Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Android Security: 8 Signs Hackers Own Your Smartphone
Threaded  |  Newest First  |  Oldest First
Laurianne
Laurianne,
 User Rank: Apprentice
11/29/2013 | 9:19:36 AM
Smart Android tips
Great tips on Android pawnage, Mat. Anyone want to share your earliest clue your Android was in hacker hands?
IamWayne
IamWayne,
 User Rank: Apprentice
11/29/2013 | 9:54:44 AM
MISCONCEPTION
Some of this is good information. However, the part about as you call it "jailbreaking", in Android it's called rooting. That does NOT make your phone vulnerable. That is a LIE that has been perpetrated by those in the media who do not have a clue. There are many advantages over rooting your Android phone as apposed to leave the malicious mobile carrier bloatware on it. Please research your articles and stop mis-leading the public with misconceptions.
Mathew
Mathew,
 User Rank: Apprentice
12/2/2013 | 5:45:57 AM
Re: MISCONCEPTION
Thanks for the terminology catch, IamWayne (brain freeze on my part); yes jailbreaking an Android is usually known as rooting it.

In terms of rooting your phone making it more vulnerable to attack, I respectfully disagree. Rooting your phone means that more apps will be able to run with root-level privileges. This increases the chance that your device can be compromised, or that a compromise will have more severe repurcussions. 

The caveat, of course, is that if you know what you're doing, then your risks likely decrease. Likewise, it's great to nuke the bloatware installed by carriers. But the takeaway is that if you don't know what you're doing, then you're probably better off not rooting your phone.

In terms of the risks of rooting being a lie "perpetrated by those in the media," as indicated in my piece, this analysis comes via Marc Rogers, principal security researcher for mobile security firm Lookout. His analysis, by the way, is not an outlier.
Aroper-VEC
Aroper-VEC,
 User Rank: Apprentice
12/2/2013 | 10:31:04 PM
Re: MISCONCEPTION
Jailbreaking and rooting are synonymous. This is because of the nature of the action. Technically speaking, you use root access to jailbreak a device running iOS. It is only called "rooting" in Android because they want to be different than anything having to do with Apple but, the sum result is the same. When jailbreaking an iOS device in order to unlock the device and load a "clean" or alternate version of the OS and to get rid of bloatware you are doing the same thing in Android. The term is irrelevant since the process and the result are the same.
anon6601743669
anon6601743669,
 User Rank: Apprentice
12/11/2013 | 9:10:33 PM
Re: MISCONCEPTION
Jailbreaking is an iOS term because Apple keeps iSheep in jail as it where with the locking down of the OS.  Rooting on the Android side is from the Linux world, which basically means you gain root access of the OS.
sjennison
sjennison,
 User Rank: Apprentice
12/9/2013 | 8:19:59 PM
Re: MISCONCEPTION
Agreed. In fact, custom ROMs are generally more secure, due to constant updates(nightly, weekly, or monthly, depending on the developer). That is assuming, of course, your ROM dev is fast on their updates.

In fact, the major "master key" exploit, which is one of the biggest security holes, was patched by Cyanogenmod long before the vast majority of manufacturers got around to fixing it.

http://www.ubergizmo.com/2013/07/cyanogenmod-10-1-2-fixes-android-master-key-exploit/

Also, generally rooting allows you to do things like fix the security holes in the system. Rooting installs a root control app (Superuser/SuperSu, etc) that restricts access to only apps the user allows. While the device can still be comprimised using privledge escalation vulnerabilities just like any other device, rooting will not make your device insecure. The very fact that a device can be rooted using exploits means it is inheirently insecure due to those same exploits. A malicious piece of software could exploit them just as easily. Rooting doesn't change that, unless you go deeper and actually fix the hole (assuming you can). Hence where custom ROMs come in - when a vulnerability is found, they release patches in less than a month. The only other OEM who comes close to that speed is Google. Nearly every other manufacturer takes months if not years to push an update through to end users.
J_Brandt
J_Brandt,
 User Rank: Apprentice
11/29/2013 | 3:12:51 PM
You Can't Fix Stupid
Some great tips.  Sadly many of the people I know who download apps on a whim, who don't bother to read the service agreements, would not have the gumption or ability to dig deep to find any patterns or issues.  To quote Ron White, "you can't fix stupid."  They might notice the battery drain :)
shakeeb
shakeeb,
 User Rank: Apprentice
11/30/2013 | 12:29:00 PM
Re: You Can't Fix Stupid
Great article. However as per the reading I have done, security features are built into the operating system itself to reduce the frequency and impact of security issues.
shakeeb
shakeeb,
 User Rank: Apprentice
11/30/2013 | 12:36:39 PM
Re: You Can't Fix Stupid
Furthermore as an additional feature, appropriate protocols are used to protect sensitive data at the network level.
Lorna Garey
Lorna Garey,
 User Rank: Ninja
12/2/2013 | 10:36:22 AM
Re: You Can't Fix Stupid
That's certainly true about stupid, and that some people download shady apps on a whim. However, legit apps ask for so many permissions now that I think the average user gets numb to it. I can see why a couponing app needs location data, but why does a game need to know if I'm at a mall?

App makers should stop with the "permissions bloat" -- that would be a big step toward helping people be more aware and selective. But given retailers' and vendors' hunger to collect more and more data, will that bloat reduction ever happen? Color me skeptical.
elysian
elysian,
 User Rank: Apprentice
11/30/2013 | 8:31:57 AM
You Don't Jailbreak Android: You ROOT It.
Jailbreak is for iOS.
krishel67801
krishel67801,
 User Rank: Apprentice
12/5/2013 | 2:47:00 PM
google aps
Google Play Store is malware in itself.  I have numerous aps that require play store services to be activated.  Play store then accesses your phone whenever it wants to.  Also play store will not allow aps that block advertising to be obtained thrrough them.  Another good reason for rooting your phone.  Take control away from google.
WayneT637
WayneT637,
 User Rank: Apprentice
12/10/2013 | 12:47:36 AM
The Benefits of Rooting-
The first benefit of accessing administrator privileges over Android is full control over the applications installed on your handset. No longer do you have to suffer from the cluttered app drawers and reduced memory space taken up by pre-installed carrier and manufacturer applications, you can instantly cut the bloatware and keep only the apps that you really want.

Even if you're up to date with Android 4.1 or above, which grants users the ability to disable these pre-installed apps if you don't want to see or use them, you can't permanently remove them, they're still there eating up your memory space. Rooting is the only way to permanently get rid of these pesky apps, but please don't uninstall something crucial or your handset may stop working properly. Apps like Titanium Backup are particularly helpful for organising and culling this bloatware.

 

This brings me nicely on to the next major benefit of Android, improved backup and restore options. As already mentioned, Titanium Backup is one of the most popular backup apps used by rooters, and this, or a similar app, is essential if you're going to start tinkering around with Android software. But as well as acting as a safety net in case you uninstall something important, Titanium Backup can also be used to backup your user data, from SMS messages to browser bookmarks.

ClockworkMod Recovery Backup Cropped
ClockworkMod Recovery offers superior protection against faulty updates and bricking your handset.
Even better still, once rooted you can create complete backups of your entire handset using the ClockworkMod Recovery option, providing you with extra protecting in case of a major malfunction. Recovery can only be accessed before booting into Android, but it provides additional backup options in case, for whatever reason, Android fails to boot properly or experiences a crippling error. This makes ClockworkMod Recovery an essential tool for those looking to install custom versions of Android.

Once you're fully backed up you're ready to move up to one of the other major perks of rooting, installing different versions of Android.

We all know that manufacturers are often pretty slow at delivering the latest Android offerings even to their flagship handsets, let alone aging devices. So if you're not a Nexus or Play Edition device owner, rooting opens the door to much faster Android updates, thanks to the developers who put time into porting the latest updates to various handsets.

Pretty much every semi-popular handset has a decent following of developers working on porting the latest versions of Android to their handsets, most of which can be found over on the XDA Forum. The only sacrifice here is that you won't receive official manufacturer versions of Android, so no updated Touchwizz or Sense5 features, but if we were really too worried about that we probably wouldn't be rooting in the first place.

 

If stock Android isn't your thing, there are also tons of other customized ROMs offering unique features and improvements to the default Android experience.

AOSP has given us so many custom ROM's, and has extended the lifespan of many an Android.
AOSP has given us so many custom ROM's, and has extended the lifespan of many an Android handset.
I'm sure you've all heard of the biggest names, CyanogenMod, Paranoid Android, MIUI to name just a few of the most popular ones. Many custom ROMs are actually at the forefront of innovation on Android, offering several features that aren't available anywhere else. Paranoid Android's Halo feature or OmniROM's multi-workspace mode are just a couple of examples.

But as well as these big third party developments, you'll also find a lot of smaller developers tweaking away at the core Android experience, offering ROMs with vastly superior battery life or overclocked processor speeds. Not to mention that most custom ROMs are updated to the latest version of Android very quickly too, bringing you the best of both worlds.

As rooting opens up administrator type privileges on your handset you'll instantly have access to all the core files on your handset. File browser apps can take full advantage of this, allowing you to move stuff around on your internal memory if so require.

App wise, we've already touched on Titanium Backup, but there are far more apps that can make use of root permissions, and simply aren't available with a non-rooted device. The speed junkies among you could take advantage of overclocking software to boost performance or save on battery life, providing that your Kernel supports overclocking. Alternatively, fans of custom ROMs can use a ROM manager to install and update their operating system without the need to flash zip files from Recovery.

Rooting is sometimes criticized for compromising handset security, but security apps, such as Cerberus, use root functions to bury themselves deep down into the operating system, making them hard for would be thieves to remove. These apps can also be granted permissions that aren't available on unrooted devices, such as access to GPS data even when the device is locked.

There's also additional gesture apps, data syncing software, and even theme managers to customize the look of your handset.
AnthonyT219
AnthonyT219,
 User Rank: Apprentice
6/1/2016 | 6:03:30 PM
Re: The Benefits of Rooting-
Hi is Titanium Backup for pc's too? Cause my pc with Windows 10 has gotten malware and probably trojans that none of my software is finding, and i need to back up certain files before having a computer tech clean up my pc and reinstall Windows 10, unless there is great software i can buy to find thealware and trojans and wipe them off my pc, please help.
pnally
pnally,
 User Rank: Apprentice
12/12/2013 | 11:52:21 AM
I'm only seeing 7 "signs"
I'm only seeing 7 "signs" listed in the article...  Was it hacked?  ;)
anon9673719294
anon9673719294,
 User Rank: Apprentice
6/26/2014 | 2:37:51 AM
Interesting
I recently found a useful app in Amazon that not required any unnecessary permissions and store all your passwords - MyPasswords
mrhobbes
mrhobbes,
 User Rank: Apprentice
7/9/2014 | 9:21:59 AM
Android Security needs to be increased
Nice article on Android Security, Mathew, Great work.

 

Android is more prone to malware impacts due to Google's loose developer agreement, you can check it on my blog post regarding the same topic http://goo.gl/LyLHse you can of course, give your opinion regarding the same.  If Google increases there security measure, then surely a lot of malware and PAU's can be avoided.
RoopaL731
RoopaL731,
 User Rank: Apprentice
7/25/2014 | 6:40:19 AM
secure android mobiles
this app http://hangoverstudios.com/mobileantitheft/  which helps you find lost phone's location and picture of thief.
AnthonyT219
AnthonyT219,
 User Rank: Apprentice
6/1/2016 | 5:46:59 PM
Re: secure android mobiles
Lookout is also a pretty good app too, you can even log onto it from a pc or anyother web capable device to know where your phone is if it gets stolen, and i also suggest locking the screen with either a passcode or the pattern lock.
FreeTipss
FreeTipss,
 User Rank: Apprentice
8/6/2014 | 7:44:11 PM
More security tips for the Smartphones.
That's cool. You might want to check these 10 important Smartphone security Tips too.

http://freetipss.com/smartphone-security-tips-10-useful-tips/
deviclock
deviclock,
 User Rank: Apprentice
10/24/2014 | 9:16:44 AM
Re: More security tips for the Smartphones.
 Android security is vulnerable and is easily hacked by users of the Smartphone or IT specialists. Other apps have to be downloaded to protect your data against hacking. 

my device lock
Ungerone
Ungerone,
 User Rank: Apprentice
1/28/2015 | 10:19:18 PM
Specific texts were deleted from my phone.
A friend former friend of mine had sent me several sms texts that were very self incriminating.  Not  all texts have been deleted just specific ones.  From what I have read this is not possible unless you have physical access to the phone and that is just not possible.  The only thing wierd that has happened recently was an anonymous text that I received with no text in it.  When I tried to delete it it would not delete and it was after that that I noticed that the texts had been deleted. I have tried to use a few apps and pc based programs that are able to recover deleted texts from phones but non of them work as the Galaxy Mega that I have cannot be rooted.  So my question is, is it possible to delete texts that you have sent to another phone from your phone without ever having physical control of it and since texts seem to be recoverable from a sim card is it possible that the anonymous text that I received installed something that allowed the person to pick the texts that they wanted to delete but only those texts. if any of this is possible is there a way for me to scan my phone or sim card to find out if I have been hacked?  I know that I can do a factory reset on the phones to delete anything that may have been installed but I would prefer to find out what was done to allow this.  Not to mention if the sim card has been hacked to allow this I dont want it to start all over again even after a factory reset.  Any help from out there would be greatly appreciated.

 

Thank you for your time.

Ungerone
DennisC_VA
DennisC_VA,
 User Rank: Strategist
3/9/2015 | 4:24:54 PM
Re: Specific texts were deleted from my phone.
It may be impossible to know for certain whether the phone's Operating System or Messaging capability has been compromised, and the longer you wait the more "damage" may be done.  If you think the phone is behaving in a manner inconsistent with its original 'Out-of-the-Box' (fresh from the store) behavior, I recommend performing the Factory Reset.  Only the user themselves can determine whether the value of past incriminating "evidence" is worth retaining versus the potential for future harm being done by an unauthorized person again using a compromised device.  This is pretty new territory for users of these devices and I suspect there are issues which may quickly exceed the major carriers' Technical Support services abilities.  Yes, they can take a report of suspicious behavor BY the device, but ultimately they are likely to instruct on performing the Factory Reset as a solution; it is simply the most effective way to deal with unknowns.  **NOTE: To preserve legally incriminating data on a Smartphone device, I think it would have to be powered off, have the battery removed and even go so far as to place it in a electromagnetically shielded pouch IF there is really "bad" stuff on it. **
GerardoF416
GerardoF416,
 User Rank: Apprentice
2/15/2015 | 2:51:10 PM
I ben hack
I, ben hack I,m 100% I,no my phone is goin crazy whit my. Maseges voiz recordin I, do not what To do can enibati heelp
DennisC_VA
DennisC_VA,
 User Rank: Strategist
3/9/2015 | 5:03:25 PM
Good Advice from Mathew J. Schwartz
Beyond my earlier comment directed towards the other commenter and their issue involving text messages, I enjoyed reading this article and found Mathew's advice really solid.  After working in various support capacities for the past nineteen years, I have seen both "average" users with normal issues and "extreme" users with 'You did what?!?' issues.  If we can compare our Smartphones to our cars for a moment, the idea "hacking" the engine control module on a car sounds pretty intimidating to most people - sure, MAYBE it is possible to improve the mileage a little, but what is being risked in the process?  Also, if you return to the dealer or even a neighborhood auto mechanic with a car that has been "modified", do not be surprised when they refuse to work on it!  Similarly, is the cellphone carrier going to adopt a similar position IF something does not go smoothly with an altered Smartphone device?  There is risk and liability in everything we do, whether with our computers, Smartphones, other Internet-capable devices or even our cars; so it is really worth considering the true risks of having "fun" with Rooting a device versus the ultimate cost down the road.
LiveMsic
LiveMsic,
 User Rank: Apprentice
5/14/2015 | 7:50:33 PM
Re: Good Advice from Mathew J. Schwartz
The answer is, of course it is.
LTCassity
LTCassity,
 User Rank: Apprentice
3/19/2016 | 2:56:49 PM
Re: Good Advice from Mathew J. Schwartz
I have a android phone and have a hacker which has control of my fb and email accounts. every time I make a new account in either place they change the pasword so I cannot re-enter. I believe that they have my IP address and I am getting a new phone which I hope helps. any good advice guys.
AliciaT583
AliciaT583,
 User Rank: Apprentice
4/29/2016 | 3:28:55 PM
no longer in control of my own phone
Your article is so my situation atm. My partner is a victim of fraud,(online purchase) leaving e-bay (the add site) & dealing with seller via e-mail, opened the porthole, 1of the 1st emails flashed an R rated pic of my partner of course we couldn't find it. Worried we used mine. I then installed an app from Google play, to help sort my "phone's issues" im not a tech savvy person. From then on it got worse. My phone became rooted, csc files were modified & my phone controlled by? I have that green man, he controls all my apps wifi email F/B. So factory reset 4 me. It took me 2yrs to "get with the times" & enjoy my Samsung & not hate technology, I have all information written down on good old paper. I will get re-connect my smartphone life but I will be smarter in my protection. This incident has devastated me, I want to track this down & stop it. I am posting my story everywere!!
AnthonyT219
AnthonyT219,
 User Rank: Apprentice
6/1/2016 | 6:12:08 PM
pc malware and trojans
Hi everyone, My PC has gotten malware and trojans on it that my virus software is not detecting and wiping out, Is there software on the market that may be able to find and wipe it off my PC? Oh and is Titanium backup for pc's too?
RaimeV632
RaimeV632,
 User Rank: Apprentice
9/14/2016 | 12:08:34 PM
Boyfriends phone hack
Ok so my boyfriend had his phone hacked I'm pretty sure due to him receiving notifications on lock screen but then nothing being there and his phone being really really slow. And battery low all the time. But not only that when he was pushing a button in chrome it copied something and he pasted into a file or something and his phone started copying when hurting a button. When he would paste it random things would appear. He is thinking that everything that was pasted was pics and message clips off his phone. But I am thinking these items were never from his phone. Would you know and what does he do about this hack?
gtjonzer
gtjonzer,
 User Rank: Apprentice
6/29/2020 | 2:36:14 PM
Android phone hacked
I have a question regarding my phone possibly being owned.. I believe that by downloading images on browsers that someone has hijacked my phone. Sometimes I find unfamiliar tabs when opening browsers. Also battery burns fast and once on a different phone Google canceled my account for way too much rsoid volume of data. I think it may be happening again. Sometimes I find unfamiliar data files in my directory or under the Android data folder. Usually it contains my configuration in a sys file but lately there a .um directory containing a sysid.dat file which has a permalink url to Facebook that I'm not sure where it leads.... But if been getting hacked on FB too. I'd reset but it won't allow me into the recovery mode. Moto e6 . Any help?


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file