Android malware poses as Angry Birds Space game

What’s the story?

The latest version of the immensely popular “Angry Birds” series has already seen fake imitations in the Android Marketplace.  The infected version of the fake “Angry Birds Space” contains a Trojan which security company Sophos has detected as Andr/KongFu-L.

While the imitation appears to be fully functional, it is actually manipulating what is known as the GingerBreak exploit to install malware on the device.

 

 

What does the Trojan do?

Once installed, the malware will endeavor to download and install further malware onto the compromised Android smartphone.

After being successfully downloaded and installed (all without the user’s knowledge) the device is effectively now part of a botnet, under the control of malicious hackers.

The cybercriminals can now download further code to the device at will or even send the phone’s browser to specific URLS.

 

How can I stay safe?

 

There are plenty of ways to help keep your Android device safe but here are 5 quick wins:

  • Avoid installing any applications that aren’t downloaded from the official “Android Marketplace”. If you don’t know who made it, you can’t trust it.
  • Don’t install anything that sounds too good to be true! Examples may include “free ring tones” “free wallpaper” etc. Always be sure what your downloading is legitimate.
  • Think twice before “rooting” or jailbreaking your device to allow a lower level of protection than standard Android OS release.
  • Always keep your phone updated with the latest operating system. This will make sure your phone is as safe as possible. You should check for system updates about once a month.
  • Install an antivirus app on your phone. You should be sure to check all settings; make sure the appropriate boxes are checked for the data you are receiving, i.e. web surfing, text messaging and real-time scanner. Ensure that you scan your device regularly and above all keep it up to date! AVG Mobilation is one of the most popular antivirus apps for Android devices and it’s free. Give it a try.

 

 

Amazon advises Android developers on how to protect code

 

What’s the story?

In an attempt to battle rising incidents of Android Malware, the Amazon Appstore has announced that developers should consider obfuscating their code. Amazon has recommended the free to use Proguard tool.

 

Obfuscating the code modifies the source and machine code to be difficult for a human to understand if the app gets decompiled. This is an attempt to make the app difficult to hack via reverse-engineering.

Obfuscation also offers further benefits for app developers as it shrinks, optimizes, and obfuscates the source code which reduces file sizes and boosts the run-time performance.

 

So surely everything should be obfuscated?

Although Amazon recommends obfuscating apps to make them tough to reverse-engineer, apps which allow users to buy digital content and subscriptions – such as in-game currency, expansion packs, upgrades, and magazine issues cannot be obfuscated.

Amazon Appstore relies on certain methods being available to call and provide developers with information about a purchase request. If these methods get obfuscated and renamed, the Appstore will not be able to send the information, according to the blog post.

In-app purchases now account for 60% of revenue among the 200 highest-grossing applications for Apple and Android, according to a recent survey conducted by market research company CCS Insight and Distimo, which has specialized in app store market analytics.

 

Where can I read more?

More information on the pros and cons of obfuscating app code can be found on SecurityFocus.com