Windows Mobile, BlackBerry and J2ME each accounted for less than 1% of threat families in circulation in the year.
Breaking down progress over the past year, Android’s malware record appears to have seen a particularly bad spike in Q4 2012. F-Secure notes that in the fourth quarter it accounted for a full 96% of attacks. In fact, according to its records, all other platforms except for Symbian (at 4%) didn’t appear to have any malware threat families received at all.
Holding these up to Q4 market analysis, these figures are not proportionate to market shares for current sales, but they are somewhat more reflective of what devices are in circulation today.*In that sense, the shift between Symbian falling and Android rising is due to the fact that Android has been the biggest benefactor of Symbian’s decline.
“Malware in general has a parasitic relationship with its host,” writes Sean Sullivan, security advisor at F-Secure Labs. “As old Symbian handsets continue to be replaced by those with other operating systems, especially Android, Symbian malware dies off and will probably go extinct in 2013.”
In terms of what forms malware is taking, F-Secure says that 66% of detections were Trojans (malware masked as something else). F-Secure believes that Google’s increased security prompts, which it introduced with the 4.2 variant (Jelly Bean), should help bring that number down. However, if you look at Google’s most recent stats on distribution, released this week, Android 4.2 is only at 1.6% — meaning that this make take some time to come to pass. (For the record, Gingerbread 2.3.3 and upwards remains the most popular in terms of distribution, at 44%, with Ice Cream Sandwich at number-two with 28%).
Another major problem continues to be dodgy SMS messages: F-Secure notes some 21 of the 96 Android threat variants come from premium SMS that encourages downloads and sometimes end up as repeat problems by way of subscription services to which users unwittingly become subscribed. Then, users don’t know about this until the charge comes up on their bill — if they bother to scrutinize that bill, that is.
Interestingly, F-Secure also notes that those releasing malware have become more sophisticated in their reasons for infiltrating devices. Specifically, there’s been a significant shift in terms of malware attacks becoming financially motivated over the last several years, with financial gains now well outweighing those attacks that have been made in the past. Why the shift? It may be because malicious hackers were still learning the ropes for how to infiltrate devices back in the day.
Or it could be something else:*The rise in financial motivations also speaks to the fact that we as a population are using our devices for significantly more transactional services — and that makes them increasing targets for attacks aimed specifically at that fact. This is something that will eventually have to be squared with all the many ambitions and developments in the market today to turn our handsets into our default wallets.
Update: TC has reached out to Google for a comment, but a spokesperson says that the company does not comment on security company reports. Also worth pointing out a dissenting opinion on the above data from a reader in the comments below, highlighting that what gets identified as malware may sound more alarming than it actually is.
“F-Secure can say that anything is malware, even ‘dodgy sms’ which doesn’t fall under the definition of malware…. They say they detected trojans, but they didn’t explain what were their effects on the system, because if they did, everyone will know they’re not really trojans, that’s only what they want you to think,” he writes. “I’ve been using different droids for 3 years now, never had an issue with them. I’m a developer by the way.”
Be that as it may, there are more than security vendors putting out reports and warnings on malware and cybersecurity threats. Smartphones are still an emerging area — but a hugely popular one — and therefore remain a moving target
Source: techcrunch
thank you for sharing your valuable reserch
Hi, your post has helped me a lot in researching on this topic. It sure makes a lot of sense.
Related
Wooooo go CyanogenMod!
http://www.wired.com/gadgetlab/2011/05/cyanogenmod-android-hack/all/1
Modders Make Android Work the Way You Want
By Mike Isaac Email Author
May 19, 2011 |
7:00 am |
Categories: Hacks, Mods and DIY, Phones, Software and Operating Systems
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Photo: In one of many tweaks to the Android interface, a customized boot screen features scrolling lines of code. Photo: Jim Merithew/Wired.com
CyanogenMod is one of the biggest hacks to ever hit the Android mobile platform.
It’s got an estimated 500,000 users. Many Android programmers use it as a starting point for their own coding projects. And according to the project’s founder, a number of Google employees have it installed on their Android devices.
Essentially, CyanogenMod is a tricked-out version of the software you’re already running on your Android phone.
Every Android-powered device comes running a version of the operating system, from 1.5 (Cupcake) all the way up to 3.1 (Honeycomb).
CyanogenMod replaces that stock OS with a custom build, letting you make adjustments to your phone that the official version prevents. It opens the door to more sophisticated custom wallpaper, changing the graphic that appears when the phone boots up, or more significantly, tethering your laptop to your phone’s data connection. With CyanogenMod installed, you can even overclock your phone’s CPU, so you can wring every last drop of processing power from it.
“You can customize the hell out of it,” says Steve Kondik, founder of the CyanogenMod project.
How a Hack Got its Start
Of course, it all began with a phone.
Debuting in 2007 as the flagship device for Google’s Android mobile platform, HTC’s G1 smartphone was the alternative to Apple’s immensely popular iPhone.
The G1 — also known as the HTC Dream — could be easily rooted, which meant giving you superuser access to the phone’s naughty bits. Essentially, it made customizing your G1 as easy as pie.
Steve Kondik had been waiting for a phone like the G1 for a long time.
“I had followed a few other Linux-based phones before,” says Kondik, citing offerings from Motorola and Nokia, “but they never had the sort of momentum that a company like Google could bring.”
And Google’s philosophy fit with what Kondik, a software developer working for a mobile content delivery company in Pittsburgh, was looking for: a more “open” platform for coders coming from a background in open source code, like Linux. Android, after all, is built on the Linux kernel.
After each version of Android was made available for download to the public, Google pushed all of the code to an online repository called Kernel.org, free for all to poke, prod and play around with. Developers could take any and all of that code and modify it to their heart’s desire.
Which is exactly what Kondik proceeded to do. “I had been using desktop Linux for ages,” he says, “and I just tried using some of those concepts to tweak the code. I had no idea what I actually wanted to do with the phone.”
After finishing his first version of CyanogenMod, Kondik posted the file to XDA forums, a popular message board in the Android modding community. “All of a sudden, my single-page thread is one hundred pages long,” Kondik says.
Cyanogen Comes of Age
CyanogenMod was a hit. It racked up downloads from community members, each expressing how they liked the amount of control they finally had over their phones.
“As a mobile enthusiast, I like the ability to make changes to the way that my operating system runs,” says Chris Soyars, who works on CyanogenMod.
In essence, CyanogenMod’s popularity can be attributed to the very thing that draws so many to the Android platform: openness, flexibility, control. The Google-led Open Handset Alliance — a coalition of 80 carriers, manufacturers and tech companies all backing the Android platform — espouses these principles, as seen in the Open Source Project mission statement: “We wanted to make sure that there would always be an open platform available for carriers, OEMs and developers to use to make their innovative ideas a reality.”
Apple, on the other hand, fought aggressively to outlaw the practice of jailbreaking its phones, which is akin to rooting an Android device. Apple ultimately lost the battle in federal court, so iPhone users are free to jailbreak their phones, though they don’t have access to the operating system’s underlying source code to the same extent Android users do.
While Apple’s controlling, “walled garden” approach has obviously worked well for the company — the company has sold 100 million iPhones as of March of this year — Android has become the alternative solution for geeks and hackers who want more control over their devices.
For many, CyanogenMod is the key to unlocking that control.
Photo: The CyanogenMod logo. Illustration courtesy CyanogenMod.com
But while Android allows more access to things Apple doesn’t allow, such as unofficial app markets, there are still some things that the OS places off limits. CyanogenMod takes it to the next level. For example, installing it allows you to remove all that pesky bloatware that came preinstalled with your device. Or as Kondik says, “You don’t have to have weird NASCAR apps stuck on your phone anymore.”
Coders must create a different version of CyanogenMod for each new release of the Android operating system. But the proliferation of different Android devices across multiple manufacturers meant many different versions of code to be dealt with. And with Google beginning to operate on a six month release cycle for each version of its software, Kondik needed help.
Chris Soyars, a tech company project manager from the Gainesville, Florida area, runs the servers that host all of the CyanogenMod files available for download. “We need some pretty high horsepower to handle the amount of traffic we get,” says Soyars. After meeting Kondik over the XDA forums, Soyars set up the file-hosting infrastructure for Kondik after Cyanogen began to take off.
Photo:The "Blue" theme for CyanogenMod. Photo courtesy of Bill Bradford/Flickr
CyanogenMod expanded into a team of 35 different “device maintainers,” who manage the code for the 32 different devices that the project supports. Like Google, the team publishes its code to the Github online repository and accepts online submissions for changes to the code from other developers. Seven core members decide which of the submitted changes make it into the next release of CyanogenMod, and which don’t.
Ricardo Cerqueira, a mid-level manager at a telecommunications company in Portugal, got involved with the project after being promoted to a management position.
“I missed getting my hands dirty,” says Cerqueira, who had worked as an engineer before. Now, CyanogenMod is a major part of his life.
“Right now, I’m in charge of four or five different devices,” says Ricardo Cerqueira. “When Gingerbread [Android OS 2.3] came out, I barely slept for days.”
The Future of the Hack
Ultimately, CyanogenMod aspires to be more than just a software mod.
“I think one of our biggest dreams is to see a phone ship with Cyanogen on it,” says Soyars.
But pairing the software with a phone is no easy task. First, CyanogenMod would have to pass the tests required by Google’s certification program in order to bundle Google’s proprietary apps — Gmail, Calendar, etc. — on the phone.
CyanogenMod initially tried bundling the apps in its software, but Google slapped the group with a cease and desist letter, barring the team from producing any further versions or distributing its software until the two parties settled. Kondik eventually dropped Google’s apps from inclusion in the CyanogenMod download, although obtaining those apps after installing the mod is as easy as going to the Android Market.
Google declined to comment on this story.
The group would also need a willing hardware manufacturer to partner up with. The Geeksphone is one tantalizing option. Based in Spain, the company offers a prerooted device straight out of the box. But Geeksphone is still a small enterprise, miniscule in comparison to the hardware giants that currently dominate the industry.
And third, says Kondik, “to get anything like this off the ground, you have to be partnered with a carrier. And how do you do that unless you’re one of the giants, like LG or HTC?”
While its following is impressive, it’s likely CyanogenMod won’t grow into a giant.
“The mainstream consumer isn’t at all interested in this,” says Al Hilwa, mobile platform analyst at research firm IDC. “However large a group they are, I can’t imagine it being more than 5 percent of the market.”
But it was never about the money, anyway. Virtually all of the team members have day jobs. Kondik says it’s difficult to manage the time spent on CyanogenMod and his actual paid work.
“There are donations here and there,” says Soyars, “but there’s no real way to monetize this.”
In the end, it’s about a love of tweaking code, figuring out how things work, and making them work your way.
Click to expand...
Click to collapse
Original posted at SkyJedi.com
Please vote it up on reddit
Charles Wolf released an interesting report to investors on the 19th. I couldn’t find it online so I requested the data directly from Mr. Wolf. Here it is I felt that is was fishy so I investigated a little more.
On page 9 of his report wolf has a quote to support the inferior nature of the apps within the android market place from this article.
Darrell Etherington, “Apple Loses Ground to Android, But the App Store Still Dominates” gigaom, February 9, 2011.
The vast amount of spamware (45,000 out of 100,000 apps in the Android Marketplace are spam apps) and the low number of top-tier game titles (20 for Android vs. 306 for iOS) and other app categories all play their part in making the Android app market a cottage industry compared to the profit-engine of the iOS App store.
Click to expand...
Click to collapse
Unfortunately this is never in the article or written by Darrell Etherinton, its a comment on the article from a user who goes by mrrtmrrt who signs his comment Mart. I’m still trying to track this guy down. But he loves commenting. InforWorld, Forbes, The Guardian, Marketwatch, and the list goes on.
In another quote, page 10, said to be from
Kyle Baxter, "Android Isn’t About Building a Mobile Platform,” tightwind.net,January 4, 2011
Android’s market may… be terrible in comparison to Apple’s App Store for paid applications… because… discouraging paid applications on the Android platform is in Google’s interest
Click to expand...
Click to collapse
The real quote is
For example, Android’s market may not be terrible in comparison to Apple’s App Store for paid applications just because Google hasn’t yet finished it; rather, discouraging paid applications on the Android platform is in Google’s interest.
Click to expand...
Click to collapse
A cleaver use of eliplise.
I wondered about the accuracy of his numbers and more importantly the accuracy of his interruption of the numbers from IDC. I requested the data from IDC directly and got this response from IDC PR.
Unfortunately, I can't share that data with you -- it's proprietary research that was unfortunately usurped by a Needham analyst and plastered all over the Web.
Click to expand...
Click to collapse
From what I gather from released un-usurped data, Nielsen April 2011, comScore June 2011, and most importantly of all IDC June 9th 2011, the same company Wolf quoted the majority of his data from, Android is in no shape to stop or slow down anytime soon. This data which covers that same time period as Wolf's report have drastically differnt trands. I think IDC sums it up best
IDC expects Android, which passed Symbian as the leading operating system worldwide in Q4 2010, to grow to more than 40% of the market in the second half of 2011. A significant and growing list of vendors who have made Android the cornerstone of their respective smartphone strategies is propelling the growth of Android
iOS was the third ranked OS going into 2011 and will remain a force in the mobile phone market throughout the forecast. After an initial explosive growth period, iOS is expected to grow at a more modest pace throughout the latter half of the forecast as the smartphone market matures and diversifies. Although a small market share decline is expected, IDC expects significant overall shipment volume growth through the end of 2015.
Click to expand...
Click to collapse
I got ahold of William A. Stofega, Program Director of Mobile Device Technology at IDC and got his opinion from the same dataset that Mr Wolf has.
Quarter over quarter there will be fits and starts for all manufactures. Android is a driver in terms of growth no matter whose numbers you look at. IDC see android as the leader in mobile right now especially with a huge growth in lower tier and emerging markets like China. Regarding Mr Wolf, its fine that he used our data, but IDC is unaware of his methodology of analysis. The bottom line is what the end of the year numbers will be.
Click to expand...
Click to collapse
I contacted Mr Wolf and asked for his methodology and dataset, but haven’t received a reply as of publication.
With the fact that Wolf's main source of data, IDC, sees Android as the leader and has the expectation of continued growth, the published numbers from multiple sources, I cannot see how Mr Wolf has reached his conclusions. He may have taken an extremely narrow subset of data to produce his numbers, but as IDC stated, its the end of the year numbers that matter, not a subset of data. Without his methodology and the dataset one cannot check his numbers, but if he cannot even cite a source correctly, I don't trust his statistical analysis skills. In the end I think that Mr Wolf wrote this report for shock value and to make a name for himself. I don’t think I am alone in that opinion.
Finally just a reminder, don’t believe everything you read, check the sources, and check to make sure the sources were quoted correctly.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Sounds like what I thought was right, Charles Wolf is a publicity whore.
Forevermore, such shocking use of statistics shall be known as "pulling a Charlie"
Hello, this video shows that Android is two times less reactive than IOS.
http://youtu.be/bNc3yiz0vUo
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Does anyone know if Google plans to correct this?
Tank's
dreeck said:
Hello, this video shows that Android is two times less reactive than IOS.
http://youtu.be/bNc3yiz0vUo
Does anyone know if Google plans to correct this?
Tank's
Click to expand...
Click to collapse
From the video, it appears that this relates to a particular app (mini piano), so in that case, I'm not sure why it's Google's responsibility to improve the responsiveness of a third party piece of software.
That said, there are some very basic reasons for why iOS will invariably be smoother and more responsive than Android almost 100% of the time.
Put simply, iOS and Android both began their respective development at totally different times. Android started development during a time when the market was saturated with keyboard-centric devices like Blackberry's and such. There wasn't a whole lot of touch-screen proliferation, and even then, those devices with touch screens were still very proprietary and basically none of them offered multi-touch. As such, Android was never originally designed for multi-touch screens; that kind of functionality is more of an evolutionary adaptation than anything else really. Android's core design principles focus on multi-tasking and cloud service connectivity in order to maximize productivity. That's why Android has always more effortlessly been good at both of those things.
iOS on the other hand was designed from ground up to be used on a multi-touch user interface. As such, iOS products have been more focused on being UI-centric, while other functions take a lower priority. Basically, when the user interacts with the screen of an iOS device, the system will drop everything it's doing (if need be) just to make sure that the UI runs smoothly. For example, say you try to interact with a webpage as it's loading on an iOS device. The device will actually stop loading the page, as long as you are touching the device to interact with it. As soon as you're no longer touching it, the page will continue to load. This is also why multi-tasking was more of an afterthought than a core principle with iOS. Apple could have easily implemented some form of multi-tasking right with their first iPhone, but considering the resource limitations at the time, that would have come at the cost of an interface that wouldn't have been as smooth or responsive.
So, to sum up:
Generally speaking, iOS will almost ALWAYS have a smoother and more responsive touch interface than Android has (unless Google basically rebuilds Android for touch screens from ground up).
That said, Android will almost ALWAYS be a better at multi-tasking and integrating cloud services than iOS (unless Apple decides to basically rebuild iOS from ground up with a bigger focus on those services).
Which is better than the other? Well, that's up to you really; it's totally subjective. If you want a simple to use UI which is smooth and responsive, then maybe iOS is better suited for you. If a more diverse ecosystem with endless customization options and very powerful multi-tasking beasts are important enough that you can accept a reasonable cost in the UI smoothness, then Android is your best bet.
thank you for taking the time to respond
for this video, I tried a dozen pianos Android and I chose the one with the least latency.
The latency of Android is a real handicap. I am shocked that no one cares.
For my part I think this problem is caused by drivers
I know this is not comparable, but on PC there is ASIO4All, a pilot able to remove this latency (but just for Audio).
I have a Galaxy Note and I hope that Google will improve this problem.
The reason Google hasn't fixed this issue is because in order to fix this issue the Android UI would have to be completely reprogrammed to accommodate a fix. If they reprogram in that manner then it would basically make every device after the reprogram a legacy device and every application would have to be rewritten.
Sent from my ADR6350 using Tapatalk
"If they reprogram in that manner then it would basically make every device after the reprogram a legacy device and every application would have to be rewritten."
So if I understand it, Android will stay soft?
I am shocked to hear that. If true, I would not give much of its future.
Some applications are unusable with this latency, Apple can rest wisely. this is sad.
I read about it in an article from an interview with an ex Google employee. He said that a complete rewrite of the OS would have to take place
Sent from my ADR6350 using Tapatalk
Thank you for this information.
But in this article it says that ICS has undergone a complete rewrite. What do you think ?
http://www.brucebnews.com/2011/10/new-iphone-new-android-phones-new-windows-phones/
you should read record this video using a galaxy nexus. There is a lot less latency than you show on your video using 'mini piano lite '
It is impossible that you have touched an iPhone, otherwise you would not say that.
Everything I touch on my note have latency compared to the iPhone. And whatever the rom flashed.
To prove that I am not the only one to rave :
http://www.musiquetactile.fr/android-is-far-behind-ios/
Recently, researchers from the Cheetah Mobile Security Lab have found a dangerous Trojan, dubbed Cloudsota, pre-installed on certain Android tablets. Tablets infected with this Trojan are still on the shelves of Amazon, ready to be shipped to customers around the world.
Origin: Complaints from victims
This Trojan has existed for quite some time and victims have been consistently asking for help at Android forums like XDA, TechKnow and others.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
A few complaints from customers can be found on Amazon as well.
Evil: Malicious activities of the Cloudsota
The Cloudsota Trojan enables remote control of the infected devices, and it conducts malicious activities without user consent.
The CM Security Lab has detected that Cloudsota can install adware or malware on the devices and uninstall anti-virus applications silently. With root permission, it is able to automatically open all installed applications. Furthermore, we found that the Trojan replaces the boot animation and wallpapers on some devices with advertisements. Cloudsota also changes the browser’s homepage and redirects search results to strange ad pages.
Impact: More than 153 affected countries
According to our rough estimation, at least 17,233 infected tablets have been delivered to customers hands. The estimation is based on anonymous data collected by Cheetah Mobile. Since many tablets are not protected by anti-virus applications, the number may actually be significantly greater.
What’s worse, these tablets are still available on many online stores, including the huge retailer Amazon. While most people have no idea about Cloudsota’s potential risks, it is a ticking time bomb threatening your privacy and property.
Over 30 tablet brands have been pre-loaded with this Trojan, among which the most severely affected are the no-brand tablets with Allwinner chips. Over 4000 such tablets have been sold to customers across the world.
We have notified companies involved whose products are found with pre-installed Trojans. We advised those manufacturers to investigate their system firmware carefully, but unfortunately none have responded yet. We assume that the unbranded tablet manufacturers do not pay any attention to user feedback, nor do they have the capability to offer a solution to this problem.
Over 150 countries are affected by this Trojan, with Mexico, USA and Turkey suffering the most.
A large number of customers have left comments on Amazon.com grumbling about the advertisements and popups. These tablets share some similarities that all of them are low-priced and manufactured by nameless small-scale workshops. Here is an incomplete list of the questionable tablets on Amazon. (More details please refer to the Appendix)
Decompile: Technical analysis of the Trojan:
When we discover a questionable tablet, we send a notification to Amazon explaining the issue. We are assured that Amazon can corroborate our messages with its customers complaints and reviews.
Red “Demo” on the screen
Many users reported that their tablets were locked down into demo mode, with a large red “demo” text on the screen all the time. Based on our analysis, the red “demo” is not generated by the Trojan. The source of the red demo exists in the system component package-SystemUI.apk
As soon as the device is booted, the malicious code in SystemUI.apk will be executed to examine whether the malware com.clouds.server (viz., the Trojan cloudsota) has been installed in the tablet, if not, the code will try to get one, and if it fails, it will draw a big red “Demo” in the center of the screen.
Auto restoration after reboots
Even if we remove the Trojan, it will reappear after reboot.
As the Trojan is embedded in boot.img /cloudsota/CloudsService.apk, it is able to restore itself when a user reboots the device, meaning that it is very hard to get rid of.
Every time the device reboots, the code in the script init.rc will restore the Trojan.
The code that restores the Trojan:
Block browser’s homepage
When users boot the device, Cloudsota will visit the Trojan creator’s server frequently (about every 30 minutes), in order to obtain operating commands. Commands to change the browser’s homepage are as follows:
We intercepted some data:
http://download.cloudsota.com/homepage/1427791194/homepage
Install Apps silently
Similar with the homepage block, the Trojan gets a list of applications to push from the cloud server and silently installs these apps to the system directory of users’ devices. Generally, users are unable to remove them.
We obtained some information about the Trojan’s implementation:
http://download.cloudsota.com/apk/ota/1438999935/CalendarService.apk
http://download.cloudsota.com/apk/ota/1440569351/CloudsService.apk
http://download.cloudsota.com/apk/DSB/393/dsb_aijian2.apk
http://download.cloudsota.com/apk/MopoPlay/4314/MopoPlay.apk
http://download.cloudsota.com/apk/maxthon/2915/hgnormal_remote_master.apk
Other detected behaviors:
The Trojan is also able to:
1. Change the boot animation of the device. (Users have to bear the annoyance of advertisements even when booting.)
2. Uninstall the applications in your device. (Mainly uninstals anti-virus apps and root tools which offer protection to your device)
3. Set your wallpaper to advertisements. (Every time you tap the home button, you will see the nasty advertisements)
4. Activate whatever applications on your device
5. Create pop-up advertisements
Knowing all the malicious activities of this Trojan, we understand why these tablets are so cheap.
Conclusion: Attackers may from China?
We have confident proof showing that attackers from China are behind Cloudsota.
1. The code we extracted from the Trojan links to the WHOIS information on the server of www.cloudsota.com. It is clear that the server is registered in Shenzhen, P.R. China.
Registry Registrant ID:
Registrant Name: QIU BIHUI
Registrant Organization:
Registrant Street: xixang baoan district
Registrant City: shenzhen
Registrant State/Province: guangdong
Registrant Postal Code: 518101
Registrant Country: China
Registrant Phone: 1-368-255-2849
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: [email protected]
2. Much of the code is written in Chinese characters.
3. The manufacturers of tablets are from China.
Solutions and Recommendations
For infected users: We have published manual removal instructions on our blog.
For online stores: We suggest these dealers more strictly vet their product vendors.
For tablet buyers: Do not take the risk of trying tablets from nameless manufacturers just to save some money.
For this report, we refer to many materials from the following websites and organizations, and we greatly appreciate their kindness and support!
Special Thanks to: www.Techknow.me / www.Techknow.one
For more details of the users' reviews on Amazon and related information of the Trojan, please refer to the Appendix.
manual removal instructions http://www.cmcm.com/article/share/2015-11-09/840.html
Appendix https://drive.google.com/open?id=0B1CH2n58TrbiOWs2eGdjaW50RFk
manual removal instructions http://www.cmcm.com/article/share/2015-11-09/840.html
Appendix https://drive.google.com/open?id=0B1CH2n58TrbiOWs2eGdjaW50RFk
There is no such thing as a nameless manufacturer. This article doesn't even name the offending companies.
I'm guessing these might be the cheap manufacturers. Still a problem..
Almost every Chinese mobile have Cloudservice.apk malware installed.
Holy COW!
Including the replica phone at the most.
A useful post, but as @jayvl said, the offending companies were not listed.
Sent from my ASUS_Z00AD
If you are concerned about security updates, you can check this report (updated 07/02/2018), providing information for device between 2011 and 2017 and report if your device is updated not.
This is a compilation of data based on official reports, official support responses and users feedback community.
Source : https://twitter.com/SecX13/status/961691443931820033
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
TD.
Again with this exaggerated focus on security updates. Am I the only one going "who the **** cares?" I mainly care about general OS updates, and even then I don't go around being angry for not getting it (if anything, I get more angry if the update is **** and I have to wait a long time for the next update to come along and fix the problems the first one brought). But not once in my life have I gone around thinking "hmmm, wonder when I can get my next security update..." This issue with security updates seems to be completely blown up by tech nerd sites and a small minority of enthusiasts online. Hell, I even consider myself a smartphone enthusiast, as I buy and sell phones for a living (and get to test virtually all flagship phones). But even I don't give a **** about this. I doubt the average consumer do either.
For a basic user this can be not so important, until he’s affected with a malware or other security issue.
This is more important for business company, organization and people that need minimum security, especially during this time with Meltdown, Spectre and also other malware affecting Android.
You can look this table like «*Brand that does good/bad job to update and maintain quickly/slowly your device*» not only with the security purpose.
Don’t forgotten that brands that does minimum security updates does also minimum and slower OS updates.
TylerD13 said:
Don’t forgotten that brands that does minimum security updates does also minimum and slower OS updates.
Click to expand...
Click to collapse
That's just wrong, and you know it. There's no real coherence between fast security updates and fast OS updates. A great example is how fast Essential is with security updates. They're not as fast updating to a newer OS version compared to, say Google, now are they? And that's even despite the fact that their interface is virtually stock Android and should be an easy job for them, as well.
Also, you exaggerate the security update’s importance by your talk about malware, spyware etc. issues being of importance. But the fact of the matter is that of all the phones I have tested and owned over the years, I have never ever run into issues with malware or any other kinds of security problems with my Android phones. That includes a ton of phones from Google, Samsung, Sony, LG, OnePlus, Huawei, Xiaomi, HTC, Motorola, etc. All OEMs with large variations in times they take to give security updates. It also includes 4+ year old devices that family members have; no issues there either. So this worry you seem to have is blown out of proportion. It's an issue no average user or even enthusiast really gives a **** about.
generalako said:
That's just wrong, and you know it. There's no real coherence between fast security updates and fast OS updates. A great example is how fast Essential is with security updates. They're not as fast updating to a newer OS version compared to, say Google, now are they? And that's even despite the fact that their interface is virtually stock Android and should be an easy job for them, as well.
Click to expand...
Click to collapse
There can of course be exceptions, but overall with main OS like iOS and Android this is most the time true.
Essential is not a good example, it’s a new and small company compared to other.
If your device brand don’t take care of your software with security update, there’s great probability that is the same with other updates.
i'd say it depends on how valuable your data and "transactions" on the smartphone is to you. if you dont giva a ****, so be it and maximum damage/risk is caller/sms fraud or some minor annoyances like crypto trojans and the like which exhaust your battery. if your doing banking apps, password save or or have other confidential data on your phone (test: you'd handover your photo gallery to a stranger?), then you might think again about your personal risk management.
my 2 ct.