First case of Android Trojan spreading via mobile botnets discovered

“Kaspersky Lab is reporting that ‘For the first time malware is being distributed using botnets that were created using completely different mobile malware,'” Steven J. Vaughan-Nichols reports for ZDNet. “Isn’t that special?”

“Kaspersky describes the malware culprit, Backdoor.AndroidOS.Obad.a, as the ‘most sophisticated Android Trojan yet,'” Vaughan-Nichols reports. “The Russian antivirus company also has said that Obad.a is looking ‘closer to Windows malware than to other Android Trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits.”

Vaughan-Nichols reports, “If the user clicks on the link, a file named mms.apk, containing Opfake.a, is automatically loaded onto the smartphone or tablet. Then again, the user has to be a bit of an idiot and users run the downloaded program.”

MacDailyNews Take: They settled for a pretend iPhone in the first place, Steven, so odds are high.

Vaughan-Nichols reports, “The net result is that this botnet is capable of spreading Opfake.a and Obad.a very quickly. Kaspersky concluded that there are .12 versions of Backdoor.AndroidOS.Obad.a. All of them had the same function set and a high level of code obfuscation. Each used an Android OS vulnerability that allows the malware to gain Device Administrator rights and made it significantly more complicated to delete..”

Read more in the full article here.

MacDailyNews Take: “Open” in all the wrong ways.

[Thanks to MacDailyNews Reader “James M. Gross” for the heads up.]

Related articles:
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010


      1. The thing is, OS X is filled with open source software: it’s web browser, OS Kernal, most of its networking utilities, and many of other critical components of it are entirely open source. I’d say all that open source software in OS X plays a huge role in what makes OS X better than Windows. The Kernal, web browser, many other of the closed source components of Window are problematic and seriously flawed – especially when compared directly to open source counterparts.

        Peer review and collective wisdom are extremely valuable resources for developing a complicated ecosystem. Monocultures rarely turn out well, given how difficult it is for one person or one company or one methodology to match the capabilities of a collective.

    1. Ah, equivocation… The master argument of windows advocates everywhere (No os has perfect security therefore windows and OS X are equivilant security wise. The problem is that it is like comparing a dripping faucet to a broken pipe and saying see they are the same because they are both plumbing leaks.)
      Similarly you are trying to equivocate androids horrible security with some percecived incontinence in iOS (because it is “closed”)
      As TM indicated they aren’t really equivilant.

  1. I don’t think it’s fair to call users idiots without explaining more about the lure to get them to click on the link. Users are exposed to countless links to click on every single day. They have been conditioned to do it without fear. Unless you read the source to a web page or email message, you have no idea where an actual link is going to take you.

    Tech oriented people are smart enough to spot something fishy, but I swear, I give clients dissertations on how to avoid malicious activity and they still click away. It’s one reason I take privileged user status away from most users.

    1. I hear ya on the client side.
      No one gets admin rights on the Macs I take care of. Just did a casual security audit of one customer and the list of things that needed to be tightened up was rather long. The irony of all, was they are all on Macs and never had an issue in 15 years.
      I just needed to remind them that the criminals never sleep.

      Plus it didn’t hurt that 2 floors up an office was robbed of computers and HD TVs. Taken right off the walls. No forced entry. We’re waiting to hear how they got in. Thinking keypad code was compromised.

  2. Then again, the user has to be a bit of an idiot and users run the downloaded program.

    One of the insider terms is ‘luser’, or more emphatically “LUSER”. As Thelonous Mac pointed out above, it’s not quite fair to denigrate such people. It comes down to the usual bottom line of human diversity. Some people innately comprehend the gear and code. Lots of people don’t. Instead, they have other critical skills. Together we make a big wide wonderful world! ♪♫♬❤☻♡💋

    Meanwhile: There is no excuse for any app downloading to your phone without user password approval. How the frack is this happening?! It’s plain old shamefully terrible programming.

    Hey Google! This is specifically your fault! There’s no point worrying about the ‘LUSER Factor’ when the OS programmers are DumTards. 😯

  3. MDN Take “odds are high”? Doesn’t high odds mean a lot in return on your bet, i.e. low chance of something to happen. And low odds would mean that something is likely to happen.

    Just wondering (english is not my native language).

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.