• Welcome to the Off-Topic/Schweb's Lounge

    In addition to the Mac-Forums Community Guidelines, there are a few things you should pay attention to while in The Lounge.

    Lounge Rules
    • If your post belongs in a different forum, please post it there.
    • While this area is for off-topic conversations, that doesn't mean that every conversation will be permitted. The moderators will, at their sole discretion, close or delete any threads which do not serve a beneficial purpose to the community.

    Understand that while The Lounge is here as a place to relax and discuss random topics, that doesn't mean we will allow any topic. Topics which are inflammatory, hurtful, or otherwise clash with our Mac-Forums Community Guidelines will be removed.

Trojan infects Android smartphones; iPhone unaffected [MacDailyNews]

Joined
Sep 30, 2007
Messages
9,962
Reaction score
1,235
Points
113
Location
The Republic of Neptune
Your Mac's Specs
2019 iMac 27"; 2020 M1 MacBook Air; macOS up-to-date... always.
MacDailyNews

"The Trojan virus, named Trojan-SMS.AndroidOS.FakePlayer.a, is distributed through a message sent to users prompting them to install a 13 kilobyte (KB) 'harmless' media player application," Hutchinson reports.

"Once installed, the Trojan virus sends SMS messages to premium rate numbers without notifying the user," Hutchinson reports.
 
T

todd51

Guest
Haha, now we're finally starting to see viruses on phones. Man how far technology has come. I guess I should watch out for this since I have an Android phone. However, I'm not an idiot and don't install stuff that I don't research first.
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
Not the first, just the most publicized to date. There have been a number of trojan-style apps on Android now. I don't see that trend abating anytime soon.
 
T

todd51

Guest
True, this one sounds like it would be a pain though. Think if you didn't notice all these SMS messages being sent out until your bill comes. Wow would that suck.
 
Joined
Jan 27, 2007
Messages
5,658
Reaction score
159
Points
63
Location
*Brisvegas*
Your Mac's Specs
17 inch 2 GHz C2D imac (5,1) with 3GB DDR2 RAM, X1600 (128MB memory) GPU - OSX 10.6.3
Trojan infects Android smartphones; iPhone unaffected

Trojan infects Android smartphones; iPhone unaffected
MacDailyNews - Trojan infects Android smartphones; iPhone unaffected

And here is a nice comment on the page that sums it up quite well. Is full of sarcasm though.

I see you're using Microsoft Logic(TM).



iOS has a PDF exploit, yet nobody has succeeding in doing anything malicious with it. Right now, it's only got the theoretical potential to be dangerous. It's also going to be patched soon, likely nipping the problem in the bud.



Android has a trojan that will ****ing steal your money. Not in theory. For real. It doesn't just have the protential to be dangerous, it IS dangerous. For real. It's out there doing actual damage to actual people as we speak.



The loser in this equation?



iOS. Why? 



Because the hypothetical possibility that malware might appear sometime in the future if certain condition are met is always waaaaaaaaaaaay worse than having actual malware infecting devices right now in the present. That's why Android somehow wins the security contest even though it's the one under attack by cyber-thieves and iOS isn't.



So you see, the platform with real malware infecting it is always safer than the platform that could maybe theoretically be infected by malware if if the planets lined up right, someday. Now stay in your pen, sheep... Stick with Windows! Err... I mean, stick with Android!



Incidentally, amusing headline on the MacWorld UK sidebar. 

"South Korean police raid Google's office over Street View"

I'm alittle confused though, because Google "does no evil"... Hah hah, it must be some kind of funny mistake! Those Koreans are so wacky.
 
Joined
Jan 19, 2008
Messages
4,695
Reaction score
73
Points
48
Location
houston texas
Your Mac's Specs
09 MBP 8GB ram 500GB HD OS 10.9 32B iPad 4 32GB iPhone 5 iOs7 2TB TC Apple TV3
I guess that open source that Android is always bragging about is totally open to all the vermin out there.
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
I guess that open source that Android is always bragging about is totally open to all the vermin out there.

It's definitely a major failing for the Google App Market. As much as I like the idea of the marketplace being wide-open, I do wish it were screened (at least a little bit). Additionally, I don't understand why the OS isn't throwing up red flags when an app tries to use services "that cost you money" (as they put it in their warnings during install).

Right now, your only protection is to trust the reviews in the App Market. If the OS could act as a security gatekeeper to some extent, it would certainly help.
 
Joined
May 19, 2009
Messages
8,428
Reaction score
295
Points
83
Location
Waiting for a mate . . .
Your Mac's Specs
21" iMac 2.9Ghz 16GB RAM - 10.11.3, iPhone6s & iPad Air 2 - iOS 9.2.1, ATV 4Th Gen tvOS, ATV3
"Once installed, the Trojan virus sends SMS messages to premium rate numbers without notifying the user," Hutchinson reports.

So ummm im wondering, if this was written by a lets say for instance sake, a AT&T employer ??? Or just some random nobody that wants his 15 mins???

AT&T i could understand as that will be there way of getting more $ from there customers, but if its a nobody wanting to be somebody, what on earth is he/she getting out of it.
Hmmmm needs a hacker radar enhanced Smart Bomb ;P
 
Joined
Jan 12, 2005
Messages
670
Reaction score
23
Points
18
Location
Ceres, Ca
Your Mac's Specs
iPad 32 GB 3G
So ummm im wondering, if this was written by a lets say for instance sake, a AT&T employer ??? Or just some random nobody that wants his 15 mins???

AT&T i could understand as that will be there way of getting more $ from there customers, but if its a nobody wanting to be somebody, what on earth is he/she getting out of it.
Hmmmm needs a hacker radar enhanced Smart Bomb ;P

AT&T locks down their android phones so that you can't install non-marketplace apps. And since this little app isn't from the marketplace you can't install it (unless you root the phone and edit the settings manually to allow it-- similar to an iPhone jailbreak). Anyone installing some random, non-signed app that just showed up in an sms message from someone that they don't know is pretty much a tool anyways. Having a choice means you can choose to be an idiot I guess.
 
Joined
Jan 12, 2005
Messages
670
Reaction score
23
Points
18
Location
Ceres, Ca
Your Mac's Specs
iPad 32 GB 3G
It's definitely a major failing for the Google App Market. As much as I like the idea of the marketplace being wide-open, I do wish it were screened (at least a little bit). Additionally, I don't understand why the OS isn't throwing up red flags when an app tries to use services "that cost you money" (as they put it in their warnings during install).

Right now, your only protection is to trust the reviews in the App Market. If the OS could act as a security gatekeeper to some extent, it would certainly help.


It's not a marketplace app. Also, when you install a program in android, it tells you what permissions the app is requesting and you have to ok it. So basically, to get this in your phone you have to choose to install a random app that just showed up in a SMS, and then grant it permission to send text messages when you install it. Iow, you have to be a dumbass.
 

bobtomay

,
Retired Staff
Joined
Dec 22, 2006
Messages
26,561
Reaction score
677
Points
113
Location
Texas, where else?
Your Mac's Specs
15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
There are some out there. My wife did something similar from SMS on her iPhone a couple of months ago. She didn't even know she did it. But, she had signed up for about 6 recurring charge web sites. One of them was $19.95 a week for ring tones. When I called AT&T, found out some of these can start auto charging your account simply by making any response to the SMS instead of deleting it.

My question to AT&T, was don't they vet these companies before they let them start charging people throgh their phone bill?
 
Joined
May 23, 2010
Messages
38
Reaction score
4
Points
8
Location
Broke through Heaven
Your Mac's Specs
iMac i5 27", MacBook Air 2010 13"
@bobtomay:
You are speaking of something totally different.
This is a trojan. Your wife just encountered some retarded companys sms that earns their money with illegal stuff that is still a grey zone in law on the whole world.
 
Joined
Jan 19, 2008
Messages
4,695
Reaction score
73
Points
48
Location
houston texas
Your Mac's Specs
09 MBP 8GB ram 500GB HD OS 10.9 32B iPad 4 32GB iPhone 5 iOs7 2TB TC Apple TV3
It's not a marketplace app. Also, when you install a program in android, it tells you what permissions the app is requesting and you have to ok it. So basically, to get this in your phone you have to choose to install a random app that just showed up in a SMS, and then grant it permission to send text messages when you install it. Iow, you have to be a dumbass.

You got to remember the vast majority of people out there have no understanding of how things are implemented they see next or hit ok and proceed true ignorance is no excuse but they don't look at these things as seriously as most of us forum members if they did Apple's sales would increase
even more.
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
You got to remember the vast majority of people out there have no understanding of how things are implemented they see next or hit ok and proceed true ignorance is no excuse but they don't look at these things as seriously as most of us forum members if they did Apple's sales would increase
even more.

The problem is that the dialog that appears usually has a laundry list of functions that the app can perform. Some of which are vague - or may be perfectly legitimate depending on the function of the app. For the average user, this is difficult to discern and can result in habitual dismissal of the dialog (much like Vista's UAC).

What I'm suggesting is that Google puts a hook into the OS that proactively blocks these kinds of transactions until the user has confirmed (perhaps by an authentication mechanism) that it's OK to perform this function at the time the function is being performed, as opposed to when the app is being installed.

It's just a thought. And as much as we like to dismiss this sort of thing with a "stupid is as stupid does" mentality, in reality software designers can make smart choices in design that make the experience much more intuitive. You don't have to have a walled garden approach in order to be secure. If you want evidence of this, look at Mac OS X.
 
Joined
Oct 22, 2007
Messages
1,956
Reaction score
47
Points
48
Location
Tampa , FL
Your Mac's Specs
15" MBP Unibody 2.53Ghz 4GB RAM 250GB HD,VERIZON iPhone 4,SIG P238 ,iPad,6th Gen iPod NANO
What I'm suggesting is that Google puts a hook into the OS that proactively blocks these kinds of transactions until the user has confirmed (perhaps by an authentication mechanism) that it's OK to perform this function at the time the function is being performed, as opposed to when the app is being installed.

That would be a painless fix. I could live with something like. This is more of a idiot proof mechanism most power smartphone users know what they are doing.

Anyone installing some random, non-signed app that just showed up in an sms message from someone that they don't know is pretty much a tool anyways. Having a choice means you can choose to be an idiot I guess.

Very true.
 

bobtomay

,
Retired Staff
Joined
Dec 22, 2006
Messages
26,561
Reaction score
677
Points
113
Location
Texas, where else?
Your Mac's Specs
15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
@bobtomay:
You are speaking of something totally different.
This is a trojan. Your wife just encountered some retarded companys sms that earns their money with illegal stuff that is still a grey zone in law on the whole world.

Yes, I'm aware of that. Just pointing out, that even a "safe" system is not truly safe without keeping a watchful eye.
 
Joined
Jan 12, 2005
Messages
670
Reaction score
23
Points
18
Location
Ceres, Ca
Your Mac's Specs
iPad 32 GB 3G
Well, something that the mac website failed to mention is that not only is this not widespread, it only can rack up the expensive charges if you're in Russia. Oh, and basically you have to change the default settings to allow non-marketplace apps anyways, akin to jailbreaking your iPhone. So basically a mountain out of a molehill.

And here is what Google had to say about it:

Our application permissions model protects against this type of threat. When installing an application, users see a screen that explains clearly what information and system resources the application has permission to access, such as a user’s phone number or sending an SMS. Users must explicitly approve this access in order to continue with the installation, and they may uninstall applications at any time.

We consistently advise users to only install apps they trust. In particular, users should exercise caution when installing applications outside of Android Market.
 
Joined
Oct 10, 2004
Messages
10,345
Reaction score
597
Points
113
Location
Margaritaville
Your Mac's Specs
3.4 Ghz i7 MacBook Pro (2015), iPad Pro (2014), iPhone Xs Max. Apple TV 4K
Well, something that the mac website failed to mention is that not only is this not widespread, it only can rack up the expensive charges if you're in Russia. Oh, and basically you have to change the default settings to allow non-marketplace apps anyways, akin to jailbreaking your iPhone. So basically a mountain out of a molehill.

And here is what Google had to say about it:

Unlike most iPhone users I know, nearly ALL of the Android users I know have "rooted" their phones, thus making them vulnerable. This activety seems to be more prevalent amongts Android users for some reason.
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
Unlike most iPhone users I know, nearly ALL of the Android users I know have "rooted" their phones, thus making them vulnerable. This activety seems to be more prevalent amongts Android users for some reason.

Well, now you know one that hasn't :D

I honestly don't understand the point of rooting an Android device. I'm sure there's apps out there that mess with low-level functionality, but the last thing I want is an unstable phone.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top