"What is worse on Android? Malware or PUAs?"

Discussion in 'malware problems & news' started by SweX, Sep 14, 2012.

Thread Status:
Not open for further replies.
  1. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Full Story at Sophos
     
  2. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  3. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Another security risk are the permissions that Android apps requires. Most of the people just install it and not reading what action this program can perform. You should be very careful when applications needs to get access to your address book, monitor what you type, ...
     
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
  5. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,424
    This is a bit of scaremongering by sopphos, I have yet to see Android Malware in the wild yet every AV company is out there warning about it while trying to sell their mobile software.

    People should be warned but not forced to buy a product that is not yet needed.
     
  6. cruelsister

    cruelsister Registered Member

    Joined:
    Nov 6, 2007
    Posts:
    976
    Location:
    Paris
  7. kaleidood

    kaleidood Registered Member

    Joined:
    Oct 16, 2012
    Posts:
    1
    Location:
    USA
    The problem is identifying who is Potentially Unwanting these Apps.

    *I* MYSELF get highly annoyed when my various Droids Avast alert me that I have zAnti and several others. I am new so I will err on the side of caution and not discuss lesser known Android software, but there are commercials for zAnti, it is a highly WANTED app, but I can't seem to whitelist it.

    So PUAs and PUPs P me right off. Either the software is going to do something that is very highly likely unwanted by the average user, then sure, go ahead and flag it, sandbox it, treat it with The Heuristics of the Cloud, whatever.

    Just don't jump to the conclusion that a penetration tester doesn't want a penetration testing tool on his machines.

    Major thanks for all of the great work in the FinFisher threads. I am curious though now that, as is noted in at least one other thread here on WildersSecurity that FinFisher is now available for just about all contemporary mobile devices?

    We know there are baddies for our phones out there, and we know they even slip into our legitimate software streams. That this one is tied to government surveillance makes it a LITTLE bit unique. Has anyone had the opportunity to pull apart one of the mobile bugs and seen anything that would lead you to believe the same "Gamma Group" wrote this entire FinFisher / Finspy suite of unfriendlies?

    NOTE TO FUTURE LAW ENFORCEMENT PROGRAMMERS: IT IS CALLED FUD. :)

    EDITED TO ADD: Guess this answers my question:

     
    Last edited: Oct 16, 2012
  8. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Stop installing suspicious apps and you wont get malware on your Android phone. Get back to me when there are drive-by's in the wild for Android.

    And I never trust numbers or statistics from any AV company. It's like trusting a home burglar alarm company to give you accurate crime statistics.
     
  9. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
Loading...
Thread Status:
Not open for further replies.