dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
578

Cartel
Intel inside Your sensitive data outside
Premium Member
join:2006-09-13
Chilliwack, BC

1 recommendation

Cartel

Premium Member

PowerOffHijack: New Android malware spies from 'shut down' smartphones

A new malware for Android devices is capable of making calls, sending out text messages to third parties and taking photos even after the user has apparently switched off their smartphone.

The malicious program, which was discovered by AVG security research firm, works by hijacking the shutting down process of the mobile device.

When the user presses the phone’s power button to switch off, the malware only makes it look like the device has stopped operating.

So while the shutdown animation is being displayed and the screen goes black, the mobile device actually keeps working.

»rt.com/news/233895-andro ··· tphones/

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

trparky

Premium Member

It is said that in order for this malware to be installed you have to have root access to Android. Considering that many devices aren't getting Android updates along with necessary security patches, all the malware has to do is package a root exploit in the malware's installation process.

For instance, the installation of the malware could root the phone via TowelRoot, once rooted the installation would then continue with the injection of the malware. Instant device p0wnage.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

Try has been dead sense June of 2013. I had to use it to fix a phone a while back. Very few droids have Roms that old. Most that do are sitting I. Drawers in etc. Not to say there is not a Sim one just waiting to be found. Same goes.for iOS Mac OS Linux and any other OS.
art22gg
Premium Member
join:2005-02-16
Courtenay, BC

art22gg to Cartel

Premium Member

to Cartel
Mentioned here....»Android Trojan spying on your device

trparky
Premium Member
join:2000-05-24
Cleveland, OH

trparky to Nanaki

Premium Member

to Nanaki
There are still a lot of devices out there that are running Android 4.3. For instance, StraightTalk is still selling Galaxy S3s (not S4) for cheap as shit. Guess what OS they are running. Not 4.4 I'll tell you that! Therefore, still vulnerable.
trparky

2 edits

trparky

Premium Member

And not only that, those phone packages you see in the grocery checkout lines that are for pre-paid phone service also aren't running anything close to the modern version of Android.

It's these devices that people who don't know any better that are buying these cheap devices that will forever be vulnerable to these kinds of threats.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned) to trparky

Member

to trparky
Actually no it is not version that determine if TR works but date of the rom/kernel.

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

trparky

Premium Member

A vast majority (> 65%) of Android devices being sold today aren't flagship devices. Not everyone buys flagship devices, a lot of people buy the cheapest thing that they can get their hands on and it's these devices that aren't being updated.

We here on this site very much live our lives in an ivory tower, we know the threats to our security; the vast majority of people don't know and they are being taken advantage of.

Honestly, I would love to know the percentage of the el-cheapo devices still being sold are running an updated kernel. I wouldn't be surprised at all if less than 5% of them are running an up-to-date kernel.
trparky

trparky to Nanaki

Premium Member

to Nanaki
I dare you to go to your local grocery store, drug store, Walmart, or anywhere else that sells cheap pre-paid devices and buy a few. Come back with the results of which ones have been updated and the percentage of which haven't been.

I would be willing to bet that the percentage would be quite scary.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned) to trparky

Member

to trparky
We sell a ton of cheap phones from 60 to 100 I was surprised that they all have 4.4.x most are .3 and .4 none are sub .2 the issue is more people not updating old phones s3 and above on all carriers I've seen have 4.4.x .2 or higher available. Updated a ladies.moto g yesterday to .4 that has been available for months. Even if OEMS and carriers released new vers for all phones the day google released the code you would still have people on the original install versions from launch day of the device. I see iPhone 4 and 4s phones single owner with iOS 4x on them.all the time. Same for iPads and windows os install with zero updates pre sp1 xp installs no less. Can't blame anyone but the end user for that nonsense.
Nanaki

Nanaki (banned) to trparky

Member

to trparky
Don't have to buy them I see them daily. Most if not all are able to be ota updated to 4.4.2 at the very least. Many to .4. Now s1 and prior those don't get updates s2 can but most won't be. Apply the same to phones as old as those regardless of brand and carrier.

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

trparky to Nanaki

Premium Member

to Nanaki
said by Nanaki:

I was surprised

I am too. I really am.

I would have expected that a lot of them wouldn't at all be seeing these updates. They are cheap phones after all.

I was looking at some really cheap phones being sold at Net10Wireless. Devices like the Huawei Glory, LG Optimus Dynamic, BLU Studio 6.0 HD, Blu Life Play S 4G, Samsung Galaxy Ace Style, etc. You know, the phones that sell for sub-$150 with no contract. Those phones won't ever see those updates.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

All blu phones are 4.4.2 or above almost with out exception they were released just before 4.4. The few that started with a 4.3 version had the 4.4 update weeks after release. Great entry level phones easy to fix and cheap to fix. All but early ones have a non fused together display. Damn good build quality some early ones had very bad batteries that would swell after a few months but replacement batteries did not have the problem.

trparky
Premium Member
join:2000-05-24
Cleveland, OH

trparky

Premium Member

Well OK then... maybe the Android security landscape isn't quite as bad as I thought it was. I figured that the really cheap phones weren't getting updated.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

Well most lag about 2 updates behind. Allot of the real cheap ones are on 4.4.2 blus tend to see 4.4.3 and .4 5 is not on any yet. But the next models of blu will likely be 5.x.x (what ever is latest at the time) the super unkers well um yeh avoid lol. Many reasons beyond old android vers for not buying them.

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

trparky

Premium Member

If you ask me, it's the lag time between the updates that concern me the most.

If you look at most security exploits for say, Windows, it doesn't take very long for exploit code to become available on hacker sites to be downloaded and used even by the likes of script kiddies. That's why it's imperative to install Windows Updates as soon as possible.

When a new Android exploit comes on the scene exploit code is available just as quickly.

I understand that putting a major OTA update release together is a big thing to do and that it takes time to get it ready. But if a large and well known exploit comes about in Android a maintenance update should be put together post-haste and get pushed out to all devices as soon as possible. Even if it's a patch against the current build of what's already on the device, get it ready and pushed out ASAP. It could be an OTA patch that as small as 20 MBs, just get it out there!

We live in an age in which many if not all exploits as of the are zero-day type, meaning exploit code is already out there and is being circulated on the Internet amongst the bad guys. During that time your data, security, and privacy is at risk. Patches must be developed and delivered as fast as possible.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

True but same is true for all oses. Apple has a serious issue in that every update is a full ios update meaning quite large. the entire os is re compiled and pushed. I have been a beta tester for games going back as far as 96. In all those years i have only seen one single early beta where a patch was the entire client. Even they moved to byte level and file level patching with in the first few patches. Lets say that a flaw hits ios that allows a phone to have a unsigned app from a unknown source installed on the phone and ran in the bg with root level permissions. apple releases a fix a week later. How many people are going to update? Remember i have seen iphone 4 line phones with the original os installed when 7.x was out for many months. People tend to not upgrade because they do not want the down time even if it is a 5 minute downtime. I can tell you right now that the number who update immediately will be extremely small. It is not rare for me to see very old ios versions on phones. It is in fact the most common ios i see.

And i do not believe a os update should ever be forced on a user. Because of one simple fact. A update can break things and break them in big ways.
Nanaki

Nanaki (banned) to trparky

Member

to trparky
On a ot but fun note heh

I have sitting in front of me a t mobile htc g1. Yep the very first marketed android phone

Im going to try and restore it to working condition and might take it back to the originally released android version just for the sake of history

Needs a digitizer and camera lens cover beyond that i don't know what else it may need.

trparky
Premium Member
join:2000-05-24
Cleveland, OH
·AT&T U-Verse

trparky to Nanaki

Premium Member

to Nanaki
Yeah but remember, iOS 4 didn't have OTA update abilities. OTA updates didn't come about until I believe iOS 5. So if someone never connected their device to iTunes then their device would have never seen the update.

Since iOS 5 the platform bugs you about updating to the most recent version and that's the way it should be.
trparky

trparky

Premium Member

I'm not an Apple fan boy by any means, I just know that the Android platform is deeply flawed. And I'm not saying that iOS is without flaws either, they too have issues as well. Everyone has issues, Windows has issues (lots of them!) But it does seem that Apple has a better handle on security than the Android OEMs.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

Apple just does not have the popularity to be targeted as much as android. Give it time. As more begin to use apple it will get hit.
TheMG
Premium Member
join:2007-09-04
Canada
MikroTik RB450G
Cisco DPC3008
Cisco SPA112

TheMG to Nanaki

Premium Member

to Nanaki
said by Nanaki:

And i do not believe a os update should ever be forced on a user. Because of one simple fact. A update can break things and break them in big ways.

Yeah, OS updates are not always for the better.

I updated my Samsung Galaxy 10.1 tablet from Android 3.x to 4.x and now it's quite sluggish compared to before. I don't think this older tablet has the CPU power to handle the newer OS smoothly. Wish I could get the security updates without having to push a whole new OS version.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

You might be better off rooting and romming that tablet. I personally like twrp for a recovery system but any will do other than stock. If you do go with the rom id go with cyanogenmod and auto update with it start at a low 4x series and auto update till the tablet gets slugish. You can always install a older version.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran to trparky

Premium Member

to trparky
Niche units like my Galaxy Relay might be getting left in the cold. Currently running 4.0.4.

trparky
Premium Member
join:2000-05-24
Cleveland, OH

trparky

Premium Member

Definitely vulnerable there.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned) to sivran

Member

to sivran
Never seen one and that's saying allot.

sivran
Vive Vivaldi
Premium Member
join:2003-09-15
Irving, TX

sivran

Premium Member

Very similar (perhaps identical?) to the Galaxy Blaze. It's a slider with a keyboard--because I can't stand virtual keys.
Nanaki (banned)
aka novaflare. pull punches? Na
join:2002-01-24
Akron, OH

Nanaki (banned)

Member

Ahh OK. I'm seriously going to try and restore the t mobile g1 we have at the shop. Just for fun. I'd love to install the shipped with android version which was 1.0. Now it won't ever be used obviously. More something to show people what android started out as. Honestly the g1 was a great design.

carpetshark3
Premium Member
join:2004-02-12
Idledale, CO

carpetshark3 to Cartel

Premium Member

to Cartel
I had to read the URLS posted to see what caused it.

Yes, it's nasty, yes, it can be dangerous - but here's an article from techtimes that does say how you get it. The last paragraph says it is Chinese, and not in the Google store since China does not allow the Google store. Those that sideload APKs from all over are really at risk.

I prefer to see warnings from a couple of AV companies, not just one. Sounds like AVG is trying to panic people into using its AV and increasing sales. ESET has a mobile suite, so does Kaspersky. If AVE wants business, let them find/post an independent test site like others are posting for Superfish.

We have basic Android users on DSLR who just enjoy their phones. Why don't you just add the same caveats about downloading apps - only from reputable places like Play and Amazon?

You can't pull the battery in some of the newer phones. I have a Nexus 4, and it isn't really easy to do.