DroidDreamLight -> phone nightmare.

Published: 2011-06-02
Last Updated: 2011-06-02 15:59:34 UTC
by donald smith (Version: 1)
3 comment(s)

Kasperky Lab Security news service posted this recently.
https://threatpost.com/en_us/blogs/droiddream-returns-dozens-infected-apps-pulled-android-market-060111
“Researchers have identified a second large batch of apps in the Android Market that have been infected with the DroidDream malware, estimating that upwards of 30,000 users have downloaded at least one of the more than 30 infected apps. Google has removed the apps from the market.”


The user  does NOT have to run the application to trigger the data theft.  A phone call can trigger that event by invoking android.intent.action.PHONE_STATE intent (an incoming phone call). When that occurs data is extracted from the phone and sent to a remote site including IMEI,  IMSI, installed package list, other data and possibly install other applications.


Additionally mylookout.com a company that makes smart phone security software posted a analysis of droiddreamlight and a set of infected applications here:
http://blog.mylookout.com/

Keywords:
3 comment(s)

Comments

The heavy use of maroon in the site changes it from informative to depressing.

What if the top stripe is shown as the color of the threat?

Could it be that the same "designer" of this new site was the one who though up the "knowledge for peace" theme?

So are any of the common Anti Virus APPS in the market place detecting these types of Malware?
I don't take issue with the colors other than the background on the "Alias" box for commenting. That box is a little to dark and makes the text slightly difficult to read. Otherwise the site looks MUCH better. I'm not a huge fan of the heavy use of blue the old site used which was reminiscent of google's defaults to me and had a bland, boring, basic look to me.

Diary Archives