pirate arrr

Symantec has uncovered yet another trojan horse in a pirated Android app. This time around it's the "Android.Pjapps" trojan, and you can find it in modified versions of the Steamy Window app that have been cracked and placed on Android warez sites.  The official version of Steamy Window that's on the Android Market is not infected.  And it's a fun little time waster that you should probably have a look at

What's happening from the trojan in the pirated app is a bit scary.  Without your knowledge, it signs you up for premium text message services, sends off texts to them without your knowledge, and blocks incoming texts from the service so that you have no idea what is going on -- until your monthly bill from your service provider arrives.  It's sneaky, and someone needs a good old-fashioned ass kicking for doing it.  As we saw with other instances of malware hidden inside legitimate applications, this one originates in China, and is written by people probably a lot smarter than most of us.  You're not going to be able to outwit them.  Be smart -- only download apps from trustworthy sources, and read the permissions an app asks for when installing it.  Or you can go a step further and install an anti-virus application.

Now that the news portion is done, I want to say that anyone stealing Android applications will eventually get what they deserve.  These unofficial, unsanctioned, pirate websites hawking paid apps for free don't care about you.  They just want the traffic to view their ads, or your "$10 per year for all apps for FREE ZOMG."  If you visit them, and get a little more than you bargained for in the application you have stolen, make sure you only blame yourself.  There are legitimate sources to download applications if you're unable to access the Android Market, and they help developers get paid what they are owed.  Use them.

 

Reader comments

Another trojan found in pirated Android apps

47 Comments

Since, thus far, Android viruses can only be obtained through sideloading, users have only themselves to blame if they get infected.

I totally agree. I don't feel bad when people get viruses from stealing software.

Is anyone surprised when people get STDs from whore houses?

Not a fair comparison, as you actually *do* pay when you go to a whorehouse.

A better analogy might be cheating on your girlfriend (the developer) by getting some from the school slut.

Or something...

The app is actually free in the market. So I don't understand it being on a warez site. Foolishness at it's finest hour. 0_o

Yes Jerry, and all of the tethering thieves are getting what you deserve as well...tiered data plans. I love how holier than thou you guys are about pirating apps, but have no problem pirating services. Your excuse of already paying for data doesn't fly. If a merchant charges for a service, and you use it for free, you are as much of a pirate as the ones pirating apps. Period. Get off of your high horse.

Yes, I'm rooted. I pirate my apps from the market, then refund. I don't have to worry about trojans : )

The point is, they bash one form of stealing, and promote another.

So a self-admitted pirate is bashing on AC for bashing on piracy, while defending big business nickel and dimeing you out of your hard earned money? I understand you're calling out what you see as hypocrisy, but to do so while being a hypocrite yourself doesn't help your cause any. In the words of some robot "Does not compute!"

I'm not a hypocrite. I'm not bashing either practice. I do both. Just simply pointing out the holier than thou attitude of this site, and their hypocrisy.

Tethering is a built-in part of the OS. The carriers are charging you extra to use a feature that is stock. I have rooted my device, voiding my warranty, as is my right to do so. Now while I don't personally use my tethering capabilities much (hardly ever have a need to do so), the way I see it using my device's built in feature isn't stealing. The carriers lock down a feature, then make you pay to use it. It would be another thing if you were paying them to add a capability, rather than unlock something you can theoretically already do. The apps you are stealing aren't part of the OS, your paying (or not for free ones) for the extra functionality. Pretty big difference in my mind. Just my thoughts on the matter.

Making phone calls is a built in feature. Should that be free as well? The phone is built with many features that must be paid for. You pay for hardware, but still have to pay for the services. Your "logic" is very flawed. My apartment came wired for electricity. Those bastards lock it down and I have to pay an electric bill. See what I did there?

Except you are already paying for the ability to make a phone call. You are already paying for data. A more apt analogy would be the old land line system, paying for local calls and then being charged extra to make long distance calls. Or paying for your electricity, but having to pay extra to get power to every room in your house. THOSE are much more apt analogies. And yes, I see what you did; used flawed logic while being a snark. Congrats. And the capper is you readily admit to both using rooted tethering and stealing apps, yet somehow seem to think using tethering is the far worse act. Boggles the mind. Continue being a hypocrite with flawed logic, I've made my point. Feel free to twist it around some more, by all means.

Actually, I use EasyTether. It is much more reliable. I am not saying tethering is worse. Quite the contrary. Stealing is stealing. We all try to justify the form we are guilty of. But, you shouldn't bash another in the next breath. Regardless of how you twist it...if the carrier charges for a service and you use it for free, you are stealing a service.

What is there to twist around. You have a very popular website that is giving you the tools to root and unlock features that are charged by carriers. I feel he has a very good point. Android owners on ATT get upset about sideloading locked down on their phones, but you would think after this blog that AC would actually promote that feature as it protects the Developers. I am asking myself the question of where exactly does AC stand on this. They educate, but then discourage it. I mean after all, they have a sideloader wonder machine and it has AndroidCentral in the name of the program. Again, giving the tools for the task, but then ranting about stealing apps.

Android Central Sideload Wonder Machine 1.0

What is 'sideloading'?

Sideloading refers to the practice of installing applications on your Android device that have not been downloaded from the official Android Market.

(Confused)

Sideloading does not equal piracy though. Blocking sideloading also blocks legit apps. Lotus Traveler is a sideloaded app because it is only available for users who have licensed Domino server from IBM. Developers can choose to distribute their apps through means other than the Market if they want. Look at Gameloft; none of their games are on the Market, and those are purchased.

People should support devs by buying apps, but blocking sideloading is throwing the baby out with the bathwater.

People should support the carriers...you know, the ones that spend billions building and maintaining networks. What have devs done for you?

They seem to think piracy to big business is ok, because of how "corrupt" most forms of big business are made out to be by the general public, the only reason they support the devs is because it hits closer to home. Kind of like when you hear about a death on the news, you didn't know the person, you can't feel true sympathy, but if it's a family member, it's tragic.

Two things:

First, it's apples and oranges. The phones are the manufactured to have the ability to tether and providers lock them down. Developers make their apps with the clear intention of distributing them for free or a fee. There's no grey area.

Secondly, back before Jerry was a writer and was walking our hands through rooting as gbhil, he was doing it on devices like the Hero. Which, at that point in time, weren't available with a tethering plan. The wifi tether app was simply a perk of rooting-and available in the market for free.

Stealing is stealing. Apples, oranges, or bananas. Your computer is made to access the internet as well, doesn't mean you get to for free. Since your phone is manufactured to make calls, should you get free calls as well? How about web on the phone? It was manufactured to use data. So, that should be free as well? Your "logic" is very flawed.

It's like saying you are paying for unlimited electricity but can not use appliances that use a lot of electricity. If they are selling unlimited then they should not care how you use it, hell even if they give you a limit it should be up to you how you want to use it! Now to get it for free is another thing, if you didnt have the data plan but found a way around it then that is wrong. It is also wrong to steal apps without paying for them, bottom line

Using appliances that use a lot of electricity leads to a higher bill. Free tethering does not. See the difference? This is why tiering is taking over.

I look at it as them charging you for the ability to use their branded tether app so that you don't have to learn how to root. I consider it a convenience cost. I don't view rooting as stealing data because I've already bought it.

Kind of (although not exactly) like having your car dealer change your oil versus doing it yourself to save money. Either way you do it, you're paying for the oil and filter. It's just a matter of who's rolling up their sleeves to get the oil in the car.

It is funny as hell seeing all of the excuses for using free tethering. My phone has an option to sideload apps. Therefore, all apps should be free lol

All I say is great!! I have paid for all my paid apps... I hope the problem gets worse till people are afraid to steal apps...

It's not the same with apps. As I said, the carrier's tethering app isn't free therefore not all apps should be free. However, there are a lot of free alternatives to paid apps. One shouldn't steal apps, but one is also wise to take a look at free or less costly alternatives.

Apps are a means to access data. Sometimes you have to py to access the data sometimes you don't. It's rare that an app makes you pay for the data itself each month and then pay for the app required to access that data each month...which is EXACTLY what the carrier tether apps are doing.

Still re:tethering...

You might also compare it to filling your car with gas. At some stations, you can pay the attendant (app) to fill the tank with fuel (data) or you can save money by pumping it yourself (rooting). Either way, you still have to pay for the fuel.

dchawk: it is unlimited because they know on the phone, you can't use exorbitant amounts of data. That is why they charge for tethering. The electric company doesn't care how much electricity you use, because you will pay for it. Welcome to the age of tiered data plans! Gas in a car? That analogy is the worst yet.

The device is moot. 5GB is 5GB whether it's pumped to the phone and stops there or continues on until it gets to a laptop.

Eectricity isn't flat rate like most carriers are so it's not a good comparison either. If it was, then the equivalent would be the tv is included but hooking up the blu-ray is an extra monthly fee because it'll consume your ration of electricity faster.

dchawk: that is the point. Electricity is not capped...you pay for your use. That is why we are getting tiered plans. That tethering will not be so free anymore. If you have unlimited data, is it ok to wifi tether and give 7 other people unlimited data?

Your logic is still off. This isn't about tiered or not.

Carriers are currently charging for their tethering app whether you're capped on AT&T or unlimited on Sprint.

That, to me, says the charge is NOT for data consumption. That, to me, says it IS for convenience or "dumbing it down" ie making it easy for those who are simply not technically minded enough to find free alternatives to that same app.

This is not the same as figuring out a way to hack the carrier branded app to work for free...ie stealing what is supposed to be purchased. Although if you're smart enough to do that you may as well use a free option.

Hawk: The app is free, it comes pre-installed on the phone. It's the service they are charging for.

AndroidCentral does NOT promote free tethering. The reason it is allowed to be discussed in depth is because the whole situation is more of a grey area. Supposedly (and don't count on this 100%), companies aren't doing much to stop people who bypass the company's tethering option. Now, we are paying for data already. That's a given. The companies are charging not just because they can make way more money, but also because of the massive amount of data used when tethering. If people didn't tether heavily, I doubt tethering would cost as much or even at all.

A preinstalled app means it is a free app. You didn't pay for it, it's free. The sevice attached to it is what costs. You're stupid if you can't conprehend that.

I don't see why you couldn't potentially get a virus using a custom ROM or anything else that get's loaded out of the control of the Android Market. You could flash a ROM on your phone and it's built right in. Hmmmmmm....