Check First! Your favorite app can be a virus!

Angry Birds

Angry Birds (Photo credit: Wikipedia)

Apps

Apps (Photo credit: TerryBrock)

Apps drive mobile devices. There’s one for just about everything, including one to detect a bomb! But there’s a risk with apps: it has to access personal data in the device.

All apps ask for permission while downloading. The requests include access to data network, call records, GPS coordinates, rights to modify contents of SD card, etc. These look harmless, and we grant them permission. But problems emerge when the apps have Trojans (a form of virus) hiding in them.

Earlier this year, security firm Sophos detected a Trojanized version of the Angry Birds game. “Trojans can come disguised as wallpaper applications . They contain the malicious package within it and may be hard to uninstall,” says Ruchna Nigam, security researcher, Fortiguard Labs. Zitmo , she says, is a well-known banking Trojan (it has SymbianAndroid and Blackberry versions) that can receive commands from the attacker to intercept SMS second-factor authentication banking tokens and forward them to the attacker, thereby exposing users to banking fraud.

 
Some applications, especially malicious ones, seek rights for activities unrelated to their function. When a music app seeks access to call records, you must wonder why, and check the credentials of the developer. It might be a safe app, but it is worth checking.

Juniper Networks‘ Mobile Threat Center analysed over 1.7 million apps on Google Play from March 2011 to September 2012.

English: Logo of Juniper Networks

English: Logo of Juniper Networks (Photo credit: Wikipedia)

It found that in the cards and casino games category, 94% of free apps that could make outbound calls didn’t describe why they would use this capability. Similarly, 85% of free apps that could send SMS didn’t specify why they should do so, says Ravi Chauhan, managing director India and Saarc, Juniper Networks.

In the racing games section, 99% of paid apps and 92% of free apps had rights to send SMS, while 50% could use camera and 95% could initiate outgoing calls — without any explanation as to why they needed to do that.

The survey found that free apps were 401% more likely to track location and 314% more likely to access contacts than their paid counterparts.

This gives an impression that free apps access info to target ads. But out of the 6,83,238 apps examined, the share of those with the top five advertising networks was much less than the total number tracking location (24%).

 

Read full story at http://timesofindia.indiatimes.com/tech/personal-tech/computing/Beware-your-favourite-app-can-be-a-virus/articleshow/17403343.cms

 

 

 

 

 

Advertisements

Facebook clears the air on hoax copyright post!

Image representing Facebook as depicted in Cru...

 Facebook is telling its users to ignore rumors spreading on the social network that they need to post a statement to protect their copyrights of their comments and other materials.

“There is a rumour circulating that Facebook is making a change related to ownership of users’ information or the content they post to the site,” Facebook said in a “fact check” notice on its website on Monday. 

“This is false. Anyone who uses Facebook owns and controls the content and information they post, as stated in our terms. They control how that content and information is shared. That is our policy, and it always has been.” 

The notice came after the copyright notice went viral — suggesting that a posted statement was needed to protect copyrights on Facebook. The hoax had been around in the past but resurfaced after Facebook announced changes to its privacy policies last week. 

Users began repeating these posts, which stated, “In response to the new Facebook guidelines I hereby declare that my copyright is attached to all of my personal details, illustrations, comics, paintings, professional photos and videos, etc… This will place them under protection of copyright laws.” 

Warnings about the so-called “chain letter hoax” were issued as far back as June from the security firm Sophos and others. 

And noted technology blogger Robert Scoble poured scorn Monday on those falling for the trick, saying on his Facebook page: “If you are posting about copyright on Facebook and you haven’t done your research you are an idiot.”