wisebabo writes “A wallpaper utility (that presents purloined copyrighted material) ‘quietly collects personal information such as SIM card numbers, text messages, subscriber identification, and voicemail passwords. The data is then sent to www.imnet.us, a site that hails from Shenzen, China.’”
Read more of this story at Slashdot.
alphadogg writes “Hoping to understand what a new generation of mobile malware could resemble, security researchers will demonstrate a malicious ‘rootkit’ program they’ve written for Google’s Android phone next month at the Defcon hacking conference in Las Vegas. Once it’s installed on the Android phone, the rootkit can be activated via a phone call or SMS message, giving attackers a stealthy and hard-to-detect tool for siphoning data from the phone or misdirecting the user. ‘You call the phone, the phone doesn’t ring, and when the phone realizes that it’s being called by an attacker’s phone number, it sends him back a shell [program],’ said Christian Papathanasiou, a security consultant with Chicago’s Trustwave, the company that did the research.”
Read more of this story at Slashdot.
Security researchers at Kaspersky Lab announced the first malware for the Android operating system to be classified as a Trojan-SMS, the most widespread type of malware on mobile phones.
The malware is disguised as a media player application with the standard Android .APK file extension. When the 13KB file is installed, the mobile device will start to send SMS messages to premium numbers which incur charges on the user’s account.
Because Android is growing at such an explosive rate, and users are storing an increasing amount of important data on their mobile phones, the platform is an attractive one for renegade application makers.
“We can expect to see a corresponding rise in the amount of malware targeting [Android],” Denis Maslennikov, Mobile Research Group Manager at Kaspersky Lab said in a blog posting Monday. “Kaspersky Lab is actively developing technologies and solutions to protect this operating system and plans to release Kaspersky Mobile Security for Android in early 2011.”
The company has profiled the malware as “Trojan-SMS.AndroidOS.FakePlayer.a”
siliconbits writes “A Trojan posing as a media player for Android smartphones automatically sends text messages to premium rate numbers, according to Kaspersky Lab. Company officials say the Trojan, dubbed Trojan-SMS.AndroidOS.FakePlayer.a, is the first of its kind for the Android platform, even though SMS Trojans are currently the most widespread type of malware on mobile phones.”
Read more of this story at Slashdot.
tomhudson writes “Despite all the hype about Apple’s latest iPhone, Android has sold more in the last 6 months (27% of all smartphone sales) than Apple (23%). The gains for Android are coming at the expense of RIM (still #1 at 33%, down from 45% a year ago), Windows Mobile (11%, down from 20%) and the iPhone (down from 34% at it’s peak 6 months ago). If the current trend continues, Android is expected to be #1 within the year.”
Read more of this story at Slashdot.
WrongSizeGlass writes “CNet is reporting that a fifth of Android apps expose private data. The Android market threat report details the security issues uncovered. Dozens of apps were found to have the same type of access to sensitive information as known spyware does, including access to the content of e-mails and text messages, phone call information, and device location. 5% of the apps were found to have the ability to make calls, and 2% can send text messages, without the mobile user doing anything.”
Read more of this story at Slashdot.
An anonymous reader writes “Forbes is reporting that Moxie Marlinspike and Stuart Anderson’s startup, Whisper Systems, has released a public beta of two Android applications that provide encrypted call and SMS capabilities for your Android phone. In the wake of recent GSM attacks, it’ll be interesting to see if smartphones end up providing a platform that fundamentally changes the security we can expect from mobile communication.”
Read more of this story at Slashdot.
anethema writes “iPhone hacker planetbeing, from the iPhone Dev Team, has successfully ported the Android OS over to the iPhone. He is doing it on a first-generation iPhone, but others may be possible. The port is pretty functional, with data, voice, and many apps working, although it is running a bit sluggish and buggy at the moment. There appears to be much work left.”
Read more of this story at Slashdot.
snydeq writes “Galen Gruman writes about the dark side of the recent flood of Android smartphones: versions run amok. ‘That flood of options should be a good thing — but it’s not. In fact, it’s a self-destruction derby in action, as phones come out with different versions of the Android OS, with no clear upgrade strategy for either the operating system or the applications users have installed, and with inconsistent deployment of core features. In short, the Android platform is turning out not to be a platform at all, but merely a starting point for a universe of incompatible devices,’ Gruman writes. ‘This mess leaves developers and users in an unstable position, as each new Android device adds another variation and compatibility question.’ In the end, Google’s naive approach to open sourcing Android may in fact be precipitating this free-for-all — one that might ultimately turn off both end-users and developers alike.”
As reader donberryman points out, you can even put Android onto some Windows Mobile phones, now.
Read more of this story at Slashdot.
Glyn Moody writes “Two years after its launch, Google’s Linux-based Android platform is finally making its presence felt in the world of smartphones. Around 20,000 apps have been written for it. Although well behind the iPhone’s tally, that’s significantly more than just a few months ago. But there’s a problem: few of these Android apps are free software. Instead, we seem to be witnessing the birth of a new hybrid stack — open source underneath, and proprietary on top. If, as many believe, mobile phones will become the main computing platform for most of the world, that could be a big problem for the health of the free software ecosystem. So what, if anything, should the community be doing about it?”
Read more of this story at Slashdot.
