or Connect
TheCatSite.com › Forums › General Forums › Site Help › DroidDream Malware (rogue apps)
New Posts  All Forums:Forum Nav:

DroidDream Malware (rogue apps)

post #1 of 18
Thread Starter 
Lookout Mobile Security has published a list (scroll down) of the apps known to be affected.

Google yanks over 50 infected apps from Android Market


Quote:
All the apps were infected with the same malicious code, said Kevin Mahaffey, the CTO of Lookout, and came from three different publishers. The malware, dubbed "DreamDroid," lets attackers compromise Android smartphones, then connect them to a command-and-control server (C&C) which can issue orders to the devices.
...
Mahaffey confirmed that Google has yanked the 50-some apps from the Android Market, but said that as of late last night, the mobile OS maker had not pulled those apps from users' phones.
Like other mobile app distributors, such as Apple, Google has the ability to flip a switch that remotely removes questionable or malicious apps from all Android smartphones. Google has pulled the uninstall switch at least once before, in June 2010.
post #2 of 18
Thread Starter 
There's been an update - a Google fix.
post #3 of 18
post #4 of 18
Thread Starter 
Quote:
Originally Posted by -_aj_- View Post
That's the one I use, too. The free version is good, the premium even better.
post #5 of 18
I guess no one heard about some of the scanners having back doors in them? (old news)

You're better off not being stupid and installing questionable apps with even more questionable names - if anyone bothered to look up the pulled app lists you'd get what I mean.
post #6 of 18
Thread Starter 
People have been talking about this on the Android forums, and many of those who were affected had downloaded a scientific calculator, photo editor, task killer, guitar "player" or photo editor, not "Japanese girls", etc.. Many of the apps that malware was added to had been around for ages (in Android terms, that is) and gotten high ratings.

The problem is that a lot of people don't pay attention to the permissions they're supposed to grant before downloading.
post #7 of 18
Quote:
Originally Posted by jcat View Post
The problem is that a lot of people don't pay attention to the permissions they're supposed to grant before downloading.
Yes, that is the main problem. The other problem is that the apps are left on the market when Google had been notified of the problem and that people don't read all the user comments in which if there is even the slightest problem people will complain. (with upgrades rolling out one should always double check that since some apps aren't updated properly)

Another issue is that when someone clearly points out a problem people don't take it seriously... So many get caught up in getting the newest shiny thing because someone else recommended it and trust a scanner that may not be able to detect a backdoor or a "legitimate" but shady app. I foresee that type of social hacking as a future way of infecting phones that aren't locked into the app market (any non AT&T phone that isn't rooted) - and if not, someone is really missing the potential there. (note: this is how major hacking takes place on facebook and twitter)
post #8 of 18
Quote:
Originally Posted by -_aj_- View Post
Quote:
Originally Posted by jcat View Post
That's the one I use, too. The free version is good, the premium even better.
I had AVG on mine, but i've just changed it to that one
post #9 of 18
Have l read right?. I've just downloaded that app and it said it can access my SMS and MMS messages?!
post #10 of 18
yeah some of them can

im really careful what i down load now even system updates since the last one has screwed things up on mine watch out for updates on your apps to sometimes they change what they want access to
post #11 of 18
So are you ok with that "Lookout" on your phone reading your messages?.

I haven't got that many apps on my phone because i'm wary of them
post #12 of 18
Who do you use to download tunes onto your phone as well Ash?
post #13 of 18
I use tunee music to download and Susan at the moment i have no messages for it to read because my phone dumped them again im gettig sick of it doing that, i dont want to download an app to send texts when the facility to do it on the phone anyways, it has to scan messages to see if theres anything untoward in them AVG does to, i had a few that were flagged so it was kind of just as well
post #14 of 18
I think i'll go back to AVG because that's who l have on my laptop.

I tried tunee music but they didn't have a lot of the tunes that l was searching for, but GTunes is excellent!
post #15 of 18
I found everything i wanted on tunee tbh theres a few i couldnt by the particular artist i wanted but its done the trick
post #16 of 18
Quote:
Originally Posted by -_aj_- View Post
I found everything i wanted on tunee tbh
I'm older than you remember, so my era was the 70/80's
post #17 of 18
yes susan i know :P i have everything from the 60's up over
post #18 of 18
Thread Starter 
Quote:
Originally Posted by Rosiemac View Post
Have l read right?. I've just downloaded that app and it said it can access my SMS and MMS messages?!
Yep, in order to scan the MMS.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Site Help
TheCatSite.com › Forums › General Forums › Site Help › DroidDream Malware (rogue apps)