Android Ransomware

Recently, a type of malware called ransomware has begun to appear more frequently. Its purpose is to effectively take data hostage and demand a ransom in exchange for returning it. CryptoLocker, for example, does this by encrypting all document files on a computer and mapped network drives, then requiring a payment of roughly $300. Upon confirmation that the payment has been received, the decryption key is then sent to the victim. In some cases, of course, the decryption key may not be sent even if payment is made.

Naked Security has an article about the recent appearance of “Koler,” a variation of ransomware that issues a fake “police warning” and demanding payment of a fine, again about $300. This malware does not, however, encrypt data. It is also fairly straightforward to protect against, as the Android setting “Allow installation of apps from unknown sources” must be enabled for it to infect a device.

Fake AntiVirus in Mobile App Stores

The first well-known fake mobile antivirus software was called Virus Shield, and it was placed in the Google Play Store. Since then, the malware has become progressively more sophisticated. Now, it seems to be using the names of legitimate antivirus software companies.

Kaspersky posted an article five days ago about a couple of these malware packages using their name, one on Google Play and the other, unusually, in the Windows Phone Store. Most major antivirus vendors have mobile versions of their software, but the layout and apparent lack of source verification in mobile app stores, coupled with the sometimes complicated named software vendors give to their products, can make it easy to mistakenly install the wrong app. For example, in the Kaspersky example above, the real antivirus software is called “Kaspersky Internet Security for Android,” while the fake apps were given the much simpler names “Kaspersky Mobile” and “Kaspersky Anti-Virus 2014.”

It seems that the only safe way to obtain mobile antivirus apps is by visiting the vendor’s website and locating it there, rather than trusting any mobile app store.

WhatsApp Subject of Privacy Investigation

The popular smartphone instant messaging app WhatsApp has been the subject of a joint Dutch-Canadian probe into breaches of the privacy laws of both countries.

Sophos’ Naked Security reports that this is the first time two countries have worked together to investigate privacy breaches. Linked from the article is the Canadian report from the Office of the Privacy Commissioner.

There are a number of allegations in the report, notably that WhatsApp uploaded full contact lists without allowing end users to select which contacts they wanted to share, retained information about those contacts even if they did not use WhatsApp themselves, and failed to inform users that their own status would be made available to all of their contacts who were users of WhatsApp.

WhatsApp appears to be working toward fixing the problems identified in the report. It has released an update for the iOS version of the app to allow selective uploading of contacts, and plans to roll out updates for all other versions as well.

Facebook Testing VoIP Feature in Canada

Facebook has recently released an update to its iPhone Messenger app that allows free VoIP mobile calls. Currently the feature is only available on iOS and only in Canada.

Also receiving a lot of coverage recently is Facebook’s new voice message feature, designed for short, one-way messages and available worldwide.

The Toronto Sun gives a brief summary, and references a more thorough article from The Next Web that also discusses the recent release of Facebook Poke as part of Facebook’s larger mobile messaging strategy.