• tidderuuf@lemmy.world
    link
    fedilink
    English
    arrow-up
    150
    arrow-down
    10
    ·
    4 days ago

    requires a victim to first install a malicious app

    Let me stop you right there… and leave.

    • NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      107
      arrow-down
      2
      ·
      4 days ago

      Normally I would agree with this perspective, but in this case the “malicious app” is just a demo. It requires no permissions to do the malicious behavior, which means that the relevant code could be included in any app and wouldn’t trigger a user approval, a permissions request or a security alert. This could be hiding in anything that you install.

      • krooklochurm@lemmy.ca
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        edit-2
        3 days ago

        Man in the middle an app download or find some kind of exploit to inject the code from a website, ta da.

        I mean, obviously there’s more to it than this but.

        That’s how these things work. They’re chained.

        • NaibofTabr@infosec.pub
          link
          fedilink
          English
          arrow-up
          2
          ·
          3 days ago

          Hmm, yes that can happen, but can it happen if you’re downloading directly from the Play store?

          • reksas@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            4
            ·
            3 days ago

            first you download something and it has nothing malicious, then you update it later and then it has something.

            • NaibofTabr@infosec.pub
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              3 days ago

              I’m sure there are apps that have malware built in yes, but I mean the MITM approach during an app download that you were describing.

    • hietsu@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 days ago

      Having cleaned a bunch of old folks phones in the past years this is far more common than we ”advanced” users think. It often starts with clicking an advert or some spam mail or message from (infected) friend, which to them, looks absolutely legit. Then the installed app spams the user with notifications to install more ”PDF readers”, ”phone cleanup apps” and whatnot. In best case these just flood the user with ads but just as easily can do more malicious stuff.

      After some schooling (”never click anything that is offered to you” etc.) and putting up defencew like AdGuard (system level) the instances of ”my phone is slow”, ”what does this message mean” etc. have radically decreased. Apple devices have their own issues but this kind of troubles are next to non-existent there.