Thursday, 28 March 2013

SMS Trojans: all around the world

How SMS trojans works and how it affect our smart phones. Lets take a look.

I like researching and get knowledge about technology. Good and Bad parts of it and I found a strange thing about Android Device's Malware.

I found a good article about an SMS trojan at SecureList.com

There is an Application named "SuiConFo". Actually its a good application but someone has created the bogus app with same name which is popular in market. It looks like after installing.



There are 2 main malicious classes of this Trojan: ‘MagicSMSActivity.class' and ‘SMSReceiver.class'. The first is mainly responsible for sending SMS messages, while the second is used to hide incoming messages from specific numbers. As mentioned above, after launching this app shows an ‘Android version is not compatible' error message:



Right after displaying this message the Trojan will call the public method getSimCountryIso in the TelephonyManager class in order to retrieve the ISO country code of the SIM card:



After that, the malware defines the variables ‘s1' (SMS number) and ‘s2' (SMS text):



The list of countries consists of 8 options: France (81001 SMS number), Belgium (9903 SMS number), Switzerland (543 SMS number), Luxembourg (64747 SMS number), Canada (60999 SMS number), Germany (63000 SMS number), Spain (35064 SMS number), and the UK (60999 SMS number).

It looks like the virus writers made a mistake in the code. The Trojan will send an SMS message using the SmsManager class with the sendTextMessage method:
smsmanager.sendTextMessage(s1, null, s2, pendingintent, pendingintent1)
where ‘s1' is a number and ‘s2' is a text. These variables are defined correctly for all countries except Canada:


if(s.equals("ca"))
{
s1 = "SP";
s2 = "60999";
After defining the country and, therefore, the number and message text, the Trojan will send 4 SMS messages with the help of the sendTextMessage method as mentioned above.

SMSReceiver.class is responsible for hiding incoming SMS messages from particular numbers. If there is an incoming SMS message from one of the following numbers: 81001, 35064, 63000, 9903, 60999, 543, 64747, then the Trojan will try to hide it using the abortBroadcast method. The number itself is retrieved from the SMS message with the help of getDisplayOriginatingAddress.

There is another interesting thing lurking inside this malware. If you look at this part of the code:


you may notice that after hiding the incoming message (abortBroadcast) this Trojan will send one more SMS to a French cell phone number with the text stored in the ‘s' variable. And that ‘s' variable is defined with the help of the getMessageBody method when an incoming SMS message arrives.

In other words, the Trojan will send an SMS message to a French cell phone number with the text taken from a reply from a premium rate number. This may help the cybercriminals find out how many premium SMS messages have been sent.

Unfortunately, today SMS Trojans are one the easiest ways for cybercriminals to make easy money fast.

Only advise is do not to install any application just for try. Install only popular application from "Google Play Market" only. Do not install application directly i.e "APK" files.

Fake Instagram app infects Android devices with malware

First of all, Instagram released a first version for Android and managed to get five million downloads in less than a week.

Then the 13-employee firm managed to sell itself to Facebook for a cool $1 billion, making some of us wonder about privacy, and others think - "to heck with that, do I have a program that's never earnt any money that I might be able to flog to Mark Zuckerberg?".

Naturally, the Facebook acquisition news raised Instagram to even higher levels of public awareness and that's where the bad guys stepped in.
 
Cybercriminals have created fake versions of the Instagram Android app, designed to earn money from unsuspecting users.

Here's a Russian website which purports to offer the Instagram app:

Fake Instagram website

If you download your app from this site, rather than an official Android marketplace such as Google Play, then you are running the risk of infecting your smartphone.



Permissions requested by fake Instagram app
Sophos products detect the malware as Andr/Boxer-F.

Secret Codes For Android Mobile Phones

Every mobile device has some secrete codes which can be very much useful to get information if we are aware of it.


1. Complete Information About your Phone

*#*#4636#*#*
This code can be used to get some interesting information about your phone and battery.

Usage statistics

2. Factory data reset

*#*#7780#*#*
This code can be used for a factory data reset. It'll remove following things:
Google account settings stored in your phone
System and application data and settings
Downloaded applications
It'll NOT remove:
Current system software and bundled application
SD card files e.g. photos, music files, etc.
Note: Once you give this code, you get a prompt screen asking you to click on "Reset phone" button. So you get a chance to cancel your operation.

3. Format Android Phone

*2767*3855#
Think before you give this code. This code is used for factory format. It'll remove all files and settings including the internal memory storage. It'll also reinstall the phone firmware.
Note: Once you give this code, there is no way to cancel the operation unless you remove the battery from the phone. So think twice before giving this code.

4. Phone Camera Update

*#*#34971539#*#*
This code is used to get information about phone camera. It shows following 4 menus:
Update camera firmware in image (Don't try this option)
Update camera firmware in SD card
Get camera firmware version
Get firmware update count
WARNING: Never use the first option otherwise your phone camera will stop working and you'll need to take your phone to service center to reinstall camera firmware.

5. End Call/Power

*#*#7594#*#*
This one is my favorite one. This code can be used to change the "End Call / Power" button action in your phone. Be default, if you long press the button, it shows a screen asking you to select any option from Silent mode, AirPlane mode and Power off.
You can change this action using this code. You can enable direct power off on this button so you don't need to waste your time in selecting the option.

6. File Copy for Creating Backup

*#*#273283*255*663282*#*#*

This code opens a File copy screen where you can backup your media files e.g. Images, Sound, Video and Voice memo.

7. Service Mode

*#*#197328640#*#*
This code can be used to enter into Service mode. You can run various tests and change settings in the service mode.

8. WLAN, GPS and Bluetooth Test Codes:

*#*#232339#*#* OR *#*#526#*#* OR *#*#528#*#* - WLAN test (Use "Menu" button to start various tests)

*#*#232338#*#* - Shows WiFi MAC address

*#*#1472365#*#* - GPS test

*#*#1575#*#* - Another GPS test

*#*#232331#*#* - Bluetooth test

*#*#232337#*# - Shows Bluetooth device address

9. Codes to get Firmware version information:

*#*#4986*2650468#*#* - PDA, Phone, H/W, RFCallDate

*#*#1234#*#* - PDA and Phone

*#*#1111#*#* - FTA SW Version

*#*#2222#*#* - FTA HW Version

*#*#44336#*#* - PDA, Phone, CSC, Build Time, Changelist number

10. Codes to launch various Factory Tests:

*#*#0283#*#* - Packet Loopback

*#*#0*#*#* - LCD test

*#*#0673#*#* OR *#*#0289#*#* - Melody test

*#*#0842#*#* - Device test (Vibration test and BackLight test)

*#*#2663#*#* - Touch screen version

*#*#2664#*#* - Touch screen test

*#*#0588#*#* - Proximity sensor test

*#*#3264#*#* - RAM version

10 awesome features that Android phones have but iPhone 5 doesn’t

Apple has launched iPhone 5, but as we compare it with Android, there are 10 features not provided by iPhone 5.

The much-awaited iPhone 5 was finally launched last month by Apple. No doubt, the new iDevice is sleeker and has an elegant design and user interface. But is it the best smartphone on the market? The iPhone 5 still lacks many useful features that are there in Android phones such as the Samsung Galaxy III. Here's our wish-list of 10 such features that we would like Apple to add to the iPhone to make it the smartest phone.

1. Find your way with Google Maps

Apple dropped Google Maps from iOS 6 and introduced its own app – Maps. So far, the application has been a disaster. Users reported glitches such as missing landmarks and the addition of altogether new places. Most Android phones come with Google Maps pre-installed or it can be downloaded from the Play Store. Google Maps is much more accurate than Apple's Maps. Keeping business rivalry aside, Apple should have left customers to decide for themselves which mapping app they want to use. After all, the customer is the king.

2. Customize your phone's interface

Are you bored of the default UI of your phone? Well, if you have an Android, you can change it with different home screen launchers. Many of the default features of Android can be swapped with third-party alternatives that are available on the Play Store. But this isn't possible on the iPhone. The open source nature of Android makes it highly customizable. This is the biggest advantage that Android phones have over the iPhone. However, Android being an open source platform is also vulnerable to malware. You can always use a mobile security solution to keep away the malicious threats.

3. Interactive Widgets

If you like interactive widgets, Android has just the thing for you. Android supports widgets which give you a whole lot of information at a glance. Take your pick from widgets that give you access to the phone's settings, apps, details about the battery life, weather information, and lots more. The widgets resize automatically according to the screen of your phone.

4. Use SD cards to expand the storage space

If you buy a 16GB iPhone 5 and soon run out of storage space, there's no way you can add more memory. Of course, you can delete some files to make way for that extra bit of space. However, most Android phones use removable SD cards that you can easily upgrade.

5. Make payments on the go with NFC

How about making payments by just tapping your phone on a reader? Or instantly share files between phones by placing them back to back? Yes, it's all possible on the latest Android phones such as the Samsung Galaxy S III with NFC (Near Field Communication). The iPhone 5 doesn't support NFC, however, the Bump app offers the same functionality of file sharing as the S-Beam feature on the Galaxy S III.

6. Use the standard micro USB

Now Apple has come up with the mini Lightning connector that can be used only with the new iDevices. If you want to use your old connectors, an adaptor is required. Why doesn't Apple just support the micro USB that's a standard across the world? The old cables could then be used even if we upgrade to a new phone. This would also help to reduce the generation of e-waste. Android phones use the micro USB and it's so much more convenient to use them with other devices.

7. Take notes with the stylus

Knowing that Steve Jobs hated the stylus, it's not surprising that the iPhone doesn't support pen input. But the stylus is back with a bang with the Android-based Samsung Note II. It's much easier to quickly jot down notes using the stylus rather than typing on the keyboard. The stylus also offers many other cool features such as annotating images with text, making sketches, and converting hand-written notes into text.

8. Smart gesture applications

The Samsung Galaxy S III supports a set of really awesome palm gestures. Want to take a screenshot? Just swipe your palm over the screen to capture an image. And if you want to pause a video, place your palm over the screen. Shake your phone to update your Twitter feed or to refresh your inbox. Magical, isn't it?

9. Turn over the phone to mute it

Don't want to be disturbed by a call or a notification alert? Simply put your Galaxy S III face-down. This activates the silent mode in which all incoming calls and alerts will be muted. Of course, there's a silent mode in the iPhone 5 as well but the feature is not as intuitive as the one in newer Android versions.

10. Removable battery

Most Android phones have a removable battery which isn't the case in the iPhone. A removable battery gives you the option to use a spare one when you go on a long trip. It will help you use your phone longer without the need to charge it. Battery maintenance is also cheaper and it's easier to replace a dead battery that needs to be replaced.

Do you like Android or the iPhone?

Which is your favorite phone? Is it an Android or the iPhone? Which features you like the most in your phone? Let us know in the comments.

The 11 patents that are getting Android partners in trouble

The Android platform is under attack from a number of companies — not just Apple. 


The Android platform is under attack from a number of companies — not just Apple.
Microsoft, for example, has forced several Android partners into licensing agreements due to patent infringements.
And between these settlements, and Apple's recent legal hot streak against Samsung, there's no denying that Google is guilty of illegally copying something from somewhere. But the question is, what?

  • Patent EP2059868 – covers “a portable electronic device for photo management.” Basically it's the photo gallery page-flipping feature in iOS.
Patent EP2059868 on a "portable electronic device for photo management"
  • U.S. Patent No. 7,469,381 – covers “list scrolling and document translation, scaling, and rotation on a touch-screen display.” This is what gives scrolling in iOS that rubberband-like bounce.
U.S. Patent No. 7,469,381 on "list scrolling and document translation, scaling, and rotation on a touch-screen display"
  • U.S. Design Patent No. D618,677 – this is an iPhone design-related patent.
U.S. Design Patent No. D618,677 on an "electronic device"
  • U.S. Patent No. 5,946,647 – involves “a system and method for performing an action on a structure in computer-generated data.” This covers the ability in iOS to open the Mail or Phone app by tapping an email address or phone number.

  • EP1964022 – “unlocking a device by performing gestures on an unlock image.” One of Apple's slide-to-unlock patents.
EP1964022 on "unlocking a device by performing gestures on an unlock image"

  • U.S. Patent No. 6,370, 566 – “generating meeting requests and group scheduling from a mobile device.” Microsoft.
U.S. Patent No. 6,370,566 on "generating meeting requests and group scheduling from a mobile device"


  • EP1304891 – “communicating multi-part messages between cellular devices using a standardized interface.” Microsoft.
EP1304891 on "communicating multi-part messages between cellular devices using a standardized interface"
  • U.S. Design Patent No. D504,889 – an iPad-related patent
U.S. Design Patent No. D504,889 on an "electronic device"
  • U.S. Patent No. 8,086, 604 – covers a “universal interface for retrieval of information in a computer system.” Essentially, this covers Siri and other unified searches.
  • U.S. Patent No. 8,046,721 – “unlocking a device by performing gestures on an unlock image.” Another slide-to-unlock patent.
U.S. Patent No. 8,046,721 on "unlocking a device by performing gestures on an unlock image"
  • U.S. patent No. 8,074,172 – “a method, system, and graphical user interface for providing word recommendations.” Otherwise known as autocorrect.
U.S. Patent No. 8,074,172 on a "method, system, and graphical user interface for providing word recommendations"

Android Unique Identificatin Numer

How to get android unique id number?

 
Purpose
Some times, when we are integrate our android application with server, its requirement of server that it can identify every android device uniquely. So to do that, we will learn how to get android id from device.

Android Id
A 64-bit number (as a hex string) that is randomly generated on the device's first boot and should remain constant for the lifetime of the device. (The value may change if a factory reset is performed on the device.)

Code
package com.did;

import android.app.Activity;
import android.os.Bundle;
import android.provider.Settings.Secure;
import android.util.Log;

public class DevideIdActivity extends Activity {
    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
       
        String android_id = Secure.getString(this.getContentResolver(),
                Secure.ANDROID_ID);
       
        Log.d("Android","Android ID : "+android_id);
    }
}


 Output

download.jpg