Android malware being spread via Google Adsense

Also in today's open source roundup: Google shares details about security features in Android 7.0. and Android users share their thoughts about Google's new Duo video calling app

android malware

Android malware and Google Adsense

Google’s Adsense advertising program is used by many sites across the Internet. But Android users should beware of some nasty malware that is being spread by Google’s Adsense network.

Justin Luna reports for Neowin:

Mikhail Kuzin and Nikita Buchka of Kaspersky Solutions found the banking Trojan, which was dubbed ‘Trojan-Banker.AndroidOS.Svpeng.q.’ The malware is out to steal banking and other financial information from innocent people on the internet, by means of phishing or other related methods. It also has the ability to read and delete text messages sent by banks to their clients.

It was found that the malware can actually be contracted via AdSense, Google’s own advertising network. What is also very alarming is that millions of websites on the internet, from news sites, to the smallest blog websites utilize the network, in order to monetize their content. Moreover, Svpeng is downloaded automatically as soon as the page with the advertisement is visited.

The Kaspersky researchers found the malware on state-owned news company Russia Today (RT), as well as the Meduza news portal. In light of the discovery, the latter has already disabled AdSense advertising on their pages. Svpeng will disguise itself as a browser update, shown on the screenshot, in order to trick users into thinking that the download is safe.

Once installed, the malware disappears from the list of installed apps, and then it will request administrator rights. This privilege will make it harder for antivirus to terminate the malicious program.

More at Neowin

News about the spread of Android malware via Google Adsense drew some sharp responses from Neowin readers:

Max Norris: “Yup, you want an ad blocker on your phone too. It’s not just a nuisance thing anymore, it’s part of your security suite.”

Felrefordit: “You couldn’t be any more wrong. Only a moron would trust his ad blocker to protect him from malware of any kind. Why? Because ads can only infect your computer or phone the very same way any web page can. You know, web pages like the ones you block the ads on. On the other side ad servers like AdSense’s about 1000x more secured than Average Joe’s webpage.”

Mrbester: “You couldn’t be more wrong yourself. Websites don’t tend to serve ads themselves; the ad servers do. If AdSense is serving up the malware then it isn’t the website doing it. Plus the antivirus offerings on mobile are a joke, consuming massive resources of CPU, battery and bandwidth.

I’ll use an ad blocker as much as I like, thanks. I’m not about to take advice from a clueless “ohh, the poor sites won’t get revenue” idiot.”

DeusProto: “Thank goodness for AdGuard for Android (which also blocks ads in programs).

If advertisers REALLY wanted to put an end to malvertising they would only allow standard format images and text. No JS, no Java, no Silverlight, no Flash, and so on.

If they want to reduce the impact from ad blocking then they would do what I mentioned above. Until they do, they have nobody to blame but themselves for the prevalence of ad blocking. It is bad end user security not to use an ad blocker these days.

They also made their beds before malvertising was a thing. Pop ups, pop unders, ads with annoying and loud noises, ads that prevent closure of the window, and other such “in your face” gradually increasing annoyance levels leading up to the creation of Proxomitron and the other extremely early ad blockers so that end users could put a stop to it. They took too many liberties. And now they expect end users to compromise their security.

They should not have progressed past the point of simply displaying a static image. I’ve been using the internet since 1994 so I’ve seen how it has gotten worse year by year before the rise of ad blocking. It started out as either non-intrusive text ads, or ONE rectangular ad at the top of a webpage that were rarey animated, and were completely non-intrusive, and it devolved from there as they got progressively more greedy.”

CougarDan: “ This is why if providers like Google and Facebook want to force-upload data to our devices they should have some legal culpability in the content that comes from their servers.

If I elect to browse a specific site that’s fine, that’s my choice/responsibility, but when I’m being served invisible data in the background that’s well beyond my control.

Even worse when it comes to Facebook they’re actually trying (HA!) to circumnavigate the ability to block the content so now when (and it is most definitely a ‘when’) they get hijacked the malware will get to go straight through. ”

Coth: “AdSense has been one of largest malware spreading networks for ages. Google never cared about it.”

Draconian Guppy: “Man this has been happening for years! (I know cause I clicked… mistakenly ) Hopefully google do something about it.”

Packet1009: “Bravo Android, you depthless cesspool. I’ve actually gone the other way - I only trust my iOS devices (phone, pad) for online banking instead of using a PC/laptop”

Seeprime: “I’ve been using Opera Mini with its built in ad-blocker turned on. It’s much faster than Ad-Block browser. Google’s lack of screening of ads is unfortunate. Android can be made to be pretty safe without sideloading and push SMS turned off. Ads, however, are more than a mere annoyance now. Stop them however you can to prevent issues.”

More at Neowin

Security features in Android 7.0

Speaking of Android, Google has shared some details about security features in the next version of its mobile operating system Android 7.0 (Nougat).

Al Sacco reports for CIO:

During an hour-long Hangouts web chat for the media and select IT professionals, Google today provided a glimpse of some of the new security features in its upcoming mobile OS, Android 7.0 “Nougat,” which should be available on Google Nexus devices “in a few weeks,” according to the company.

The online briefing wasn’t meant to be exhaustive. Instead, it provided a top-level look at a set of new security and management tools in Android Nougat and Android for Work. Here’s a breakdown of some of the most notable security improvements in Nougat, for Android users and IT administrators.

1. Direct boot and stronger encryption

2. Stronger MediaServer and platform hardening

3. App security and abuse prevention

4. Seamless’ Android updates

When Nougat software updates are available for new phones, users can choose to download and install them in a separate on-device partition, so they don’t need to stop using their phones or tablets during the process. The next time they reboot their phones, the new software will auto-install much more quickly than in the past, according to the company. Unfortunately, only new phones optimized for Nougat will have access to this feature.

More at CIO

Android users share their thoughts about Duo

Google’s new video calling app Duo is getting quite a bit of attention in the media and in online discussions. A recent thread in the Android subreddit captured some of the sentiment about Duo from Android users:

Aamir64: “I’m really liking the fact that Android users can now be able to use video amongst other Android users and iOS users. Video quality is good and consistent. That’s what I really like about this app, the consistency. Knock knock feature is genius and it really removes mystery of the caller and seemlessly transitions into an actual conversation. I’ve used the app with my wife and brother in law and we all share the same experience.

I’m not sure why people are complaining about this app right out of the gate, but this app is simple and provides a consistent video calling experience. This is what Google needed i think. Now Android users have their version of Facetime. Hangouts was ok, but inconsistent, perhaps that’s why it didnt catch on.

I’m really enjoying this app.”

Curious Iguana: “I have Duo. No one else I know has Duo or is ever likely to install Duo.”

And1927: “I have about 100 contacts and every single one of them uses WhatsApp (half of them are on iOS). No one uses SMS/MMS here in the UK, especially MMS since it’s not included in most packages.

As for video calling, I guess it’s more common among friends and relatives that live far and don’t see each others often. I never video call so Duo is useless to me.”

DiviRan: “Just make it a default app that comes with Nougat but give users the ability to uninstall if they don’t like it. That will give the app the publicity it needs for a good start.”

Armandorod: “I was reading some users saying it was grainy but not on my tests, on 3G and not grainy at all almost perfect sharp video.”

DinoStak: “Not gonna lie, I was on the hate train but after using it I love it. I hope the user base grows enough.”

Joejoejoemoe: “Not complaining, I think it’s a cool app. But, there’s no way I can convince people to step away from what they already know, among my social circle anyways, Facebook messenger.

At this moment, you can make calls, send messages, send texts, video call, leave voice messages, and send payments. The development team for this app has been killing the unification on this platform.

Duo’s nice, but splitting their assets into a million apps when I already have one that does it all so well?”

Hbar98: “Just continuing the conversation. I’m not disagreeing with you, but maybe Google has an idea with how they are doing this. While with FB Messenger you don’t need a FB account (I believe), you still have to sign up with the big blue f, and that is a turn-off for some.

With Duo, all you need is a windows or iOS phone. You don’t need to sign up with anyone, you don’t need to remember your password, you don’t even need to make a username. You use your phone number, and the app takes care of identifying you.

And remember… someone had to convince your friends that FB Messenger was better than the alternative, so your friends can step away from things they already knew. If Duo turns out to be good (superior call quality, end-to-end encryption), easy (no account creation needed, no seen attachment to Google, FB, etc…), and behaves the same across platforms (I can help my iOS friends with the app in the same way I can help my Android friends), then I can see some people moving over. Not all, but maybe many.”

DeadSalas: “The real question is if the user base will ever get high enough for it to be valuable. I don’t know about you guys, but getting people I know to download an app that they’d only use to contact me because no one else they know uses it is basically impossible.”

Hughman: “Exactly! Convincing my closest family to jump from Facetime to Duo just ain’t going to happen. I tried with Hangouts and it took years of convincing. To now tell them that Hangouts didn’t work out after all, Duo is the new thing, all I’m going to get is “I’ll rather stick with Facetime, at least it’s consistent”

Ask yourself “will an iPhone using mom pick this up?”. If the answer is “no”, then it will have a hard to reach a mayor crowd.”

More at Reddit

Did you miss a roundup? Check the Eye On Open home page to get caught up with the latest news about open source and Linux.

This article is published as part of the IDG Contributor Network. Want to Join?