A team of researchers from North Carolina State University in the United States has released what is perhaps the most dangerous Android malware ever discovered. It is a Trojan that takes advantage of the GingerBreak hack, applicable to Android 2.3 Ginbgerbread.
GingerMaster, the name given to this Trojan, incorporates many of the features of the growing family of Android Trojans currently circulating on third-party websites in China, but with some interesting and dangerous new features. The malware was analyzed by researchers at North Carolina State University with the support of the Chinese mobile security company NetQin.
Integrated into an apparently legitimate application designed to display photographs of women, GingerMaster captures the maximum of the user's personal data, including their mobile number and IMEI, and sends them to a remote server.
The server then begins to download the malware, which exploits the GingerBreak hack and, once installed, completely takes control of the Android smartphone.
Google has patched the vulnerability as soon as it was discovered in April, but it is unlikely that all users have received the update. Operators are reluctant to offer solutions unless absolutely necessary, given the amount of technical support services that this entails.
In the market there is an option to "report" and that is to mark it as inappropriate ... I have never used it
It's good that I received the patch on time, I really like the Android cell phone 🙂 I have antivirus protection on my cell phone and I hope it always works 🙂
I think it is not acceptable that Android users are kidnapped by operators or manufacturers when receiving updates, especially when they are to close security holes. It should be aimed at a system more similar to Apple's, at least ignoring the operators.
Without being a supporter or friend of operators, with respect to what Warheart mentions I disagree. The user buys a phone that costs 500 euros for 50 euros, and above all he wants instant updates and technical support in case the update does not work well (it has happened for example with Vodafone's Desire HD). For that reason the operators are reluctant to update.
If users buy free phones, it costs them much more expensive but the updates arrive earlier (as long as they arrive, but that is a separate issue). Without being something that can be attributed to the Android OS itself, I do believe that Google should review its policy towards manufacturers and operators.
Manufacturers should not be able to say that a phone carries Android and release it in 2011 with outdated versions.
Posts to write nonsense: If they want to say that Android has certain minimums must be met:
- No customizations (big culprits for the delay in updating)
- Commitment of maximums in terms of delays in updates (once a version is released, at most x time)
- No operators, only free device.
In this way you get 2 different HD Desires, one with Android and the other with a proprietary OS based on Android. It is the user who decides, and in the end, that is the freedom of SW that Google searches, right?
Jorge, I don't agree. The user buys a phone that "costs" € 500 for € 50 because he agrees to spend at least X € per month for at least 18 months. If you leave the company before the end of this period, you have to pay a penalty, which is not cheap or proportional at all (try asking how much it would be worth to leave one day before your stay ends).
I understand that the participation of the terminal manufacturer may be necessary, for customizations (which I am against, but is a separate issue) and especially for adaptation to the hardware. But the operator should not influence these updates at all, in the same way that when Apple launches a new version of iOS the operators have nothing to touch for a user to update, regardless of whether the terminal has been subsidized or not. .