Mobile App Store Exposure

Smartphones are becoming more and more “smart”. With the open source and openness of the Android (Android) system and its application market, many mobile phone application operators “paralyze” users through technological means to obtain bad revenue. Various applications make mobile phones “Best Brothers,” but they are also becoming less and less secure.

According to the latest data from the CNCERT (National Internet Emergency Response Center), in the past year, the number of malicious codes on China’s mobile Internet reached 160,000, which was 25 times more than the previous year, and several times more than the historical total. According to different classifications, the largest mobile phone virus threat was malicious deduction, which was 39.8%, followed by hooliganism, which accounted for 27.7%. The malicious program is mainly concentrated on the Android platform, accounting for 82.5% of all malicious programs. “Last year, there were an estimated 55 million mobile phone users in the country who had been infected with malicious programs,” said Wang Minghua, deputy director of the CNCERT operation department.

The mobile phone application store is the first to become the most vulnerable to malicious software. Today, the development of application stores seems to be very homogenous. In reality, the qualifications and security are uneven. Users should choose large-scale application stores, pay attention to protection.

Block payment SMS notifications

At present, many mobile phone games in China adopt a convenient way for operators to charge their bills. The operator payment SDK provides a standardized payment process, a clear payment information confirmation interface, and informs users through SMS when the payment is successful, protecting user interests. Some game developers make use of the openness of Android system and the user's lack of understanding of the rights of the mobile phone system to maliciously intercept the payment notification SMS of the operator in the game. In the case of the user without knowledge, the malicious deduction may cause the user multiple times. Repeat payment.

Because the current mobile payment industry environment is not perfect, some Android in-app payment game operators use SP to withdraw fees is understandable, but with the help of the openness of the Android system, change the underlying data to intercept deductions SMS, deprive users of the right to know , The damage to the industrial environment is greater.

In response to this situation, it is necessary for the App Store to take active preventive measures to ensure that the interests of users are not violated. Tencent Technology interviewed the relevant person in charge of the China Unicom (Weibo) Wo Store on this issue. It stated that in the case of a number of mobile games, the same application for downloading from the Wo Store did not appear in the same situation. The security measures taken in this regard are mainly avoided through the establishment of sound SMS permission mechanisms. Android apps with embedded billing points do not allow permission to receive, read, or write SMS messages, but only publish SMS billing via the SDK. For such applications, the authority to apply for the system is checked and the unnecessary permissions are removed. This can effectively prevent the application from being tampered with the content of the SMS and lead to arbitrary deductions and malicious fees. This practice is very common in other third-party application markets. Rare.

"Pack the party" rampage

In the current Android app store, the phenomenon of "packaging the party" is also more common. "Packaging Party" refers to the popularization of malicious advertisements and Trojan horses in popular software. It also uses the psychology of consumers to pursue popular applications. It also adds to the inability of ordinary people to distinguish between genuine pirates and the inadequacies of the application of market security supervision capabilities. This leads to malicious advertisements and virus Trojans. Successfully entered the user's mobile phone.

One of the more prominent backdoor programs called Android.Troj.mdk (abbreviated as MDK), which lasted more than one year, built a “botnet network” that covers millions of users and can remotely manipulate user mobile phones. In the process of using software, users always pop up some strange software. Once clicked and installed, it is impossible to delete it. The MDK mobile botnet has implanted backdoors in more than 7,000 popular games.

The more regulated application store can use some rules to limit the combination of virus scanning to avoid such problems. For example, the operator's application store directly obtains genuine applications through an agreement with the developer. At the same time, there is a virus scanning process at the back end of the community. When the application function is tested, the corresponding security software is also installed on the mobile phone for killing. The application will be returned if there is a virus.

In addition, it is stipulated that applications with in-line billing points cannot have in-line advertisements, automatic updates, links to other websites, etc., which limit the secondary embedding channels of malicious code, avoid opening a user's mobile phone through a secure software, and introduce Unsafe software.

Stealing User Privacy as a "Broiler"

Under the premise that users are not notified, the behavior of controlling the privacy of mobile phone users through the cloud technology is also frequently occurring in the Android application market. Why authorization will leak privacy? This is because smartphones generally use a privilege-based security management mechanism. For example, the Android system uses about 130 permissions to control system resources, including opening the phone microphone or camera, collecting short messages, emails, account numbers, contacts, call history and location.

Recently, DCCI Internet Data Center conducted a security assessment of the first 1400 APPs for Android market downloads. The results show that 66.9% of smart phone applications are capturing private user data; call records, SMS records, and address books are user privacy information. Three high-risk zones leaked.

A mobile phone application should use what rights of the mobile phone. At present, there is no industry regulation, and the user does not understand it. The third-party mobile phone software application store collects the popularity to discover the new version of the popular application and then automatically grabs it into its own store. Whether it is an official version of the review is not strict. The operator app store is relatively strict in this regard, and will not pass the requirements of software developers who apply for permissions that exceed the normal requirements. For example, many games are rejected when they request permission to view the address book from Wowo Store, and they are reviewing the rights. Gradually normalize and hope to establish a standardized authority mechanism in the near future.

With the dramatic increase in the number of applications, the mobile game application has a lot of chaos. While using smart and convenient, mobile internet users need to be more vigilant and guarded against.

The first is to use a large formal Android software market, such as an operator app store, to avoid downloading popular apps from forums and some small third-party app stores. Second, when installing Android mobile games, users should pay attention to the permissions applied by the software. If there are too many applications for this game software, such as accessing contacts, text messages, call records, and positioning, you need to be vigilant. Third, users should pay attention to whether the phone charges and traffic consumption are abnormally high. When an abnormal situation occurs, it is recommended that users use mobile phone security software for killing.