Clickjacking Rootkits for Android: the Next Big Threat ?

Discussion in 'all things UNIX' started by Ocky, Jul 8, 2012.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    Ocky, Jul 8, 2012
    #1
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,219
    No.

    To quote: The rootkit could be downloaded with an infected app and, once established, could manipulate the smartphone.

    No. Because you would not install the infected app first. And this brings us back to square one - don't install crap.

    Mrk
     
    Mrkvonic, Jul 9, 2012
    #2
  3. act8192

    act8192 Registered Member

    Joined:
    Nov 9, 2006
    Posts:
    1,789
    And how do you know it's crap before installing.
    On the google market aka play-store they do not display any crap/noncrap classifications.
    And there's no such thing as download, virus scan, then install if clean.
    Download is immediately followed by installation. A major flaw IMO.
     
    act8192, Jul 10, 2012
    #3
  4. x942

    x942 Guest

    1) Google Play Store is protected by Bouncer

    2) Don't install apps with 1 or 2 stars and read user comments.

    3) Question all permissions (does that game REALLY need SMS?)

    4) Root your phone and use Droid wall (firewall - default deny apps from getting internet access) and LBE Privacy Guard or PDroid (Revoke permissions). (yes, it's for the advanced user but still).

    For the most part common sense is all that's needed. Android (mobile) malware is extremely overblown the majority of it comes from thrid-party stores (not the play store). Most of the crap in the play store that is considered "malware" is just advertising garbage saying "you won an ipad".

    That said the state of AV's is worse. I have tested every AV on the play store (from a reputable source i.e Avast!) and all of them miss known malware (spam apps)! The detection rate is bellow 50% accurate. You are honestly better off without it and using common sense.
     
    x942, Jul 11, 2012
    #4
  5. mack_guy911

    mack_guy911 Registered Member

    Joined:
    Mar 21, 2007
    Posts:
    2,677
    mack_guy911, Jul 12, 2012
    #5
  6. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    That's crazy talk! We all know from the Windows world that AV software is a sure-fire way to have a 100% computer!
     
    chronomatic, Jul 13, 2012
    #6
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Comparing AVs on Windows to those on Android is ridiculous because the capabilities are completely different. On Android it's a futile attempt at blacklisting. On Windows you get heuristics and various other forms of analysis that yield far better rates of detection.
     
    Hungry Man, Jul 13, 2012
    #7
  8. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Good advice, only thing I could possibly add is:

    5) Turn off auto-updates for less well known apps


    Otherwise something harmless could slowly turn into something harmful, as was demonstrated earlier this year when researchers used incremental updates to get past Bouncer.
     
    RJK3, Jul 13, 2012
    #8
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...