Status
Not open for further replies.

Exterminator

Community Manager
Verified
Staff member
For now, the apps affects only users in China
A Chinese mobile advertising platform is distributing a malicious SDK (Software Development Kit) that helps developers implement in-app purchases (IAPs) for Android apps. This SDK secretly steals all SMS messages that arrive on infected phones.

The SDK is being offered as a free download by Chinese company Taomike, and can be used to allow Android developers to create mobile apps that provide in-app purchases via SMS messages.

According to Palo Alto Networks, the security vendor that discovered the SDK, only recent versions of the SDK seem to contain the SMS stealing functionality. This version was released in August 2015.

Right now, Palo Alto has detected over 63,000 Android apps containing the Taomike SDK, but only 18,000 include the recent malicious version of the SDK.

App developers are unaware of what the malicious SDK is doing
The developers of these apps are unaware that the library they used to power IAPs is actually stealing SMS messages (text body and sender number) and then uploading them to one of Toamike's servers, more specifically to 112.126.69.51/2c.php.

As Palo Alto staff explains, only this URL is responsible for gathering SMS messages. Tying the URL to Toamike was easy because it was also used to host other API functions.

All affected apps seem to be created only by Chinese developers, and none of them seems to be distributed via Google's official Play Store.

No details on what the SMS messages are being used for
At the moment, Palo Alto has not been able to determine from their analysis what Taomike is using the stolen SMS messages for.

This revelation comes just two days after Apple banned 256 apps from the App Store for including a similar "malicious" API, which was collecting private information from iOS users. This violated Apple's privacy and security policy.
 

Anupam

Level 21
Thanks to Cyanogen Mod. My phone has privacy protector and you can restrict access and check which Apps Accessed which option and how many times.

But still I personally feel not only SMS, Android should have a strict security system for the advanced users ( By default without Root) to block access to whatever permission it wants to.

Android ROMs are just unnecessary getting bigger and resource hungry rather being more optimized.
 
  • Like
Reactions: Spawn

Spawn

Administrator
Verified
Staff member
My phone has privacy protector and you can restrict access and check which Apps Accessed which option and how many times.
Android M (v6) will allow you to change App permissions, which is very much needed, as your data becomes the target.

I agree that some apps take advantage of these API's, to access parts of the phone that are not needed. But until Android M is released, there's not a lot you can do, unless you uninstall it.

For non-rooted Android devices, I view Privacy Protector apps as scareware.
 

Anupam

Level 21
Android M (v6) will allow you to change App permissions, which is very much needed, as your data becomes the target.

I agree that some apps take advantage of these API's, to access parts of the phone that are not needed. But until Android M is released, there's not a lot you can do, unless you uninstall it.

For non-rooted Android devices, I view Privacy Protector apps as scareware.

It will still take time to get Android M for non-nexus devices. Thank fully Cyanogen Mod already have few features those are extremely useful.

So many versions of Android are already released but frankly none of them includes proper proper security settings. For example: Firewall, Privacy Protection these are very basic things those should be present in it.

Since I am not fond of rooting, I miss those specially firewall. Whenever I turn on the data in my phone all the Apps starts connecting to internet instantly which I feel is very irritating. I miss those old days when Symbian based OS used to ask for every connection.
 

Spawn

Administrator
Verified
Staff member
Whenever I turn on the data in my phone all the Apps starts connecting to internet instantly which I feel is very irritating.
Today's mobile devices would be considered Always-On / Always-Connected devices, that's why everything gets Internet access.

In terms of treating a mobile as a desktop PC would be wrong, as Android, iOS and Windows Phone function differently, by containing sandboxes, apps and permissions etc.

In my opinion, consumer's don't want a complex mobile OS that asks for every permission. They don't need a Comodo OS on their mobile phone. :p
 
  • Like
Reactions: Deleted member 178

jamescv7

Level 61
Verified
Trusted
It should always start for a user to think first which applications are worth to install, Play Store provides the best it can have to prevent those pesky threats however failed on those basic techniques.
 
Status
Not open for further replies.