Reply to post: Re: Curious as to the root to infection?

RedDrop nasty infects Androids via adult links, records sound, and fires off premium-rate texts

Morten_T

Re: Curious as to the root to infection?

"Am I missing something, is this exploiting a known vulnerability in the android OS, or is it relying on the ignrance of the user?"

I think it's a combination of all three:

The "vulnerability" is really a feature in Android, that lets you install .apk packages from 3rd party sources instead of the Google Store. This can be very useful, but also introduces the risk that said .apk packages may or may not have been tested fro malware very well or at all. It also has an additional problem in that you can either enable it or not. You can't choose to use Google Store, TrustedAppStore1 and TrustedAppStore2, and then block everything else. It's either apps from Google only or from the entire world. IMO this would somewhat heighten security for users, but is by no means a silver bullet. *

The part you're probably missing is that some people enable the above mentioned feature in order to use a different app store than the one Google provides. AFAIK this is very common practice in China, among other places.

Regdaring the user's ignorance, you have a point here. It's my impression that many people don't really know that doing this puts their phone at risk, perhaps they just inherently trust the app store they're using. But if the app store doesn't screen the submitted apps for malware before making them available, then there's really no security at all.

* (I realize the piece of malware in qustion came from the Baidu store, and my propoed approach would do nothing to stop it in this case).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon