Wednesday, May 25, 2011

Newly Discovered Malware on Android Devices [Tigerbot]

 
Often when an Android lover is asked why he would choose to own and Android device over all the other platforms out there (namely Apple), the answer you’d most likely receive is that of the freedom we have with an Android device and how much one can achieve with its operating system without root and even more so with root.  Yet despite the many advantages of having an open-source platform, one problem that cannot be ignored is the increased threat to security which can arise due to a simple installation of an application from the market or even a simple browse to an Android related website with downloadable content.


Adware and Malware to be specific have been found on quite a few Android user devices and although the number of users affected by this has been relatively low, this is still an issue of great concern for many with valuable and in many cases sensitive information on their devices.
Researchers at NQ Mobile, alongside researchers at North Carolina State University, have discovered new Android malware that is controlled via SMS that can do a number of invasive things once installed on a device.


It’s called TigerBot, and has only recently been found circulating through unofficial Android channels. NQ Mobile, the leading security firm on this case has, along with researchers based at the North Carolina State University carried out in-depth studies into the code, and drew the conclusion that TigerBot can quite easily record noise in the areas around where the device is situated, as well as sensitive calls.


More frighteningly, it can also alter network settings, record GPS coordinates, capture images (and upload them to a remote server) kill processes, and even reboot the device.
Things to note once it crawls in through the internet and out of a hole in your system, it hides itself behind a deceivingly legitimate icon on the device’s home screen. Then once it has become active, it simply registers a receiver with a high priority to listen to “android.provider.Telephony.SMS_RECEIVED.”


As you’re reading this I’m sure there is no doubt in your mind that these findings are nothing short of scary. However, at the moment there is really no need to panic since this is not what we can consider to be an extreme outbreak in the Android world.  But it does exist, and if it were to grow and become widespread then we’d definitely have much worrying to do. 


The best way to avoid being infiltrated by TigerBot or any other form of malware would be to stay away from app requests from unknown sources, and stick to legitimate sources when downloading apps (i.e. Google Play) and if it makes you feel any better you can download an app or two from the market and see if they have what it takes to protect you from these ruthless hackers and devs out there. 




Source: Security Week





For those that feel they can't or do not want to take a chance at rooting their devices and would rather have it rooted by a professional then click here to be directed to the Android Root King and have your device rooted in no time!

Click here to check out the Android Root King on Facebook