Holy crap did I get the most annoying trojan attempt ever!

Sit down kids, it’s time for an old man rant.

So yeah, I have one of those clients who wants to use ‘one of those’ file sharing sites. UGH.  I swear I’m to the point of just paying for an Office 365 subscription for them so I don’t have to deal with this kind of shit.  So I hit the site on my phone, then it jumps to this genchatu.top site.  Fantastic.

Then I’m alerted that my phone is 28.1% DAMAGED, and somehow my phone’s SIM card will be damaged!  Yes, it’s one of these scam sites!

Wow

Oh no, my phone apparently may be already physically damaged?  I guess this is once someone is tricked by this official Google looking image you’ll want to throw your phone against the wall.  As any user of Android will tell you updates from Google are non existent, and anything that could infect your phone, well is pretty much your problem.  You can beg the vendor, but lol, good luck.

I like to live dangerously, so yeah let’s look at the app.

Ace, alright, more like acehole!

So with this scary and official looking thing it’s trying to railroad you into “Ace Cleaner”  I don’t know how on earth they haven’t either been reported, or knocked out of the app store.  I guess Google is busy teaming up with Facebook trying to figure out how to censor the new appropriately instead of trying to squash actual scam artists.

I honestly haven’t tracked any of these ‘reviews’ to see how many are just idiots, or how many are just ballot stuffers.

Yeah, it’s a scam.

 

No backing away!

And of course you can’t just back away from the page, you get this nice thing along with something in java script that gets your phone to buzz and light up.  Thanks Google!  That’ll never get abused like the blink tag!

You have to be kidding me

Oh no, I’ve been threatened to be blocked.

How bad can this crapware be?

Oh dear.  From the application page, let’s take a look:

Version 1.1.9 can access:
Device & app history
  • retrieve running apps
  • read your Web bookmarks and history

So they know what you are running, and what bookmark’d sites you like.

Identity
  • find accounts on the device

They know WHO you are.

Contacts
  • find accounts on the device

They know WHO you KNOW.

Phone
  • read phone status and identity
Photos/Media/Files
  • access USB storage filesystem
  • read the contents of your USB storage
  • modify or delete the contents of your USB storage

Storage

  • read the contents of your USB storage
  • modify or delete the contents of your USB storage

If you have any USB attached device, (flash drive, hard disk…) they can not only READ, but can MODIFY and DELETE the contents.  NICE!

Camera
  • take pictures and videos

I suppose an album of bewildered users would be amusing from time to time.  Also having the phone send videos of them doing various things.

Wi-Fi connection information
  • view Wi-Fi connections

Naturally they want to know about the Wi-Fi AP’s you use.

Device ID & call information
  • read phone status and identity

I guess knowing your phone charge status, and IEME #’s are good to know too.  But wow check out the next laundry list!

Other
  • bind to an accessibility service
  • update component usage statistics
  • read Home settings and shortcuts
  • write Home settings and shortcuts
  • read Home settings and shortcuts
  • write Home settings and shortcuts
  • view network connections
  • read battery statistics
  • send sticky broadcast
  • change network connectivity
  • connect and disconnect from Wi-Fi
  • delete all app cache data
  • expand/collapse status bar
  • control flashlight
  • measure app storage space
  • full network access
  • close other apps
  • run at startup
  • draw over other apps
  • control vibration
  • prevent device from sleeping
  • modify system settings
  • write web bookmarks and history
  • install shortcuts
  • uninstall shortcuts

Read / Write the home page, guess who you’ll be visiting quite often?  Checking out your network, and say if you are somewhere where they want to upload a video, if they KNOW a WiFi network in the area they can have your phone join it, record you, upload it, and drop.  Yeah great!  I also like the drawing over other apps, that way you may THINK you are running another app, but they are just watching what you are doing.  And maybe they’ll pass control down, maybe not.

I suppose it may be fun too if they have a subscription service, to buzz and turn on the camera flash to warn you that you got infected once your subscription lapsed, so you better pay up!

Absolutely deplorable!

Where to go from here?

Seriously how do companies like this survive?  I guess quite well.  I guess I’m just more amazed by Google’s complacency in all of this.  But at the same time they are an ADVERTISING COMPANY, and I’m the product, Android is just the TV programme to get me to watch their annoying ads.  And considering their track record with illegal pharmacies, I guess it really is no surprise.

The truth is that no doubt that this kind of thing is just too profitable.  And people will just fall time and time again for this trap.

6 thoughts on “Holy crap did I get the most annoying trojan attempt ever!

  1. Such is the state of Android security these days. It’s *way* too easy for half baked social engineered exploits like this to take foot.

  2. Remember, inside Google’s playstore there are more than two apps, instead, about 2,2 Mio apps. Naturally this is far too much to analyze all apps in depth.
    So Google is dependent on user feedback. Unless there are so many idiotic, useless but positive feedbacks for this app, Google will not do anything useful I guess.
    The morality of this story: Users will have always switch on their brain before using smartphones. I would prefer that Google will implement a much better check of each app, but again, think of the number of the apps in playstore.

    My tip for every android user: Use Firefox for Android, but also with Noscript to have a control about each executed script.

Leave a Reply to neozeed Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.