Pinoy Android » Android Security http://pinoydroid.net Philippines' First Android Blog and Forum Wed, 26 Feb 2014 03:20:02 +0000 en-US hourly 1 Android.Counterclank – Another Android Malware/android-apps/androidcounterclank-android-malware/ /android-apps/androidcounterclank-android-malware/#comments Sat, 28 Jan 2012 02:32:02 +0000 /?p=2251 Symantic published the latest list of apps infected by the Android.Counterclank trojan. This trojan can receive commands and can steal information. When an infected app is installed, a malicious service is running with the same name of that of its host app. It is located at the  ‘apperhand’ package and another way to know if you are infected is the presence of a search button just above the home screen.

Apps that are infected by the Android.Counterclank trojan

  • Counter Elite Force
  • Counter Strike Ground Force
  • CounterStrike Hit Enemy
  • Heart Live Wallpaper
  • Hit Counter Terrorist
  • Stripper Touch girl
  • Balloon Game
  • Deal & Be Millionaire
  • Wild Man
  • Pretty women lingerie puzzle
  • Sexy Girls Photo Game
  • Sexy Girls Puzzle
  • Sexy Women Puzzle
Android.Counterclank Android.Counterclank   Another Android Malware

Some of this apps are already in the Market for months and only this time the infection has been discovered. So if you have some of this apps installed on your device, uninstall it!

Source: Symantic via Android Community


For more Philippine Android News just stay tuned here at pinoydroid.net or join our Forum
Subscribe to our mailing list Feeds or follow us on Facebook, Twitter and Google+

]]>
/android-apps/androidcounterclank-android-malware/feed/ 0
Avoiding Security Breaches on Your Android Phone/android-security/avoiding-security-breaches-android-phone/ /android-security/avoiding-security-breaches-android-phone/#comments Sat, 10 Dec 2011 04:03:58 +0000 /?p=2074  

android security breaches Avoiding Security Breaches on Your Android PhoneMuch has been made in the news recently about malware threat to Android phones. First, it was reported that the Android operating system can be vulnerable to malware threats, largely due to the open nature of its application store. More recently, a study by McAfee Security noted that 2011 will end up being the biggest year ever for malware, with 75 million unique samples, and this is largely due to substantial jumps in programs targeted towards Android phones. It doesn’t take an extensive search of a mobile news site like phonebulletin.com to realize that security should be a concern for any smartphone user.

To be sure, the rise in Android malware is largely a reflection of the operating system’s recent successes: market share, sales of Android phones, and total revenues for manufacturers have grown tremendously in the past year, quickly eating away at Apple’s once-unshakable control of the industry. But, at the same time, the rise in malware is nothing for the Android owner to take lightly. After all, malware has grown increasingly sophisticated; spammers now use advanced technologies and targeted knowledge of a given demographic or location to more effectively fool a technology user. Consequently, although spam currently sits at its lowest level since 2007, successful attacks now comprise a larger percentage of the total.

With this in mind, the obvious and most effective way to reduce potential malware is by not downloading any malicious applications. This can best be done by doing a brief amount of background research before downloading any app. Check out reviews for the app, look to see if its description contains any suspicious wording, and – when in doubt – simply type the app’s information into a Google search. If the software is malicious it probably isn’t too difficult to figure that out. Furthermore, there are usually certain types of apps that are best to avoid. One of the most popular malicious apps currently out there is one that promises to put a free anti-virus program on your phone. Such programs, therefore, should be approached with considerable suspicion.

It is also smart to take concerted steps to insure that, if your phone’s security is compromised, an attacker can’t steal too much personal information. This usually comes into play with malware that infiltrates your phone but doesn’t cause a traditional – and immediately apparent – electronic virus to corrupt your device. Instead, this kind of malware lurks undetected in your phone and then sends information back to the attacker. Since the information is usually gleaned from SMS messages or from phone calls, it’s best to stay to stay wary when it comes to these two communication modes. Credit card numbers, PINs, and passwords should never be discussed by phone or by text.

Malware is an unfortunate component of our tech-reliant society. While we can’t ever insure that our smartphones are completely protected, we can certainly take steps to drastically lower our risk of a security breach.

 

]]>
/android-security/avoiding-security-breaches-android-phone/feed/ 0
Google is fixing the Android security flaw/android-news/google-fixing-android-security-flaw/ /android-news/google-fixing-android-security-flaw/#comments Fri, 20 May 2011 07:15:07 +0000 /?p=1227 android security Google is fixing the Android security flawA recent discovered security flaw on  Android operating system is now being fixed by Google. The recent vulnerability was discovered by German researches that hackers might steal in your information account using rogue-unsecured WiFi connections.

I also need to correct my self because there are only three compromised app namely Google Calendar, Contacts and Picasa. Facebook and other social networking app is not included.

The attack is done through unsecured rogue WiFi hotspots via ‘Client Log in’ exploit. Google only authenticate your Calendar, Contacts and Picasa once every 14 days and after that Tokens will be use for validation. This tokens are unencrypted and can be easily captured by malicious WiFi owners compromising your personal informations.

Google is currently fixing the issues in the server-side, meaning the fix is done in their servers and handset patch is not yet available. Although the Android 2.3.4 Gingerbread is not vulnerable to this attack however the 99% of Android devices is prone to this attacks. Both Calendar and Contact is fixed and Google engineers are still working on the Picasa Web Album issue. I guess Picasa does not post a serious threat unlike exposed Contacts which is scary.

Google’s official statement on the security issue:

Today we’re starting to roll out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days.

]]>
/android-news/google-fixing-android-security-flaw/feed/ 0
Android vulnerability – stay away from unsecured hotspots/android-news/android-vulnerability-stay-away-from-unsecured-hotspots/ /android-news/android-vulnerability-stay-away-from-unsecured-hotspots/#comments Wed, 18 May 2011 14:47:33 +0000 /?p=1211 android sharemenu johann larson 300x168 Android vulnerability   stay away from unsecured hotspotsAn Android vulnerability affecting 99% of Android devices has been discovered. The said vulnerability once exploited, hackers can steal your personal information from Facebook accounts, Calendar and other apps if you connect to a rogue WiFi hotspots.

Like in computer wireless security Android and other devices such as Blackberries and iOS devices has some soft spots too. So how this vulnerability works?

Prior to Android 2.3.4, the ‘Client Log in‘ authentication is vulnerable to attacks. Google servers authenticate your log in username and password once, after that it will use token. The Token used is not encrypted and details are in plain and attacker can capture the tokens.

What is needed in this hack?
The attacker needs to set up a WiFi hotspot and the best way to do this to set up near public places such as coffee shop and copy the SSID of the hotspot, e.g ‘Starbucks Free WiFi 2′. People will access your hotspots since the original needs authentication. Then the hacker will capture those tokens.

How to stay secure in Public Hotspots:
Use your 3G or 4G connection for better security instead of using unsecured wireless network.

If you really need to access a public hotspot just make sure that the hotspot is legit. If you are in a hotel or in a coffee shop ask them the SSID and better ask connection with encryption.

There are SSH Tunneling for mobile devices but you need a server to setup and not so practical for ordinary use. Eventually there will be apps like Hotspot shield for PC and VPN connections.

But the best tool of all time is common-sense. Don’t just connect to hotspots that you don’t know who owns it and if you are in doubt ask the authorized personal if that SSID is indeed belongs to them.

I know some tools that can spoof and can be used as a rogue access point but I have not tried it in a mobile device but it is beyond the scope of this article.

Safe surfing and stay secure!

via: Lifehacker

]]>
/android-news/android-vulnerability-stay-away-from-unsecured-hotspots/feed/ 2
How to protect Android against DroidDream malware/android-apps/protect-android-droiddream-malware/ /android-apps/protect-android-droiddream-malware/#comments Fri, 04 Mar 2011 03:55:00 +0000 /?p=716 With the recent discovery of DroidDream trojan in almost 50 apps and infecting 50K – 200K downloads this is a serious threat. Once the infected app is launched the DroidDream will activate the command and control server and start sending your personal information like IMEI, IMSI, Device Model and SDK version. The known exploit being used by this malware is the exploid and rageagainstthecage as LookOut security explained.

When DroidDream attempts to infect a device, it uses two known exploits, exploid and rageagainstthecage, to break out of the Android security container. Both of the vulnerabilities being exploited were patched by Android 2.3 (Gingerbread). If exploid fails to root the device, the malware will attempt to use rageagainstthecage. Once the phone is rooted, DroidDream is configured to searched for a specific package named com.android.providers.downloadsmanager. If the malware does not find this package on the device, it will silently install a second malicious application without the user’s knowledge.  If DroidDream does find the downloadsmanager package, it will not continue infecting the device with the second malicious application.

How to Secure Android:

overview phone 150x300 How to protect Android against DroidDream malware

LookOut is a free security tool that can detect DroidDream and other malware on Android. It can find your phone if it is lost or stolen, and back-up and restore contacts. The premium version cost around $2.99/month for more features.

Norton Mobile Security – offers 101-day free service, functions includes scanning incoming app to your phone.

Android is getting popular as Windows in PC and they are becoming the perfect target for malicious coders. Protect your Droid and your personal data.

]]>
/android-apps/protect-android-droiddream-malware/feed/ 0
Android Market 50 apps discovered to have DroidDream Android Malware/android-news/android-market-50-apps-discovered-droiddream-android-malware/ /android-news/android-market-50-apps-discovered-droiddream-android-malware/#comments Thu, 03 Mar 2011 13:46:46 +0000 /?p=711 Android is getting popular and becoming a perfect playground for malicious coders. Over 50 apps has been removed from the official Android market after they were discovered to contain malware. The infected apps is said to have the malware dubbed DroidDream.

If DroidDream infected app is installed it effectively “rooted” users’ phones and captured personal information.

How come this malware was able to infect apps in the official android market?
Reddit member lompolo explained – The writer of the malware downloaded legitimate apps then edit it, put his malicious code, rename the app, and published again to the Android Market. The shocking part is that more than 50K – 200K already downloaded the infected apps.
Actually the Android infected apps is not new at all, many of this can be found in alternative download site and unofficial download sites. If you happen to download some apps this past days, try to check those.

Android Police posted the list of the infected apps and Android Market already removed the publisher and infected apps from their site.
Android Trojan 268x300 Android Market 50 apps discovered to have DroidDream Android Malware

The offending apps from publisher Myournet:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • 下坠滚球_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • 躲避弹球
  • Advanced Currency Converter
  • App Uninstaller
  • 几何战机_PewPew
  • Funny Paint
  • Spider Man
  • 蜘蛛侠

Over 30 more have been found by Lookout:

  • Bowling Time
  • Advanced Barcode Scanner
  • Supre Bluetooth Transfer
  • Task Killer Pro
  • Music Box
  • Sexy Girls: Japanese
  • Sexy Legs
  • Advanced File Manager
  • Magic Strobe Light
  • 致命绝色美腿
  • 墨水坦克Panzer Panic
  • 裸奔先生Mr. Runner
  • 软件强力卸载
  • Advanced App to SD
  • Super Stopwatch & Timer
  • Advanced Compass Leveler
  • Best password safe
  • 掷骰子
  • 多彩绘画
  • Finger Race
  • Piano
  • Bubble Shoot
  • Advanced Sound Manager
  • Magic Hypnotic Spiral
  • Funny Face
  • Color Blindness Test
  • Tie a Tie
  • Quick Notes
  • Basketball Shot Now
  • Quick Delete Contacts
  • Omok Five in a Row
  • Super Sexy Ringtones
  • 大家来找茬
  • 桌上曲棍球
  • 投篮高手

Fill free to discuss this at PinoyDROID Forum.

Source:
AndroidPolice.com
Lifehacker.com

]]>
/android-news/android-market-50-apps-discovered-droiddream-android-malware/feed/ 1