Android users 2.5 times more likely to see malware now

[Real2DaC0re]

Research carried out by mobile security firm Lookout suggests that mobile users with Android handsets are 2.5 times more likely to encounter malware now than they were just six months ago. The report said that mobile users have a 30 percent likelihood of clicking on a malicious link.

Of course, most malicious links and crafted pages target PCs and so are harmless even if a mobile user encounters them, but some do not discriminate based on operating system and will attack mobile browsers in use.
Phishing attacks also affect mobile users the same way as desktop users.

The report estimates that half a million people were affected by Android malware in the first half of 2011. In January, 80 apps were known to be infected with malware. That tally rose to 400 by June.

A problem now has also arisen when apps confirmed to be cleaned are updated to include malware. Two of the most prevalent Android threats are DroidDream and GGTracker. The latter is the first known threat designed to steal money from Android users in the U.S. by signing up for a premium text subscription service and costing the user between $10 and $50.

http://www.afterdawn.com/news/article.cfm/2011/08/04/android_users_2_5_times_more_likely_to_see_malware_now

 

[Jagi]

In just the first six months of 2011, the proportion of Malware targeting mobile devices has increased 14 percentage reports over spyware. The number of apps infected by malware has grown from 80 to 400 during this period. Almost all of them are Android apps.

One way people are able to sneak malware into apps is through a process called "repackaging." That means they modify existing apps to trick users into thinking they're the real thing.

This diagram shows how a legit app gets repackaged by a malicious developer and infects your device

Some apps use misleading disclosure to gain control of your phone. That means they use tiny print or even confusing languages, making it easy to agree to something you don't necessarily want.

Windows Phones don't seem to be affected by this trend

 

[Complex]

Apps make iPhone vulnerable to attack

LAS VEGAS (CNNMoney) -- Apple introduced an important security feature in the latest version of the iPhone's software, yet it is rarely used by third-party applications, leaving users vulnerable to a targeted attack.

The feature, known as address space layout randomization, or ASLR, randomizes key pieces of data in the iPhone, making it difficult for attackers to find where they're stored.

One component of ASLR, known as position-independent executable, or PIE, hides executable code that hackers can use to carry out attacks. When enabled, those tools can help protect the iPhone from being remotely exploited by a hacker.

All of the applications that come pre-installed on the iPhone running the latest software version, iOS 4.3, use both ASLR and PIE. But only the iPhone 3GS and iPhone 4 have access to iOS 4.3. In the U.S., the update is only available for AT&T (T, Fortune 500) customers and is not yet on Verizon's (VZ, Fortune 500) iPhones.

In fact, most third-party apps have poor data encryption, and they are rarely compiled with the security features that Apple (AAPL, Fortune 500) put in place, said Dino Dai Zovi, independent security consultant and notorious Apple hacker, at the Black Hat cybersecurity conference in Las Vegas on Wednesday.

"That's a pretty serious threat factor," he argued.

Without those features, a hacker could exploit an app's vulnerabilities and take over a phone when a user clicks on a malicious link.

Countries brace for The Code War

For instance, a click-happy user could tap on the wrong link in the Twitter or Facebook apps -- neither of which have PIE support -- and the user's iPhone could be taken over by a hacker.

Even with that vulnerability in place, it's not an easy process to take control of an iPhone. An iPhone attacker who finds a bug can't get very far without gaining access to the system administration or "root" of the device.

But in an iPhone, even root access does not give a hacker access to the core of the phone known as the kernel, which connects the software to the hardware. And even if an attacker has access to the kernel, that doesn't necessarily mean the hacker can access it for any application or even if the user reboots the iPhone.

"That's what makes jailbreaking apps so impressive, because it takes a lot more steps to attack an iPhone than a desktop," said Dai Zovi. "IOS is not perfect, but it makes the attacker work extra hard."

Still, those kind of hacks of the iPhone's system are possible, albeit technically challenging.

Exploiting third-party apps' vulnerabilities aren't the only way to attack an iPhone, Dai Zovi said. Hackers could make Apple think they're a trusted developer and send malicious apps over the air to a group of iPhones.

Apple uses certificates to verify a developer's credentials, even going as far as to identify the real person who published or authored a piece of software before an app makes it into the app store.

But corporate developers have the ability to bypass the app store and remotely send proprietary apps to iPhone users in their company. With a stolen corporate developer's certificate, an attacker could even distribute compromised apps over the air to unknowing victims and target those users for attack.

Dai Zovi also noted that corporate iPhone customers who use Microsoft (MSFT, Fortune 500) Exchange e-mail accounts could be at risk: The passwords for ActiveSync, a Microsoft tool that syncs data between the iPhone and a user's computer, are always made accessible so that IT departments can wipe a phone's memory if it's lost or stolen.

"It's a serious issue, making the iPhone less secure than you'd hope," said Dai Zovi.

He recommended that corporate security professionals wait for the next version of the iPhone's operating system before they allow for company-wide usage of the devices. To top of page

http://money.cnn.com/2011/08/04/technology/iphone_hack/index.htm?hpt=te_bn7

 

[Mo-Better]

Probably some shit some iphone user created.

 

[The Ghost of Steve Jobs]

Surprised? This is like claiming that prostitutes and drug junkies are 2.5 times as likely to be afflicted with HIV.

 

[divine]

Android OS is the malware.

 

[RoomService]

Surprised? This is like claiming that prostitutes and drug junkies are 2.5 times as likely to be afflicted with HIV.

Android OS is the malware.

 

[divine]

 

[PhillyTheKid]

So...by Jagi's diagram, if you only get your apps from the Android Market, you should be safe???

 

[fatsack1]

So...by Jagi's diagram, if you only get your apps from the Android Market, you should be safe???

pretty much......

 

[Non-StopJFK2TAB]

pretty much......

I don't trust Marketplace.

 

[UltimateLurker]

Apple fanboys