[zzrogue]

Hey guys,

Just read an article on Yahoo entitled "Virus experts warn the next big threat is on mobile phones and attacks beginning"

Pretty good read and it basically said that Android Phone's are currently vulnerable and it gives a few reasons but it's interesting what they said about Blackberries:

"... BlackBerrys are often tied to a corporate IT infrastructure with system administrators watching network traffic, evasion could also be difficult."

Now I'm glad I'm on a Blackberry phone.

Unfortunately I haven't posted enough times to add a link so I've added the article below

"By Michael Oliveira, The Canadian Press | The Canadian Press – Thu, 3 Mar, 2011 6:40 PM EST
Related Content

TORONTO - Virus experts are warning that the next big security threat is on mobile phones and that the attacks have begun in earnest.

For months, security researchers have been tracking how hackers were trying to take their exploits to a new platform and infect smartphones with malware that could remotely control the devices.

Earlier this week, Symantec released a report about the spread of an infected app called "Steamy Windows" on Google's Android platform. The simple but popular app makes it look like your screen is covered with steam, which can be cleared off with finger swipes.

Unknown hackers created a copycat version of the app, secretly loaded it with malicious commands, and released it to the web on unofficial app download sites.

It's not the first time such a threat has been detected, said Symantec's principal security response manager Vikram Thakur, but it's far more sophisticated — and successful — than what was previously spotted in circulation.

"It definitely had a lot more features than we've been seeing with Android threats in the past few months," said Thakur, noting the malware enabled a hacker to retrieve data from an infected phone, send out premium rate text messages, show advertisements, and launch any website.

The attack could not force the phone to dial out, or activate a built-in camera but it's probably a matter of time until other viruses can, Thakur said.

"We expect more sophistication," he said. "It's definitely a step toward getting more and more comprehensive in their actions but I'm very certain this is not the end of it."

While the infected Steamy Windows app wasn't available through the official Android Marketplace, dozens of virus-laden apps somehow managed to get past Google's screening and were pulled offline Wednesday after being reported by users.

Among the infected apps were "Photo Editor," "Hot Sexy Videos," "Chess," "Falling Ball Dodge," "Scientific Calculator," "Advanced Currency Converter," "Spider Man," "Music Box," "Super Stopwatch & Timer" and "Color Blindness Test."

Thakur said experts were quite surprised that so many infected apps made it past Google and were available for several days before being pulled.

"The fact that Google has vetted them and made them available on Google's controlled website, it does instil a certain amount of comfort in the user," he said.

"I was pretty impressed that Google was able to pull the reported apps in less than five minutes (after being alerted) but what remains to be seen is what kind of process improvements they make on their end before they vet any application onto their marketplace, if any at all."

So far, virus threats have mostly targeted the Android platform. That's due to a few reasons, Thakur said. Apple's app vetting protocol is extremely rigorous and sneaking viruses into the App Store would likely be very difficult, he said. And because BlackBerrys are often tied to a corporate IT infrastructure with system administrators watching network traffic, evasion could also be difficult. The use of the Android platform is also growing exponentially, which allows hackers to cast a wide net when trying to infect users, Thakur added.

"For the malware author, the first thing he looks at is 'Where can I get my money' and he's going to follow wherever the honey is. The immense success of the Android platform has kind of lured the malware authors," he said.

There are a couple of ways for Android users to protect against downloading infected apps, Thakur said. There's an option in the phone's settings to only allow installs of Google-approved applications, although if more apps sneak past Google, a phone could still be affected. Thakur also recommends against downloading apps from third-party sites, especially if they promise free versions of popular apps.

If a phone is infected there are consequences.

"The worst case scenario for the common user is, let's say, loss of data, whatever is stored on the person's phone —whether it's contact information or emails — or a high monthly usage bill. If someone was able to remotely control your phone and start sending premium SMS messages all across the globe then chances are you're going to be getting a bill you were not expecting.""

[hondateg91]

Now I'm glad I'm on a Blackberry phone.

No matter what phone, computer, or OS you use, as long as you have a connection to the internet you will be prone to viruses. It all comes down to the user and what they download or programs they use. Obviously if under an IT policy then it will be harder to get a virus, but it's still possible.

[SCrid2000]

Lol it is harder to make a virus for BlackBerry, but it can still be done, and it can be easily run if you set all your permissions to allow and don't be careful what you download.
But you're right, BlackBerry is safer from viruses.

Posted from my CrackBerry at wapforums.crackberry.com

[zzrogue]

No matter what phone, computer, or OS you use, as long as you have a connection to the internet you will be prone to viruses. It all comes down to the user and what they download or programs they use. Obviously if under an IT policy then it will be harder to get a virus, but it's still possible.

Your exactly right but when starting with a platform that is based on security, were better off than one that is not. The point is, Blackberry's are in a better state than other platforms.

[jd914]

Now I'm glad I'm on a Blackberry phone.

Don't get too comfy with a false sense of security.

[the_sandman_454]

Your exactly right but when starting with a platform that is based on security, were better off than one that is not. The point is, Blackberry's are in a better state than other platforms.

The biggest weakness any platform can have is the user. If the user does something stupid, doesn't have the proper security settings, use unknown software from an untrusted source, etc.

BB may be more at risk as a result of the confidence that it is difficult to hack or develop malicious software, which isn't necessarily the case, at least with regard to the software.

[Tony1988]

^^^^^Thing is virus creators are going to go for the more popular platform and the easiest to affect.

HowardForums: Your Mobile Phone Community & Resource - 50+ Android Apps Contain Malicious Code

Howard forums had an article today that says anroids app store was attack by a virus. 200000 users were affected. Sucks because they may have to get new phones. Makes BB sound more appealing than ever IMO.

Im glad I went with BB.

[howarmat]

wow the misinformation is spreading like a wildfire.

The 55 or so apps just need to be removed and the device wiped of data. Pretty standard and easy. You can easily sync back everything after this is performed. Also Lookout has been updated and would catch these apps in the future if they show up again. You didnt have to get your device replaced

Secondly here are some of those "apps" that were the problem

• 掷骰子 Version 2.4.1
• 多彩绘画 Version 1.2
• Sexy Legs Version 1.0.01
• Sexy Girls: Japanese Version 1.0
• 软件强力卸载 Version 4.2
• 墨水坦克Panzer Panic Version 1.0.0
• 裸奔先生Mr. Runner Version 1.0
• Hot Sexy Girls Version 1.0
• Super sex sound Version 1.3
• 致命绝色美腿 Version 1.0.01
• 蜘蛛侠 Version 1.29
• 躲避弹球 Version 2.0.9
• Screaming Sexy Japanese Girls Version 1.0
• Hot Sexy Videos Version 0.1.10
• Hilton Sex Sound Version 2.1.1
• Super Sex Positions Version 1.0
• Super Sexy Ringtones Version 3.1.4
• 投篮高手 Version 1.4.0

You download any of that crap and you deserve "infected"

As always common sense applies. read review before installing anything and more often than not you will be fine

[Cozz4ever]

Don't get too comfy with a false sense of security.

It isn't a false sense. First an app must be okayed by user. Any permission changes would have to be okayed by user as well. Then you have to deal with data. It's encrypted. Even if you send the same data to two different BB's, the data is different as the PIN is part of the encryption and decryption process. Every BB has it's own PIN. So if a virus was ever to make in it and then some how to ever run then to actually read info such *** an email stream then the same virus would be useless on the next BB cause the algorithm answer would be different.

[howarmat]

It isn't a false sense. First an app must be okayed by user. Any permission changes would have to be okayed by user as well. Then you have to deal with data. It's encrypted. Even if you send the same data to two different BB's, the data is different as the PIN is part of the encryption and decryption process. Every BB has it's own PIN. So if a virus was ever to make in it and then some how to ever run then to actually read info such *** an email stream then the same virus would be useless on the next BB cause the algorithm answer would be different.

it is a false sense of safety and here is why

Im a dev, i make an app that is an "address book" and it then will ask you for permission to access your contact list. Sure that makes sense, duh, you would set that to OK. Then i can easily transmit that data back to me. Look i have all these email addresses that YOU allowed me access to and I know just what to do with them. I start sending spam email to all of them. And YOU let me do it. in fact you paid me 4.99 to do it!

how is your sense of security now?

[Cozz4ever]

it is a false sense of safety and here is why

Im a dev, i make an app that is an "address book" and it then will ask you for permission to access your contact list. Sure that makes sense, duh, you would set that to OK. Then i can easily transmit that data back to me. Look i have all these email addresses that YOU allowed me access to and I know just what to do with them. I start sending spam email to all of them. And YOU let me do it. in fact you paid me 4.99 to do it!

how is your sense of security now?

That's not a virus my friend. Please look up what a virus is. What you're talking about is malware/spyware. It's doesn't spread.

Also, one would be an i diot to do this as you would leave a trail easy enough to follow with your eyes closed.

[howarmat]

true its not a virus but its still a headache to deal with and you have exposed your "secure" data to someone.

and as a matter of fact it has and still is happening. Those apps are in app world right now and RIM even knows about it.

[Tony1988]

wow the misinformation is spreading like a wildfire.

The 55 or so apps just need to be removed and the device wiped of data. Pretty standard and easy. You can easily sync back everything after this is performed. Also Lookout has been updated and would catch these apps in the future if they show up again. You didnt have to get your device replaced

Secondly here are some of those "apps" that were the problem

• 掷骰子 Version 2.4.1
• 多彩绘画 Version 1.2
• Sexy Legs Version 1.0.01
• Sexy Girls: Japanese Version 1.0
• 软件强力卸载 Version 4.2
• 墨水坦克Panzer Panic Version 1.0.0
• 裸奔先生Mr. Runner Version 1.0
• Hot Sexy Girls Version 1.0
• Super sex sound Version 1.3
• 致命绝色美腿 Version 1.0.01
• 蜘蛛侠 Version 1.29
• 躲避弹球 Version 2.0.9
• Screaming Sexy Japanese Girls Version 1.0
• Hot Sexy Videos Version 0.1.10
• Hilton Sex Sound Version 2.1.1
• Super Sex Positions Version 1.0
• Super Sexy Ringtones Version 3.1.4
• 投篮高手 Version 1.4.0

You download any of that crap and you deserve "infected"

As always common sense applies. read review before installing anything and more often than not you will be fine

Oh sure I agree. The whole thing about the phone replacement was in the article that or reset the os either is recommended. I should have been more specific.

[Jake Storm]

No matter what phone, computer, or OS you use, as long as you have a connection to the internet you will be prone to viruses...

You don't use a Mac, do you?
I equate Android to the Windows based, virus prone PC I dumped years ago.
I have been using a Mac for six years now and have never worried about viruses. I feel the same way about BB, worry free.

This is just the tip of the iceberg. Android users be afraid, be very afraid.

[SCrid2000]

Mac is starting to have viruses too now as they pick up market share. You want to really be virus free, get linux

Posted from my CrackBerry at wapforums.crackberry.com

[CrackBerry Kevin]

@ Jake Storm - love the quote in your signature

@ Everybody else on this thread... This is a really interesting topic. I've had a bunch of conversations in the past month (different analysts I talk to, some industry folk, etc.) where the topic of mobile viruses comes up... everybody seems to think Android in a year is going to be full of virus/malware/spam type crap and a lot of stories of people's phones getting hacked (especially anybody who roots their phone and leaves themselves more open to these kinds of threats).

I honestly don't know much about it, but can't help wonder if RIM/Apple/HP have teams working on putting viruses onto Android? Lol... probably the quickest boost to BlackBerry sales would come if a bunch of bad android virus/hack press hit the newswires.

[gregorylkelly]

You don't use a Mac, do you?
I equate Android to the Windows based, virus prone PC I dumped years ago.
I have been using a Mac for six years now and have never worried about viruses. I feel the same way about BB, worry free.

This is just the tip of the iceberg. Android users be afraid, be very afraid.

I have had Windows based PCs since 1995. You wanna know how many viruses I have been infected with? ZERO.

Viruses are mostly caused by user negligence.