Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: DroidDreamLight -> phone nightmare. SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DroidDreamLight -> phone nightmare.

Kasperky Lab Security news service posted this recently.
“Researchers have identified a second large batch of apps in the Android Market that have been infected with the DroidDream malware, estimating that upwards of 30,000 users have downloaded at least one of the more than 30 infected apps. Google has removed the apps from the market.”

The user  does NOT have to run the application to trigger the data theft.  A phone call can trigger that event by invoking android.intent.action.PHONE_STATE intent (an incoming phone call). When that occurs data is extracted from the phone and sent to a remote site including IMEI,  IMSI, installed package list, other data and possibly install other applications.

Additionally a company that makes smart phone security software posted a analysis of droiddreamlight and a set of infected applications here:


206 Posts
Jun 2nd 2011
The heavy use of maroon in the site changes it from informative to depressing.

What if the top stripe is shown as the color of the threat?

Could it be that the same "designer" of this new site was the one who though up the "knowledge for peace" theme?

14 Posts

So are any of the common Anti Virus APPS in the market place detecting these types of Malware?
1 Posts
I don't take issue with the colors other than the background on the "Alias" box for commenting. That box is a little to dark and makes the text slightly difficult to read. Otherwise the site looks MUCH better. I'm not a huge fan of the heavy use of blue the old site used which was reminiscent of google's defaults to me and had a bland, boring, basic look to me.
1 Posts

Sign Up for Free or Log In to start participating in the conversation!