![]() That was the same advice Google doled out the last time Android phones were hit by a Trojan, too. Android users, warns the mobile industry news source GoMo News, just “need to pay attention” to the permissions apps require. Security firms are advising of the threat but also noting that it’s not a major one nor is it likely to be all that widespread. Still, it acknowledges that using it for spying would have probably required “a dash of social engineering as well – something like, “ Hey, let me show you this cool game.” Android Users Just Need to Pay Attention? Is Security the End User’s Job? Symantec says it decided to classify this app as a Trojan because it does not disclose its primary purpose up front, and instead masquerades as an innocent game. Each mapped out data point even includes a data and timestamp along with latitude and longitude coordinates. GPS Spy can then download the data and display it on Google Maps for easy tracking. The GPS data transmitted between the two apps is stored on Google’s free App Engine service, says Symantec, the security company which initially outed the malicious code as AndroidOS.Tapsnake on Monday. Because of this requirement, they would have needed to first gain physical access to the device being monitored. In order for the actual spying to occur, however, the perpetrator would need to purchase GPS Spy, $4.99 mobile spying application that is registered with the same keycode or email address as Tap Snake. And secondly, every 15 minutes the game secretly reports the GPS location of the phone to a server.” Once installed, it runs in the background forever, and restarts automatically when you boot the phone. “First,” explains security firm F-Secure via blog post, “the game won’t exit. What they wouldn’t realize is that the simple snake game had two hidden features. How Tap Snake/GPS Spy Worksīut the victims of this game aren’t likely to be savvy technical users – just regular ones.Īfter allowing another person to access their phone, either knowingly or not, the victim would have discovered that a new game had been installed on the device. ![]() These would all be warning signs to a savvy smartphone user that the game in question may be doing more behind the scenes than it should. Access location? Access the Internet? Why would a game need that? Why is the satellite icon (GPS) flashing when you play the game? Etc., etc. If you were just looking for a “snake” game, and ended up with “ Tap Snake,” the permissions it requires upon installation should have been a warning flag. Updated with Google’s comment, see bottom of post.Īs scary as it sounds – mobile spyware! – the threat isn’t as bad as it seems, say security researchers. Used in combination with Tap Snake, GPS Spy can monitor the physical location of the mobile phone with the game installed. ![]() It’s actually client software for a commercial spying application called GPS Spy. This time, the app in question isn’t a Russian-created Trojan that drains bank accounts but rather an innocent-looking clone of the “Snake” game called “Tap Snake.” However, Tap Snake isn’t just a game.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |