Close X
Log In
If you are not a member,
register now
Email
Password
Forgot Your Password?
New User? Register now
to gain member-only access to all of IT World Canada's premium content & community portals.
Log in for Full Access |
Log In
|
Subscribe Now!
Follow
IT World Canada
Knowledge Centres
Community
Publications
Events
Services
Media
Communications Infrastructure
•
Carriers and Cellular
•
Networking
•
Voice, Data, and IP
Security
•
Alerts, Patches and Fixes
•
Disaster Recovery
•
Hacking and Viruses
Enterprise Business Applications
•
Business Intelligence
•
Enterprise Resource Planning
•
Open Source and Linux
Enterprise Infrastructure
•
Data Centre
•
Servers and Mainframes
•
Virtualization
Government
•
Case Studies and Best Practices
•
Collaboration
•
Policy
Leadership
•
Budgeting / IT Alignment
•
Industry News
•
Issues for CIOs
Information Architecture
•
Data Warehousing
•
Databases
•
Messaging and Collaboration
Integrating IT
•
Development Environments
•
Middleware - Utilities
•
Project Management
Green IT
•
E-Waste and Recycling
•
Green thinking
IT Workplace
•
Careers and the Job Market
•
Consulting and Contracting
•
Human Resources Issues
•
Women in IT
Departmental and End User Computing
•
Future Technology
•
Help Desk and End-User Support
•
Mobile Applications
All IT World Blogs
Featured Blogs
•
All things Android
•
Career Corner
•
Enterprise Insights
•
Security
ComputerWorld Canada Blogs
•
Shane Schick's Computerworld
•
World Wide Webb
•
Blogosphere
•
Techbuzz
CIO Canada Blogs
•
CIO Canada
•
Candid CIO
NetworkWorld Canada Blogs
•
Network World
•
Industry Watch
Guest Blogs
•
Stuff IT Managers Like
•
CDN Varbose
•
Making IT Work
Wikis
•
IT job Descriptions
•
CWC In Conversation
Groups
•
Finance
CIO Canada
ComputerWorld Canada
Network World Canada
Computer Dealer News
Direction Informatique
IT Business.ca
Click Here to Subscribe Now!
ComputerWorld Canada Events
•
Computerworld Interactive
•
Computerworld IT Leadership Awards
•
Computerworld Technology Insights
Feature Events
•
Visability - Social Media
•
Technicity
Events for Government
•
GovSym Symposium
•
Lac Carling
Computer Dealer News Events
•
CDN Channel Elite Awards
•
CDN Top 100
•
Computer Golf
Events for CIOs
•
CIO Exchange
•
CIO Frankly Speaking Breakfasts
•
CIO Frankly Speaking @ Your Desk
More Information on
IT World Canada Events
IT World Canada Curated
Job and Career Resources
•
Canadian IT Jobs
•
IT Sales Jobs
•
Salary Calculator
•
Tech Learning Space
Knowledge Services
•
CDN ProFIT - Turnkey Marketing solutions
•
Visability
•
Knowledge Store
Subscribe Now- Register
Slide Shows
Videos
White Papers
Webinars
Hot Topics:
operating systems
•
DDoS Protection
•
SAS
•
Oracle
•
HP
•
rural broadband
•
IT jobs
•
social networking
•
hacking
•
ERP
•
Search
SHARE
Home
>>
Security
Rogue Android app texts humiliating messages
By:
Gregg Keizer
On:
01 Apr 2011
For:
ComputerWorld (US)
The app's maker threatens to sue security firm for blogging about threat. The Trojanized version of the app includes malicious code that pilfers personal data from the phone and sends it to a remote anonymous server
Android users face a new threat, a rogue app that tells all their friends they pirated the program, a Symantec security manager said today.
The app is a fake copy of the legitimate "Walk and Text," software that uses the smart phone's camera to show what's in front of the user while she simultaneously walks and texts.
Walk and Text is available not only on Google's official
Android Market app store
, but also on several unofficial e-marts. It's one of several mobile apps created by Georgi Tanmazov, the CEO of Incorporate Apps.
On the
Android Market
, Walk and Text is priced at $1.54.
The Trojanized version of the app includes malicious code that pilfers personal data from the phone -- the phone number, the device's unique identifier and more -- and sends it to a remote anonymous server.
That's not new, said John Engles, a group product manager with Symantec's security response team. What is new, at least on mobile devices, is the rogue app's texting of an embarrassing message to each contact in the phone's address book.
"Hey, just downlaoded [sic] a pirated App off the Internet," the message reads. "Walk and Text for Android. Im [sic] stupid and cheap, it costed [sic] only 1 buck. Don't steal like I did!"
A new rogue Android app uses a new twist: It texts an embarrassing message to everyone on the phone's contact list.
When the app is run, a final message appears on the smartphone's screen that states, "We really hope you learned something from this." That message is accompanied by a an offer to buy the legitimate program from the Android Market.
According to Symantec, the rogue app -- which the company pegged as "Android.Walkinwat" and identified as a Trojan horse -- is similar to other fake Android apps that host malware. "They took the legitimate app, decompiled it, added the malicious code, recompiled it and then placed it on small Android side markets," said Engles.
Although Engles said the Trojan maker's motivation was unclear, he said it was most likely created by anti-piracy vigilantes. But it's also possible that the creator of Android.Walkinwat wanted to undermine the reputation of the legitimate Walk and Text application.
Engles called Android.Walkinwat "fairly benign," in part because it doesn't appear to have elements common to other mobile malware, such as a backdoor that allows secret downloads of other code.
"And it doesn't seem to be very popular or widespread," said Engles. Symantec has classified the rogue app/Trojan as a "Low" threat.
Installing the Trojanized app could result in higher texting bills, depending on the number of contacts in a victimized smartphone, and where those contacts lived. "This could cost you some money," said Engles.
Tanmazov, Walk and Text's developer, has denied any connection to the Trojan, and has threatened to sue AVAST Software, a Czech Republic-based security company that first blogged about the rogue version of his app more than a week ago.
In a message posted on the Web,
Tanmazov accused AVAST
of publicizing the Trojanized version of his app to promote their mobile security software.
"We wonder why only anti-piracy companies have interest in writing blogs about pirated apps they find on illegal sources and are trying to spread fear among the normal 'Android Market' customers," said Tanmazov.
In an e-mail reply to a request for comment, Tanmazov again denied any link to Android.Walkinwat and elaborated on his frustration that criminals had hijacked his reputation. "This is not the way we fight against piracy," Tanmazov said.
"[And] we have absolutely no control over anything other than what is on the Android Market. This file is all over the place now, Torrents, forums, and there is nothing we can do about it," said Tanmazov.
The real Walk and Text app on the Android Market does not contain the malicious code and features of the Trojanized Android.Walkinwat, Google confirmed today.
This isn't the first time that malware-filled Android apps have cropped up. Earlier this month, Google was forced to
yank more than 50 infected applications
from the Android Market.
Robert McMillan of the IDG News Service contributed to this report.
Sign up for our
Newsletters
Tags:
Symantec
,
Android
Close X
Your Name:
Your E-mail:
Friend's Name:
Friend's E-mail:
Close X
|
Views:
2147 |
Rating:
(0 votes)
Rate this article on a scale of
1 to 5 stars,5 being the best.
Close X
Page
1
Quick Access
Video Conferencing
Cloud Computing Resource Centre
CIO Canada's Brainstorm Centre
CIO Canada Debate
Gregg Keizer
is a contributor to the International Data Group (IDG) News Service, which publishes global technology stories from bureaus around the world to more than 300 publications in more than 60 countries.
Please enable JavaScript to view the
comments powered by Disqus.
blog comments powered by
Disqus
Related Videos
Building an Enterprise IT Security Training Program
Building an Enterprise IT Security Training Program
-
Over 50% of security breaches are a result of end-user error, oversight, and ignorance. IT security training is an effective method of reducing end-user related security breaches.
Cloud Computing: Extending the Network (3 of 3)
Cloud Computing: Extending the Network (3 of 3)
-
The end goals of private cloud computing are to; Enable efficient delivery of IT resources and services; Give the enterprise complete control over data; Enable choice in technologies and service providers
Cloud Computing: Getting to One Network (1 of 3)
Cloud Computing: Getting to One Network (1 of 3)
-
In this first video of the series, the team will take you through how to consolidate the different types of traffic onto a single, general-purpose, high-performance, highly available network that greatly simplifies the network infrastructure and redu
Cloud Computing: The Unified Compute Model (2 of 3)
Cloud Computing: The Unified Compute Model (2 of 3)
-
In this second video, the team will look at how to unite computing, networking, storage access, and virtualization into a single cohesive system. The Unified Compute model prepares you for cloud computing. This will be discussed in the next and fin
Professors warn of arms race in cyberspace
Professors warn of arms race in cyberspace
-
At a panel discussion organized by Osgoode Hall, professors Ronald Deibert and Stephane Leman-Langlois discussed the attacks on Google Inc. and the challenges of working in countries such as China.
more from the:
Video Library
Take Our Poll
Most Popular
Articles
Most Viewed
Most Emailed
Top Rated
Most Viewed
Most Emailed
Top Rated
Shaw wins Internet deal with city of Winnipeg
By: Howard Solomon (16 May 2012)
Shaw Communications has scored a big win in its campaign to extend its services to municipalities. The Calgary-based cableco won a bidding contest to ...
Open source Java moving to Linux, AIX on PowerPC
By: Paul Krill (11 May 2012)
SAN FRANCISCO -- Open source Java will be brought to the PowerPC architecture for Linux and IBM's AIX OS under a proposal floated lastweek that could ...
The cost of open data: A Canadian lawyer's analysis
By: Lou Milrad (14 May 2012)
We’ve started hearing a lot over the last year or so about “open data”, particularly in the municipal sector. It’s all ab ...
Rogers offers lure to M2M developers
By: Howard Solomon (11 May 2012)
Network operators are always looking for ways to expand the way organizations can use their networks beyond voice and data centre traffic. To encour ...
Canadian employee survey indicates dark view of cloud
By: Shane Schick (16 May 2012)
If Canadian enterprises are using cloud computing, their employees may be the last to know. A recent research bulletin from Toronto-based Pollara of ...
Cisco kills off Cius development
By: Paolo Del Nibletto (5/25/2012 11:56:00 AM)
In a surprise move, Cisco Systems Inc. has confirmed it will no longer invest in developing the Cius tablet device running Android.The Cius tablet was ...
Microsoft's new server and tool upgrades and CIOs
By: Juan Carlos Perez and Chris Kanaracus (5/25/2012 10:21:00 AM)
MIAMI -- CIOs and IT directors tracking the barrage of major upgrades for Windows and Office also need to stay tuned to the refresh cycle for Microsof ...
Microsoft clarifies tremendous Windows 8 claims
By: Gregg Keizer (5/25/2012 9:21:00 AM)
FRAMINGHAM, Mass. -- Reports earlier this week that Microsoft CEO Steve Ballmer predicted unprecedented sales of Windows 8 were wrong on multiple ...
How to make PHP apps scale
By: Andrew Oliver (5/25/2012 9:14:00 AM)
SAN FRANCISCO -- The power of PHP and an RDBMS is the ability to nail the major features of an application with cheaply paid developers in a reco ...
Funding rural broadband: Whatever it takes
By: Howard Solomon (5/25/2012 7:11:00 AM)
For rural communities looking to get ultra-fast broadband speeds increasingly seen in cities, there’s only one obstacle: Money. Getting it is ...
VIDEO: Why IT pros need 'soft skills'
By: Brian Bloom (23 May 2012)
Unemployment in the high-tech sector is low. But are IT pros getting the jobs they want? Stafflink CEO Tim Collins explains why having impressive ...
Open source Java moving to Linux, AIX on PowerPC
By: Paul Krill (11 May 2012)
SAN FRANCISCO -- Open source Java will be brought to the PowerPC architecture for Linux and IBM's AIX OS under a proposal floated lastweek that could ...
Why integrate Wi-Fi radios into small cellular cells
By: Ajay Kumar Gupta (15 May 2012)
FRAMINGHAM, Mass -- (Gupta is team lead at Wesley Clover Communications Solutions, which develops solutions from Canadian companies -- including Mitel ...
CEOs demand CIOs prepare for growth and mobility
By: Mark Chillingworth (15 May 2012)
CEOs have shifted their position and are releasing funds to CIOs that have innovations for mobile users and revenue generation ideas, finds the CIO Su ...
EMC mega-launch targets hybrid cloud, big data
By: Jeff Jedras (22 May 2012)
LAS VEGAS – With nearly 15,000 attendees making this its biggest user conference, IT infrastructure vendor EMC Corp. has made its largest ...
Related White Papers
Staying Aloft in Tough Times
-
Today users are tapping into public and private clouds for computing resources and services without having to address the underlying technology. Companies are leveraging the massive scalability and collaboration capabilities of cloud computing to solve problems in ways that just weren’t possible before. They are deploying new services with greater speed and without additional capital investment. As budgets continue to be stretched, cloud computing is enabling CIOs to do more with less. Virtualization, standardization and other fundamental features of cloud are lowering the cost of IT, simplifying IT service management and accelerating service delivery. Read this paper to learn more.
How to Avoid Storage Overspending
-
It’s no secret, storage dynamics are changing. Six Steps to Embracing Storage Efficiency – Download this whitepaper now!
Load Balancing 101: Firewall Sandwiches
-
Learn how to recover from firewall failure – Click here to read
Extending Collaboration to Mobile Employees
-
Mobility brings numerous benefits to business; however, each mobile worker must be matched with the right collaboration and unified communications tools.
DNSSEC: The Antidote to DNS Cache Poisoning and Other DNS Attacks
-
DNS in the Wild: Bad Things Can Happen – Click here to read!
more:
White Papers
Close X