Last week, we had given previews of some of our findings from an analysis of 10,000 Android apps to a few reporters including Tim Wilson at DarkReading, Rob Westervelt at SearchSecurity, and Sean Kerner at InternetNews.com. Since then, we've been glad to see a high level of interest in our findings from other reporters as well! We'll be releasing our full set of findings at the BlackHat security conference on August 4 in Las Vegas, but until then, following is a preview of some of the findings that we thought would be of interest to the community:
* 842 of the 10,000 apps that we analyzed from Google's Android marketplace were leaking private information. The apps were authored by developers that transmitted IMEI numbers to remote servers, which may not have a high level of security. While users can give an Android application permission to read their IMEI number, and can also give an application access to the Internet, users may be surprised when such permissions are used in combination together to send the IMEI number to a remote server on the Internet. The security curve blog post referencing our study discussed some of the key issues here.
* 11 out of the 10,000 apps that we analyzed sent potentially unwanted SMS messages. These apps were authored by developers who sent potentially spammy messages back to the user's phone itself that would, for instance, encourage them to share the application with others. While the Android OS does have a "coarse-grained" permissions model where users can approve or deny an application the right to use SMS, once they approve, an application could send one SMS or one hundred SMSes without giving the user any further "finer-grained" control.
* We prototyped a mobile drive-by attack for Android. While drive-bys on desktop PCs on the web are very common, mobile drive-by attacks are fairly new.
We look forward to sharing more information about our findings in the coming weeks, including a full report in the form of a white paper at the time of our BlackHat talk on Aug 4.
According to Tim Armstrong, malware researcher at Kaspersky Lab, the king of the mobile malware world is the SMS Trojan. SMS Trojan operations start with the establishment of a premium rate number with a short code of four or five digits. Once the malicious app is on the phone, the app dials out to the premium rate number in the background, with message rates standing between $5 and $10 each. Each time an SMS message is sent, the criminal racks up more profit, he said.
ReplyDeletesciatica pain
sciatic nerve pain
Хотите заработать ? вам сюда http://q-mix.ru/mamai1941-reg.html , после регистрации дают 0.10 WMR на вывод.
ReplyDeleteYour blog is very good!!
ReplyDeleteLook at this!! Is very helpful be okay.
Click I have already come
For a long time has seen a good video is fun.
ReplyDeleteLook at the happy faces of people wonder
ReplyDeletegood blog
ReplyDeleteNice blog, hi friend, i found that there is one website offering free puzzle games. Just take one minute to sign up then you will receive one free puzzle game. Its URL is http://www.684899.com/en/CosmicCreature/project_1.htm Click the below button of the page to get in. I've done it and now i am enjoying it. Would you like one?
ReplyDeleteYour blog is very good~
ReplyDeleteLook at this!! Good video
Click "good news"
Christina Wu wedding dress|Dere Kiang wedding dress|Customize Wedding dress|Wedding Gloves|Wedding Shawl
ReplyDeletesac Louis Vuitton|Louis Vuitton pas cher|lv sac|lv pas cher|Louis Vuitton sac
ReplyDeleteLouis Vuitton Belts replica|replica lv bag|fake Louis Vuitton handbag|fake Louis Vuitton bag|replica Louis Vuitton Purse
ReplyDeleteNike Air Max
ReplyDeletehttp://www.2012nikefreerun.net/
Thank you for you article, and I learnt from it that you must be a kind-hearted person. I want to buy this wedding gown wedding dress while my fiancé prefers another. bridal gown wedding dress Could you be so kind as to offer me more articles to introduce this La Sposa wedding dress further more? Every bride who is planning to buy a 2012 Allure wedding dress will be grateful for your help and may you good luck!
ReplyDeleteGood article about Mori Lee 2511. I have seen many pictures of beautiful Mori Lee 2510. I will introduce your article to my friend. She is wondering whether to buy the Mori Lee 2509. I think you can help her.
ReplyDelete