| Author |
Message |
|
ProfessorF
What's a life?
Joined: Thu Apr 23, 2009 7:56 pm
Posts: 12030
|
 Just an FYI: http://www.zdnet.com/warning-new-android-malware-tricks-users-with-real-opera-mini-7000001586/ | | | | Quote: Summary: Cybercriminals have created a new variant of the OpFake malware for Android that comes bundled with a legitimate version of the Opera Mini mobile browser. This helps trick users into thinking that nothing is wrong as they can simply use the real software as expected.
A new piece of malware is trying to take advantage of Opera's popularity as a mobile browser alternative on Android smartphones. Cybercriminals have created a new variant of Opfake that bundles the real Opera Mini version 6.5 so as to further mask what the malware is actually doing (earning its creators money from unsuspecting users by sending international text messages). GFI, which first discovered the malware, is calling this particular threat Trojan.AndroidOS.Generic.A. The package is named "com.surprise.me" while the file name is "opera_mini_65.apk" (both can easily be changed).
As you can see above, two sets of "Permission to Install" pages are displayed during installation. The first (above in the middle), comes from the malware itself: it asks for read and modify rights to all SMS and MMS messages, read rights to all contacts stored on the smartphone, modify or delete rights to the SD card, and so on. The second (above on the right) one appears once users agree to install the first, which is simply the permissions required for the legitimate Opera Mini browser.
This particular threat is interesting because it shows that OpFake is evolving. Instead of trying to mimic a popular app, OpFake now simply installs the real version. As a result, the user is less suspicious that something is wrong. "More than likely, users will not be aware that something might have infiltrated their phones until the bill arrives," a GFI spokesperson said in a statement.
The devil is in the details: in the background, the malicious app sends expensive international text messages to earn its creators revenue. The malicious app does the dirty work to incur costs on the victim. More specifically, here's what this particular threat does:
It sends one SMS message to a premium-rate number before it installs the legitimate Opera Mini. A command and control (C&C) server controls the message sent and the number where it is sent.
It also connects to the C&C server to retrieve data.
It reads the following stored information: Country location, Operator name, OS version, Phone type, and Device ID (IMEI).
Android lets you download and install apps from anywhere. If you want the official version of an app, however, get it from the official Google Play store. Here is the official Opera Mini link: play.google.com/store/apps/details?id=com.opera.mini.android. | | | | |
|
| Wed Jul 25, 2012 10:37 pm |
|
|
|
big_D
What's a life?
Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
|
The big question is, with Dolphin HD, Chrome and Firefox available, why would you want Opera Mini, which does off-machine rendering and sends the rendered page as an image?
_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari
Executive Producer No Agenda Show 246
|
| Thu Jul 26, 2012 4:31 am |
|
|
|
l3v1ck
What's a life?
Joined: Fri Apr 24, 2009 10:21 am
Posts: 12700
Location: The Right Side of the Pennines (metaphorically & geographically)
|
I guess it's a matter of personal preference.
I use Dolphin HD after having used the default browser for two years. I tried Firefox mobile, but it was dog slow.
|
| Thu Jul 26, 2012 8:57 am |
|
|
|
Linux_User
I haven't seen my friends in so long
Joined: Tue May 05, 2009 3:29 pm
Posts: 7173
|
For handsets running ICS I don't see why you'd want to run anything other than Chrome.
|
| Thu Jul 26, 2012 11:44 am |
|
|
|
l3v1ck
What's a life?
Joined: Fri Apr 24, 2009 10:21 am
Posts: 12700
Location: The Right Side of the Pennines (metaphorically & geographically)
|
I'm still on 2.2 (Froyo)
|
| Thu Jul 26, 2012 9:37 pm |
|
|
|
bobbdobbs
I haven't seen my friends in so long
Joined: Thu Apr 23, 2009 7:10 pm
Posts: 5490
Location: just behind you!
|
im on jellybean and ICS
_________________Finally joined Flickr
|
| Fri Jul 27, 2012 9:42 am |
|
|
|
John_Vella
I haven't seen my friends in so long
Joined: Fri Apr 24, 2009 7:55 am
Posts: 7935
Location: Manchester.
|
I've found that Chrome is really good... at draining the battery. With Chrome installed I was having to charge the mobile every day. Since removing Chrome I charge it every two or three days. _________________John Vella BSc (Hons), PGCE - Still the official forum prankster and crude remarker  Sorry  I'll behave now. Promise 
|
| Fri Jul 27, 2012 1:09 pm |
|
|
|
Linux_User
I haven't seen my friends in so long
Joined: Tue May 05, 2009 3:29 pm
Posts: 7173
|
It works just fine for me on the Galaxy Nexus. 
|
| Sat Jul 28, 2012 12:35 pm |
|
|
