Forgot your password?
typodupeerror
Android Google Technology

Fake Antivirus Scams Spread To Android 236

Posted by timothy
from the spreading-the-joy dept.
SharkLaser writes "Fake antivirus scams have plagued Windows and Mac OS X during the last couple of years. Now it seems like such scams have spread to Android. Fake antivirus scams on Android work the same as they do on PC's — a user with an Android phone downloads an application or visits a website that says that the user's device is infected with malware. It will then show a fake scan of the system and return hard-coded 'positives' and gives the option the option to buy antivirus software that will 'remove' the malware on the affected system. Android, which is based on Linux, has been plagued with malware earlier too. According to McAfee, almost all new mobile malware now targets Android. Android app stores, including the official one from Google, has also been hosting hundreds of trojan applications that send premium rate SMSes on behalf of unsuspecting users."
This discussion has been archived. No new comments can be posted.

Fake Antivirus Scams Spread To Android

Comments Filter:
  • by bonch (38532) * on Sunday January 01, 2012 @05:42PM (#38558522)

    I always believed that the day antivirus software becomes a universally accepted requirement the way it is on Windows is the day the platform has failed and missed the whole point of mobile operating systems. The point is to get away from the big mess of the desktop--the constant maintenance, driver updates, antivirus updates, defragmenters, and other utilities. Mobile operating systems are an opportunity to use a computer just to get things done, not to maintain the computer. That's what was so refreshing about the experience of the using the iPad and why it was such a surprise success to everyone including me.

    • by Luckyo (1726890)

      You can give person freedom, and he may kill himself by being stupid.
      You can put the person in a straightacket into a padded room and not be as worried.

      Or you can find middle ground rather then painting everything black and white.

    • by stephanruby (542433) on Sunday January 01, 2012 @07:44PM (#38559362)

      I always believed that the day antivirus software becomes a universally accepted requirement the way it is on Windows...

      That day occurred when Outlook would run malicious scripts by default found in received email messages, that had access to the entire OS/hard drive, without any needed user intervention.

      For Android, I'm not sure that day has arrived yet, the article is derived from the press release of an antivirus company. Of course, it's going to imply that you absolutely need to buy *their* product (instead of using a little bit of street sense).

      Now never mind that Google already has the capability of uninstalling malware from Android that was previously downloaded from their Market (or that you can already download a "Kid Mode" launcher to prevent your kids from installing anything, or just press a button to reset your phone to wipe everything and restore it to its factory settings). Does McAfee think it can act much faster than google in identifying and removing malware? Personally, I doubt that. And never mind that an Android user actually has to locate and tick the checkbox for installing apps from unknown sources (which AT&T doesn't let you do anyway), and then has to accept the permissions to install the application in the first place.

      It's not like on the iPhone/iPad where you just need to go to a web page with some jpeg image on it and then your iDevice is magically rooted, and then the iPhone user is free to install any type of malware he wants (McAfee or no McAfee). That's one of the reasons that the McAfee anti-virus software on iOS is even more useless on iOS than on Android, since it can't run in the background and it can't even be scheduled to run at different times. On iOS, it couldn't prevent you from going to a malicious site even if it wanted to.

    • Oblig xkcd reference: Voting Machines

      http://xkcd.com/463/ [xkcd.com]
    • The point is to get away from the big mess of the desktop--the constant maintenance, driver updates, antivirus updates, defragmenters, and other utilities.

      i don't get it. hardly anyone does any of those things today. there's no maintenance needed unless its a hardware failure. driver updates happen automatically, antivirus updates happen automatically, defragger runs automatically. this is true for both windows and osx. personally, i find that ios dumbs it down too much, restricting the usefulness of my device. for example, you simply can't use the swype keyboard on an iphone.

    • by w0mprat (1317953) on Sunday January 01, 2012 @11:43PM (#38560614)
      Before anyone claims iOS is "secure" and free from malware, Chris Miller, a security researcher managed to get a malicious app APPROVED by Apple, then go on to demonstrate it taking over a phone. IMHO Apples process helps but, actually lulls users into a false sense of security, which undoes some of the benefits. Security has always been 90% a user education problem. Apples actually made some of that worse.

      (Nevermind that objective-C is an obscure language and Apple just could feasibly review every single line of code. It's not logistically possible.)

      Android has a pretty sophisticated security model, compared to anything running the desktop space. Actual root never needs to be given up for a huge range of modifications to the system. There's policy based access so users can see and restricted what apps will have access to. Apps also run in their own userid and can be restricted from accessing the users data. Brilliant stuff.

      So if the platform has malware on it, and it's the most secure thing out there in the mainstream... then what is wrong?

      Due to it's popularity Android is a juicy target for the malware ecosystem, and like natural ecosystems, it'll adapt to any hardened defenses if there's nourishment to be had. Google was silly to not fully anticipate this.

      For now there is no actual need for anti-virus anti-malware tools on Android for most users. But as always, the problem is a user education problem.
  • Walled gardens.. (Score:4, Interesting)

    by wbr1 (2538558) on Sunday January 01, 2012 @05:47PM (#38558554)
    I hate a fucking walled garden as much as the next guy, but this type of shit is why users will stay with one. Not that a walled garden can't be hijacked, hacked, or otherwise messed with, but by and large it is a cleaner place to be. It is a win-win, both or users who can't, won't, or are too dumb to be bothered with learning a little software/hardware safety, and with corporations who thrive on control and stifling competition.
    • by buchner.johannes (1139593) on Sunday January 01, 2012 @05:57PM (#38558616) Homepage Journal

      I hate a fucking walled garden as much as the next guy, but this type of shit is why users will stay with one. Not that a walled garden can't be hijacked, hacked, or otherwise messed with, but by and large it is a cleaner place to be. It is a win-win, both or users who can't, won't, or are too dumb to be bothered with learning a little software/hardware safety, and with corporations who thrive on control and stifling competition.

      You can have a "walled garden" for users (some Android companies have their Appstores), yet still allow people to leave on their own risk. It's not mutually exclusive.
      For instance you can install packages from repos in Linux, yet you can also download and install source packages with {./configure&&make&&make install;} if you don't mind the risk of screwing up your system. There is no need to lock out users from their phones.

      Maybe you didn't mean "walled gardens" but cared-for repos anyway.

      • You can have a "walled garden" for users (some Android companies have their Appstores), yet still allow people to leave on their own risk.

        If anyone can step over it, it's not a wall.

        You seem to imply that any Android app store is a walled garden. An App Store is not what makes a wall, the wall is not only what lets applications into a collection of apps but the reach they have beyond once they get in.

        Curated collections alone are not enough, you need to also have many layers of system security to bring any

    • I hate a ... walled garden as much as the next guy...

      I really wish that the "walled garden" metaphor would die.
      A walled garden, in the horticultural sense, provides no restriction to the freedoms of those wishing to enjoy it. It merely protects the garden from the elements. Is that really what you had in mind?
      I know that the phrase is being widely misused in technology circles, but we can rise above that, can't we?

      • The kilo, mega, giga etc terms have been misused for decades by the tech industry to (usually) mean 2^10, 2^20 etc instead of 10^3, 10^6, etc. Marketing only recently started reversing this to "correct" base-10 usage, as a means of delivering less capacity than technical people expect from hard drives and other storage systems.

        Good luck getting tech people to use "walled garden" correctly.

  • The reason iOS devices don't need anti-malware solutions is because all of the programs that run on that platform are from a secure and curated Apple App Store. Google's "anybody can open an app store" policy means Google can't killbit programs it doesn't like, while Apple can killbit anything it wants even after the fact. Bait-and-switch programs only exist on platforms where there's no control in what can be published.

    • Re: (Score:2, Insightful)

      by Andraax (87926)

      The reason iOS devices don't need anti-malware solutions is because all of the programs that run on that platform are from a secure and curated Apple App Store.

      You know, we can make all computer systems secure by forcing people to only get software that has been screened by the government. And we can eliminate all sources of terrorist communication by forcing all telephone calls, email, letters, etc, to go through government "approval" censors. And we can eliminate fraud in the banking system by only allowing transactions that are pre-approved by the government. And we can improve car safety by only allowing people to buy cars supplied by the government.

      And I woul

      • You know, we can make all computer systems secure by forcing people to only get software that has been screened by the government.

        You mean like an App TSA?

        Yeah THAT would sure be a great idea.

        No, the reason why Apple's security works is not JUST the app screening. It's defense in depth - app screening, sandboxing (prevention of hidden SMS), disallowing externally loaded apps without jailbreaking.

        Also the real reason the screening does anything at all is not because Apple is so great at screening for secur

  • I am currently helping a family friend who's windows 7 laptop is loaded with cruft. He used my wifi a few months ago and I noticed it was exchanging UDP packets with various ADSL lines around the world. I advised him to reinstall it then but he pointed to all the shields on IE and insisted that they meant it was secure. So now his web browsers refuse to work at all. He doesn't have his installation disk here. It has to be sent from Malaysia. I hope his family are sending him the actual disk which came with

    • The implication of this article is that the same mess is going to start happening with phones and tablets,

      No.

      The implication is this IS happening on Android phones and tablets. not just any "phones and tablets". WP7 and IOS both have enough controls in place that average users will not be affected much at all by viruses, for all sorts of reasons.

      Android has made it too easy for average non-technical users to download apps from anywhere, for those apps to fundamentally change the system in ways the user ma

  • by symbolset (646467) * on Sunday January 01, 2012 @06:05PM (#38558660) Journal
    I had hoped being owned by Intel would class up their act. Apparently not. Doubtless they sell a cure for this "threat".
    • by Smurf (7981)

      The only reference to McAfee in TFS is this: "According to McAfee, almost all new mobile malware now targets Android." It also contains the only link o a FA that mentions McAfee.

      Thus I deduce that in you opinion, the fact that McAfee made such an assertion is a classless act. That means that you think that McAfee is either lying or bending the truth to suit them best. Or, in other words, you have data than contradicts the last graph of TFA [techcrunch.com] (i.e., the bar plot showing the distribution of malware among mobile [wordpress.com]

  • According to McAfee, Apple hasn't yet let us sell our "anti virus" app for iOS so we're saying you should buy the Android one.
  • Still going on (Score:5, Insightful)

    by Pop69 (700500) <billy@benart y . co.uk> on Sunday January 01, 2012 @06:25PM (#38558784) Homepage
    The weekly/monthly stories that try to implant into peoples minds.

    Android = Linux = Malware

    Users are stupid whatever OS/Hardware they use, they will click on shit like this just because it pops up and they've never bothered to educate themselves about what it really means.
    • And is quite effective.

    • by gstrickler (920733) on Sunday January 01, 2012 @08:00PM (#38559470)

      And that's why "walled gardens" are safer for the vast majority of users.

      • Except that "walled gardens" are the infection vector in this case. It would be safer if people didn't download software from those weed infested cesspits and used Free software instead.
        • by Telvin_3d (855514)

          And where would they get the free software? I know... how about a central repository that contains a large searchable selection of software?

          Any application platform where the users are expected to audit the software has failed on a fundamental level. It's like a car company that expects their customers to mill their own replacement parts. Yes, technically possible and some people have the skills, but it has missed the point so completely that it's not even wrong.

        • Wrong, these sites aren't "walled" in any way. Get an account, upload software. No validation of the account owner or the software.

    • by frank_adrian314159 (469671) on Sunday January 01, 2012 @09:37PM (#38560048) Homepage

      ... they will click on shit like this just because it pops up and they've never bothered to educate themselves...

      We have decades of observed behavior showing that users will not "educate themselves". As such, any consumer-facing system that requires users to "educate themselves" is de facto broken and, frankly, poorly designed.

  • by chrb (1083577) on Sunday January 01, 2012 @06:27PM (#38558792)

    "Number of new fake malware" is not that same as "number of malware infections". With the right tool you can generate an infinite number of malware variants. The statistic from McAfee includes every single individual file that contains some malware - this is like saying that, for an old school virus that infects .exe files on Windows, that every single infection counts as a different "unique malware instance". And if one of these is uploaded to an app store - even an app store that nobody uses, even for a "unique malware instance" that nobody ever installs - then it gets counted by McAfee. The equivalent in the iPhone world would be counting all malware in every random Cydia repository on the web. Obviously there is a big difference between a random repository on the web, and something being distributed by the official repository.

    What would actually be useful is to know the number of malware instances that have made it on to app stores that people actually use (eg the official one), how many people installed them, and how long it was before the app was removed. But obviously this number would be much lower, and so generate far fewer page hits.

    • by jo_ham (604554)

      What would actually be useful is to know the number of malware instances that have made it on to app stores that people actually use (eg the official one), how many people installed them, and how long it was before the app was removed. But obviously this number would be much lower, and so generate far fewer page hits.

      So, wait... the supposed major benefit of Android over iOS, that you can go outside the main app store, is something that no one actually uses?

      Or is this just true when its negative features are brought into the spotlight?

      • by oakgrove (845019)
        The major benefit of Android over iphone is there is an Android phone on your carrier at the price you want to pay. But don't let something like the truth get in the way of a gois okd fashion platform bash...oh, you didn't!
        • by jo_ham (604554)

          What if I don't want to pay for shit?

          There are Android phones on all the carriers here too, along with iPhones - the ones that are as good as iPhones (and don;t get me wrong, there are some excellent Android handsets) cost about the same, but if you want to tout the really horrible Android handsets that cost a lot less because they're just shoddy and awful (and I've seen a fair few of them - my housemate owns one and curses it daily), then go right ahead. I personally think those really shitty Android hands

      • by chrb (1083577)

        the supposed major benefit of Android over iOS, that you can go outside the main app store, is something that no one actually uses?

        Power users (read "geeks") use it. Most of them will be using internal corporate repository, development repo, or some other trusted source like the Amazon app store. As far as I can see, the majority of "normal" users have no desire for any of those things, they mostly just want to run Facebook, Ebay, and Angry Birds, so all they need is the official app store. There may be some significant exceptions though: apps which aren't allowed on the official app store (like N64 emulators), and pirated apps; both o

        • by jo_ham (604554)

          The negative feature of being free to choose to install whatever software I choose on a device that I own? Yes, with freedom comes risk, but I would rather be free to make a mistake than not.

          Og absolutely - I have no issue with that position, my point was that this freedom is touted as a major benefit of Android (it is), but then as soon as any negative aspect of it is brought up - like this malware situation - suddenly the argument is "oh, well no one uses the non-official marketplace stores" - you can't have your cake and eat it, either people use them to great effect, or they're hardly a major benefit of the platform. If it's only a niche benefit in use by a tiny minority of users, then why

    • by thegarbz (1787294)

      The installed point is a good one.

      All Android phones I've heard of has the "Unknown Sources" option disabled by default which will block people from using their non-official app store or simply installing the apk. There are good reasons to uncheck this option, but I'm willing to bet that most commonly the people who do uncheck these are also the kind of power users who don't fall for malware which relies on the stupidity of users.

      I don't see this malware spreading too quickly unless it finds its way into an

  • by erroneus (253617) on Sunday January 01, 2012 @06:42PM (#38558882) Homepage

    Nah, not really... but I couldn't think of a better title.

    Put something nice in the hands of the ignorant, and they will muck them up. It's what they always do. What's more, you let the greedy carriers and manufacturers decide when and how you can get updates and fixes, you'll find they won't be coming to your rescue.

    I hate to say it since I'm an Android user myself, but these things have the advantages of a PC in that you can get any software you want onto these things. But they have an incredible weakness in that users can't casually "reload" the machine to clean them up.

    I think it's time Android makers came up with a way for users to wipe and reload their devices as an alternative to processor and battery sucking anti-malware. We know they won't though... that'd open the doors to an even more fiendish group of people -- the firmware hackers!! If they leave things unlocked too much, they will lose a few bucks from people removing the bloatware from their phones and enabling features the carriers were careful to disable.

    • This is indeed a sign that Android has arrived. The malware authors are just going where the money is.

      that'd open the doors to an even more fiendish group of people -- the firmware hackers!!

      This is quite plausible. With my phone, the Epic 4G, a local root exploit was available for use for at least 6 months before they finally released the phone's Gingerbread update recently. While it was useful as a one-click-root solution, it could have also been useful as a tool for malware authors to embed their crap into the ROM.

      Now, with the Gingerbread ROMS, new kernel exploits are already being discove

      • Malware authors are going after the low hanging fruit. The big money has been iPhone users for several years, but no bona fide malware has managed to monetize them successfully so far.

    • by arkhan_jg (618674)

      You know you can factory reset android from right in the system settings, which will leave your data on the internal sdcard, but wipe all apps and settings? Then you just re-add your google account, which pulls back in contacts, calendar and email, then reinstall your wanted apps via the market.

      There are backup apps to shorten this process if you're in the habit of flashing new custom roms, but it's still pretty quick even without them.

      If they leave things unlocked too much, they will lose a few bucks from

  • lucky for me three of my android devices use wifi and 3g indirectly, but it seems the premium sms trojans are wrappers for popular paid applications.

    So by applying a bit of common sense they are easy to avoid. For example Angrybirds is made and sold by Rovio so anyone selling Angrybirds who isn't Rovio is almost certainly untrustworthy and probably a good reason to flag the seller to Google.

    cut the rope is by ZeptoLab and not by Lagostrod or Miriada so it's obvious the later two stink.

    you can never be 100%

  • the weekly A/V scam (Score:5, Interesting)

    by Fuzi719 (1107665) on Sunday January 01, 2012 @07:28PM (#38559242)
    It seems every week there is another "Oh Nos! Android is infested with malware!" article extolling the virtues of Apple and claiming all Android phones MUST install some A/V app or else your hair is going to fall out, your dog will get pregnant and your lawn will turn brown. Every one of these articles can be traced back to one of the major A/V vendors (who just happen to have a convenient Android A/V app for sale) or Apple. It is all FUD and BULLSH*T. Are there malware out there for Android? Yes. Is it widespread in the US? No. I've worked with Android phones for years, work with several administrators in corporate environments who service hundreds of Android phones, know dozens of friends with Android phones. I have NEVER encountered a single bit of malware. Not once. The few bits of malware that have gotten into the system in the US were quickly taken care of by Google. Tell me, have any of you EVER seen this "widespread malware" out in the field?
  • Get a real anti-virus app for Android like Lookout, and it won't ever happen to you.

    • If you truly have to run anti-virus on your phone, that is pathetic.

      Fortunately we aren't to that point yet. With Android you can still be ok if you're a little careful.
    • It doesn't actually do anything that reading permissions when you install apps won't do better. Except drain your battery.

There are running jobs. Why don't you go chase them?

Working...