Insan-IT Search:

Sunday, August 14, 2011

Android Security - A Year in Review

Paul Sparrows has posted a summary of Viruses and Trojans to hit Android this year. The Linux security model (SELinux excluded) leaves much to be desired and while Android takes a step in the right direction by having Apple-like granular permissions, I believe it falls down huge by failing to empower users. Android security would be much better served to select and enforce which permissions for apps during installation as opposed to the current take-it-or-leave-it (a.k.a my-way-or-the-highway) approach. My not so humble opinion as to why this scourge has hit Android so hard (that it might soon catch up to Windows on the desktop) as MVP (Most Vulnerable Platform) while long-established community Linux distributions (including "embedded" distributions such as MeeGo) have remained more acceptably secure comes down to 4 main points:

1) Mandatory open, reviewable, and debuggable source code versus Google's enabling and supporting of black-box DRM-supported proprietary binaries
2) Focus on repository QA/Testing versus Google's (inferrable and obvious) managerial push for throughput counts to build up a large number of apps in the marketplace
3) Shameless (and sometimes harsh) provision of user awareness, support, and higher expectations versus treatment of users like a herd of animals with only the lowest common denominator of expectations
4) Hashing and signing diligence and enforcement versus ... well let's just say I expected them to do a better job at this considering they're....you know...a company with the smartest geeks in technology... ... ...running an entire open-source project site... ... ...looking after more personal information than any Government... ... ...oh yeah... ... ...Google!!

I will have a followup post to go over these in detail and explain my rationale for these 4 points but in the meantime I recommend the install any of Symantic, Trend Micro, Sophos, AegisLab, or Lookout antivirus/malware scanners for your Android device. These should, until the Android Police come up with a community-developer and politically-neutral tool, should suffice to remove any less-than-welcome software.

Finally, Paul's list failed to include a list of apps delivering these infections and since this was something of interest to me I decided to compile a list myself. Keep in mind that several of the apps in this list have legitimate, uninfected counterparts and were simply infected and approved by Google for the Android marketplace (something which has me concerned about Google's priorities, but I digress). Here is the list which if you've installed apps from I would highly recommend a scan for infections:


AndroidOS_Droisnake.A
Tap Snake

Android.DroidDream AKA Android.Rootcager AKA AndroidOS_Lootoor.A
掷骰子
多彩绘画
Advanced App to SD
Magic Strobe Light
Advanced Compass Leveler
Super Stopwatch & Timer
Sexy Legs
Sexy Girls: Japanese
Bowling Time
软件强力卸载
Music Box
Best password safe
墨水坦克Panzer Panic
裸奔先生Mr. Runner
Hot Sexy Girls
Super sex sound
致命绝色美腿
Super Bluetooth Transfer
Advanced File Manager
Advanced Barcode Scanner
Task Killer Pro
Spider Man
蜘蛛侠
Funny Paint
Dice Roller
躲避弹球
Falling Ball Dodge
Photo Editor
Chess
APP Uninstaller
几何战机_PewPew
下坠滚球_Falldown
Falling Down
Screaming Sexy Japanese Girls
Hot Sexy Videos
Super History Eraser
Super Ringtone Maker
Hilton Sex Sound
Scientific Calculator
Super Guitar Solo
Super Sex Positions
Advanced Currency Converter
Basketball Shot Now
Omok - Five in a Row
Super Sexy Ringtones
手指赛跑 Finger Race
Magic Hypnotic Spiral
Quick Notes
投篮高手
Quick Delete Contacts
Advanced Sound Manager Version
Color Blindness Test

Android.BgServ AKA Troj/Bgserv-A AKA AndroidOS_BGSERV.A
Android Market Security Tool

Android.Zeahache

(Only have a photo of the app install screen available as seen below)
Android.Zeahache Infected App.jpg

Android.Adsms AKA AndroidOS_Adsms.A
(Usually installed from [link] in unsolicited SMS/Email message reading "Dear customer of [network provider], your mobile phone contains security system vulnerability. To increase the security level, please download the updated patch! [link]")
com.andriod
andiord.system.providers
org.me.androidapplication1

Android.Zsone AKA Android.Smstibook
iMatch
3D Cube horror terrible
ShakeBanger
Shake Break
Sea Ball
iMine
iCalendar
LoveBaby
iCartoon
iBook

Android.Spacem
Holy Fucking Bible

Android.LightDD
Beauty Breasts
Brightness Settings
Call End Vibrate
Contact Master
Delete Contacts
Floating Image Free
HOT Girls 1
HOT Girls 2
HOT Girls 3
HOT Girls 4
Paint Master
Quick Photo Grid
Quick SMS Backup
Quick Uninstaller
Sex Sound
Sex Sound: Japanese
Sexy Girls: Hot Japanese
Sexy Legs
Super App Manager
Super Color Flashlight
Super Photo Enhance
Super StopWatch and Timer
System Info Manager
System Monitor
Volume Manager

Android.Uxipp AKA Android/YZHCSMS.A
com.ppxiu
PPXIU
YHZC
YZHC

Andr/Plankton-A AKA Android.Tonclank
Favorite Games Backup

DroidDream Light Variant
Quick FallDown
Scientific Calculator
Bubble Buster
Best Compass & Leveler

Android/Sndapps.A AKA Android.Snadapps
Mosquito Repellent
Whoopee Cushion
Easy Button
Flashlight
Air Horn

Best of Insan-IT