www.tech-sanity.com
Googles Android OS is the mobile operating system most plagued by malware. It might not come as a surprise then that cyber criminals are taking advantage of the 2012 Summer Olympics as an opportunity and a cover-up for more malware.
Anti-malware and anti-virus solutions provider Webroot has issued a warning that because there are so many events happening at one time during the Olympics, it might be all the more tempting when viewers find an app available that focuses on one or just a few.
This goes hand-in-hand with some other cyber threats attached to the Olympic Games that can really affect even just the casual viewer. RSA recently published some tips on dealing with Olympic-themed phishing emails as well as social media alerts that are disguised in order to steal personal information.
Webroot researchers cited an app app called "London Olympics Widget," which is described as an app that displays aggregated Olympic news coverage.
In fact, it's really just harvesting the user's contact list and device ID while reading up on SMS messages too.
Webroot goes into the nitty gritty details about permissions hidden in the underlying code as well as the digital certificate, but the bigger lesson here is to be extremely careful when it comes to downloading apps.
Despite some disputes about this, Android is still an open source platform at heart, which is what makes the mobile OS quite vulnerable in the first place.
Furthermore, Google Play and the Amazon Appstore don't screen every app available in these digital app stores for malicious code until they are reported. You don't really want to become the test case.
Webroot advises that consumers should take a close look at the author of the app and then search the name to see if it is in fact a reputable company and/or developer, as seen in the photo above.
During a session at Google I/O in June, Android security engineers also stressed several tips for the developer side of things that could instore more confidence for consumers as well, including offering a transparent privacy policy.
No comments:
Post a Comment