Engadget

More malware in the Android Market: Google removes 26 deleterious app doppelgangers

Michael Gorman — Wed, 01 Jun 2011 18:19:00 EST

Ideally, we'd do our smartphone software shopping free from the specter of malicious apps masquerading as useful ones. This past weekend, however, 26 apps in the Android Market were discovered to be packing pernicious code called Droid Dream Light. Apparently, the dastardly devs who made the malware took existing apps and modified them to send details (including IMEI and IMSI info) about the infected handset to a remote server upon receiving a call. The code can also download and cue new package installations, but it needs user approval to do so. Google promptly pulled the offending apps, but their appearance serves as another reminder to be careful when downloading software on your smartphone -- prudence demands minding your app permissions, lest your little green bot start stealing your personal info.

More malware in the Android Market: Google removes 26 deleterious app doppelgangers originally appeared on Engadget on Wed, 01 Jun 2011 18:19:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Creeper, the first computer virus, is 40 years young today

Joseph L. Flatley — Thu, 17 Mar 2011 19:34:00 EST

Forty years ago today is considered by many to be the birthday of the first computer virus. Of course, in the early 1970s they weren't called computer viruses, but that doesn't make Bob Thomas's handiwork any less special. Creeper (named after a character in the old Scooby Doo cartoons) spread from BBN Technologies' DEC PDP-10 through Arpanet, displaying the message: "I'm the creeper, catch me if you can!" and messing with people's printers. One notable difference between this and the majority of viruses was the fact that it deleted old versions as it replicated itself. Incidentally, that would make 2011 the fortieth anniversary of the first antivirus software: called, appropriately enough, Reaper.

Creeper, the first computer virus, is 40 years young today originally appeared on Engadget on Thu, 17 Mar 2011 19:34:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Google spikes 21 malicious apps with big download counts from the Market (update: Android 2.2.2 and up are immune)

Chris Ziegler — Wed, 02 Mar 2011 06:48:00 EST

We're sure that the debate of a carefully controlled and curated environment like Apple's App Store versus a free-for-all like the Android Market will rage on for years to come, but here's something to chew on: Google just removed some 21 apps from the Market in the last day from a publisher going by Myournet for doing all sorts of naughty things to your device. Offenses include attempting to root your phone, uploading phone information (including IMEI) to who-knows-where, and -- most egregiously -- adding a backdoor that allows additional code to be pulled down and executed.

At least some of the apps are pirated versions of existing apps that have been re-uploaded at zero cost to the user, which makes them appealing... and the trick apparently works quite well, because the 21 managed to clock over 50,000 downloads before getting taken down. This isn't the first time malicious apps have shown up on smartphones -- far from it -- but it's probably the highest-profile case of a first-party app store being infiltrated by really bad stuff. If there's a silver lining, it's that Google was extraordinarily quick to respond once Android Police reported the situation -- the site says it took less than five minutes from the time they reached out to the time the apps actually went offline. Still, that's little consolation if you've already installed your "free" copy of Super History Eraser. Hit the source links for the full list of pulled apps.

Update: Android Central points out that the type of root exploit used in these apps was patched in Android 2.2.2 and up, so Nexus One and Nexus S owners should be fine; everyone else is left out in the cold, though, thanks to the vexing third-party update lag. Thanks, Z!

Google spikes 21 malicious apps with big download counts from the Market (update: Android 2.2.2 and up are immune) originally appeared on Engadget on Wed, 02 Mar 2011 06:48:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Nokia shareholders and unions fight back against Microkia

Thomas Ricker — Wed, 16 Feb 2011 05:02:00 EST

Nokia shareholders are not very happy right now with NOK taking a 25 percent hit since the announcement of the Microsoft marriage. Stephen Elop, Nokia's first foreign-born CEO, is taking heat on multiple fronts even as he prostrates himself to the media in hopes of getting his message out. Already, we've heard numerous conspiracies calling Elop a "trojan horse," sent by Steve Ballmer to sabotage Nokia from within. Conspiraloons are quick to point to records showing Elop holding a significant number of Microsoft shares -- a situation that Elop says is temporary (and outdated) having already sold a majority of his Microsoft position with plans to sell off the rest in favor of Nokia stock just as soon as he's free to do so under regulatory moratoriums meant to prevent insider trading. Nevertheless, Nokia will be facing at least two very real showdowns on its near-term horizon.

First, will be a battle with the Finnish trade union Pro which is demanding €100,000 (in addition to severance payments) for every Nokia employee that loses their job under Elop's new strategy -- money the unions says will be used for reeducation. The union estimates that Nokia could cut as many as 25% (5,000 people) of Nokia's 20,000 workers located in Finland. The second major hurdle facing Elop, and the board of directors that appointed him, will come at Nokia's Annual General Meeting for shareholders. Already, a cabal of nine frustrated shareholders have been grabbing attention with its "Nokia Plan B" proposal to oust Stephen Elop and return Nokia to a MeeGo focus giving Symbian a five-year minimum reprieve. The group has since disbanded after its plan was rejected by institutional investors. Nevertheless, we don't expect Symbian / MeeGo fans and developers to give up without a fight, and we expect Helsinki Fair Centre's Amfi Hall to be center-ring when the event kicks off on May 3rd in Helsinki.

Nokia shareholders and unions fight back against Microkia originally appeared on Engadget on Wed, 16 Feb 2011 05:02:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Xbox 360 mandatory update restores boot to disc, detains Call of Duty pirates for a tad

Sean Hollister — Wed, 19 Jan 2011 20:33:00 EST

The story of the Trojan Horse must be a favorite among video game console manufacturers, because software updates these days often come with more than bargained for -- today, Microsoft issued a mandatory Xbox 360 update, reportedly for a single bugfix, but which seems to have coincidentally halted scores of pirates and hackers from playing Call of Duty: Black Ops and Modern Warfare 2 on the console. Members of the Xbox-Scene forums noted the update was taking suspiciously long to download, discovered that backup copies of these games ceased to work, and presently believe that Microsoft included a patch for these two games to enable an anti-piracy feature that specifically targets burned copies. What does the mandatory update do for you if you're not part of the hacking scene? It merely enables the console to automatically boot a pre-inserted game when you power it on, a feature that was accidentally disabled in November.

[Thanks, Brian]

Xbox 360 mandatory update restores boot to disc, detains Call of Duty pirates for a tad originally appeared on Engadget on Wed, 19 Jan 2011 20:33:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

iWork '09 trojan infects at least 20,000 machines?

Joseph L. Flatley — Thu, 22 Jan 2009 17:14:00 EST

Quite a number of no-goodniks who thought they'd save a few bucks by downloading a pirated version of iWork '09 have gotten more than they'd bargained for -- in the form of a Trojan Horse called OSX.Trojan.iServices.A. This guy installs itself in the computer's startup as root, and once in place it can connect to a remote server and broadcast its location, allowing malicious users to take charge of the machine remotely. And since it has root access to the OS, the trojan can not only install additional components but can also modify existing apps, making this thing extremely difficult to remove. According to a white paper released by Intego, at least 20,000 people may have downloaded the infected software -- which they'll get around to installing as soon as they finish those episodes of Celebrity Rehab they grabbed at the same time.

[Via Macworld]

Filed under: Desktops, Laptops

iWork '09 trojan infects at least 20,000 machines? originally appeared on Engadget on Thu, 22 Jan 2009 17:14:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Insignia photo frame virus much nastier than originally thought

Nilay Patel — Fri, 15 Feb 2008 19:24:00 EST

Ugh, we were already sick of digital photo frames -- and now it looks those now-discontinued virus-ridden Insignia units from Best Buy and several other models produced in China were carrying a much nastier trojan that we'd originally heard. According to an analyst form Computer Associates, the trojan, called Mocmex, is able to block more than 100 types of security and anti-virus software from killing it, and bypasses the Windows firewall to download files from remote locations, spreading them randomly over your hard drive and any portable storage device you plug into your PC -- like, for example, a digital photo frame. The trojan is apparently set to only steal gaming passwords at present, but CA says it's capable of stealing nearly any information on your machine, and thinks it might be a test for a much worse virus yet to come. Infected frames have come from Sam's Club, Target and Costco, in addition to Best Buy, so we'd say to avoid picking one up until this mess gets sorted out -- or, you know, forever.

Filed under: Displays

Insignia photo frame virus much nastier than originally thought originally appeared on Engadget on Fri, 15 Feb 2008 19:24:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

TomTom fesses up to Trojan infection in GO 910 navigation units

Paul Miller — Mon, 29 Jan 2007 08:12:00 EST

If you've recently plunked down $599-ish for a TomTom GO 910 portable GPS device, but decided to hop onto the interwebs real quick just before you plug that sucker in (yeah, we know, the odds are low), then it looks like it's your lucky day. Apparently the Netherlands-based TomTom just admitted to a UK security journalist that the TomTom GO 910s that were produced between September and November of 2006 have been shipping with a couple Trojans -- similar to Apple's little RavMonE.exe debacle last year. But not to worry: "The viruses that were detected present an extremely low risk to customers' computers," according to TomTom. Of course, relaying to the public such helpful information that TomTom was obviously aware of would be clearly out of the question, but it's nice to know that while manufacturing oversights caused a couple of Trojans to be introduced to unsuspecting PC users by spendy GPS hardware, they at least aren't the nasty kind. TomTom claims the problem has been corrected, and that "Appropriate actions have been taken to make sure this is prevented from happening again in the future." They also have some instructions at the read link for removing the viruses (win32.Perlovga.A Trojan and TR/Drop.Small.qp), which mostly amount to advising you to update your virus software.

[Via Slashdot]

Filed under: GPS

TomTom fesses up to Trojan infection in GO 910 navigation units originally appeared on Engadget on Mon, 29 Jan 2007 08:12:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

McDonald's MP3 players ship with trojan horse

Thomas Ricker — Mon, 16 Oct 2006 08:35:00 EST

What do tubby teens, MP3 players, and grandma's scalded taint all have in common? That's right, the absolute attention of McDonald's legal. See, McDonald's and Coca-Cola recently teamed up in Japan to give away 10,000 self-branded MP3 players pre-loaded with 10 spankin' new tunes and... some delicious malware. It seems that a "portion" of the players sport a variant of the QQPass family of trojan horses which capture passwords and other personal information when the MP3 player is plugged into the users' PC. The code then proceeds to email the details to the author. McDonald's has setup a 24 hour hotline while they are investigating the matter and will swap out all the offending players. Good times.

[Via Impress]

Filed under: Portable Audio

McDonald's MP3 players ship with trojan horse originally appeared on Engadget on Mon, 16 Oct 2006 08:35:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Text messages lure in virus victims

Chris Ziegler — Sun, 25 Jun 2006 23:28:00 EST

Spam via text is nothing new, but it seems crooks are now turning to SMS to cultivate legions of zombie PCs for denial-of-service attacks. The ruse apparently begins when an unsuspecting individual receives a text message thanking them for subscribing to a dating service at the pricey rate of $2 a day, which also includes instructions on how to cancel the service through a website. When the user gets to their PC and navigates to the site, they're instructed to download an executable, and you can probably guess what happens from there. Our question is, if you don't try to cancel, do you get any dating action out of it?

[Via Smart Mobs]

Text messages lure in virus victims originally appeared on Engadget on Sun, 25 Jun 2006 23:28:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments