Photo Credit: Shutterstock The openness of the Android operating system and the slowness of security updates from various manufacturers is opening the door to hackers, malware and other harmful programs that take advantage of the gap in the system. Having been quiet for some time, it appears the issue of Android’s open policy toward its Play Store and its consequent vulnerability is once again attracting attention. According to Itay Katz and Avi Shulman, security researchers at the information security company called Shine, a new malware app called Pixer is traulling for pictures from its userbases social profiles and featuring them on its app. According to Play Store statistics the app has already managed to mislead its way to achieving 1-5 million downloads. Aside for being completely worthless (its does not function in any way as a dating site or social network), the app applies a rather aggressive and misleading way to spread itself with the sole intention of increasing its user base and ad revenue without offering much in return. Accessing your info whether you like it or not “We recently received a number of complaints about a strange SMS with an invitation to view pictures. One can understand the difficulty to resist, especially when the message comes from a close friend, “Says Katz, “Our suspicion increased when we clicked on the link and we were sent to install an app called Pixer from Google’s app store. The app as it’s presented on Google Play has the feel of a picture app like Picasa or the like.” After installing the app users brows through the photos of people who fell into the trap. If you authorize the application to access your Facebook account the app actually uploads all your FB pictures to the app. This includes even your friends’ photos that were posted to your page. All this is done without any explicit permission, ostensibly to keep the content fresh with new photos and to attract more users to download the app. In addition, the application will ask you to send a confirmation SMS to your entire contact list, with a link to install the application. There’s now option to filter your list. “Few bother to read the Permissions page. A quick look confirmed our suspicion that when the application requests permission to send SMS messages on your behalf and to access your personal and social information. Users tend to confirm each message that pops up after the install, especially when it looks like a long and involved process. Add to this a picture of a pretty girl in the background and people are clicking through without giving it much thought. This is the basic operational function of the app. It exists to spread through your contacts – your boss, babysitter, aunt – all of them
Posted on: Tue, 25 Nov 2014 00:38:45 +0000
Trending Topics
Recently Viewed Topics
© 2015