By Darren Smith, Weekend Contributor
According to anti-virus and security provider G Data, over one million malware samples have been detected on several Chinese made mobile devices and smart phones. The company does not believe the malicious software was installed by manufacturers of the phones, but rather middlemen entities who distribute or sell the devices on a wholesale basis.
Part of the reason for this stems from unscrupulous middlemen wanting to earn additional revenue beyond wholesaling. They instead install the Android malware for a fee or they derive revenue from spyware providing individual information on the phones’ usage which can be sold to others wishing to retrieve it for other uses. It can also serve unwanted adware to the user. The potential for data breaches affecting government, corporate, and individual users is worrying
The malware most often hides itself during installation of the operating system and is therefore unseen by the user. One in particular is Android.Monitor.Gsyn.B which mimics a Google Drive App. Some of the abilities of this application include: listening to the user via the microphone; copying images or sending them; listening to telephone conversations; sending or monitoring SMS; disabling antivirus software; etc.
G Data also notes that the quality of some of these malwares is poor and can generate security holes in itself, leading to hackers being able to access the device with elevated privileges.
Further information, including the reported models affected, can be read via the G Data Mobile Malware Report. (PDF)
By Darren Smith
Source:
The views expressed in this posting are the author’s alone and not those of the blog, the host, or other weekend bloggers. As an open forum, weekend bloggers post independently without pre-approval or review. Content and any displays or art are solely their decision and responsibility.
Chances are slightly less the Chinese hack Obama, I am giving it 25/75.
There have been warnings on attacks on Andoid and iPhones for some time. We know the Chinese are doing a lot of hacking. They used to have one 5-story building for hackers, now they have two. I would say the chances are 50/50 they hacked Hillary’s phone.
Fogdog
My first wife was Norwegian. Back before they got rich off of the North Sea oil they had a very high standard of living with all the bells and whistles but they didn’t consume at the rate of the more capitalistic countries. They had better TVs, better stereos, better cars and these things cost more. But because they were better they kept them twice as long, therefore in the long run they cost less, or equal to the rest of the Western consumers.
The way they obtained TVs that had 500 lines of resolution instead of the 200 found in US TVs and stereos that didn’t break down was to order the parts made specifically for them from Japan-this was in the 70s when China did not exist as it does to day. They ordered the parts made to their specifications and assembled the products in Norway by Norwegians to their standards, standards higher than those of Japan.
I always thought this is where the US went off the beam. Pay a little more for better stuff, that lasts longer, made in America. The economy and everything else will benefit from higher wages and greater employment. This is where the middle class has eroded. We have gotten used to a garbage in-garbage out lifestyle.
It must make lives easier to assume that all the “bad” guys are from China, Russia, Nigeria, etc. They aren’t. Some “bad” guys work in US spy agencies. You can’t keep out the bad actors because anyone can be a bad actor. Same as you can’t restrict guns to those who pass background checks because anyone can become mentally ill or angry to the point of murder. As long as we have electronic communications, we will have those who use them to scam others.
We need a comprehensive and bold block to this kind of malware from wherever it originates. The U.S. high tech industry needs to take the lead on this and fast. I’d support a very active leadership role by the U.S. military and national security agencies. With regard to China, the White House is preparing to slap sanctions on Chinese companies connected to cyber theft of U.S. intellectual property in advance of the first state visit of Chinese president Xi Jinping to America. Why not tackle the malware problem at the same time?
One approach to assembly of mobile devices and smart phones might be a requirement that parts be sent ot the U.S. for inspection, testing and assembly in the U.S. In other words, no assembly outside the U.S. The crooks need to be cut out and shut out.
That’s my two cents.
By the way, Darren, if you could help me communicate to Turley that my posts mostly don’t go through. I’ve even tried being cordial, not nice, but cordial.
It is hard to get through the armour and remove the chink. Do not buy chink phones.
It kind of goes with the territory. The internet, users, and pretty much all elements of the tech industry do not want government involved beyond a certain degree. This leaves a wonderful grass roots free for all of business and general interface but allows the low lives that survive off of extortion and generally make lives more complicated.
If you restrict yourself to the use of the internet you won’t get nailed by a virus that you have to pay to get removed. If you go looking for free movies instead of paying for them, you take your chances. The answer lies, of course, in innovation and competition. I typically get nailed with a virus when trying to download a movie instead of paying for it but with apple, you just turn off the computer, wait, and somehow the apple takes care of it.
So, govern yourself or allow government to do it. In some cases we need government. In others, like the internet and this technology, we don’t so much. The next big billion dollar start up will be from a firm that can identify and nullify the guys in Nigeria, Russia, and elsewhere trolling the internet.
Could you imagine the horrific repercussions of police agencies across the US using this breach to collect its own data from cell phone hacking/tracking?