Android

According to Wikipedia QR code is a type of matrix barcode (or two-dimensional code) first designed for the automotive industry. QR codes are becoming more and more popular today and are used in banners, magazines, transport and badges in order to provide quick and easy access to particular information. A QR code has a pretty big capacity (compared to a simple barcode) and is able to store 7089 numeric characters or 4296 alphanumeric characters; and it is more than enough to store text or URL.

L33tdawg: Riley's spilling more details at HITBSecConf2011 - Malaysia in just 2 weeks... Online registration is open till the 7th and further details of his presentation is here.

Avast, a maker of popular free security suites, has announced its purchase of mobile security company ITAgents, which makes the security app for Android and Symbian called Theft Aware. Theft Aware is notable for offering SMS remote control, being resistant to phone wiping, and offering features specifically for rooted phones, in addition to more traditional lost-device mobile security features.

Avast would not disclose a purchase price for the company, although since both are privately held companies, they're not obligated to.

L33tdawg: Don't forget Riley Hassell's much anticipated talk on Android at next month's HITBSecConf in Malaysia

Trusteer has discovered a virtually undetectable Android trojan called SpitMo that links with the infamous SpyEye Windows malware.

According to Dinesh Venkatesan of Total Defense's security research division, one of the core payloads of SpitMo is to intercept the incoming messages and send the content to a remote server, which is a similar approach seen in the Zeus of Android attack, he notes.

The intellectual property landscape in the mobile industry has posed some challenges for Google's Android platform, pushing the company to seek patents to help defend Android against litigation from other major players. In addition to Google's landmark $12.5 billion acquisition of Motorola, it turns out that the search giant has quietly been seeking out other sources of IP.

The SpyEye hacking toolkit has added an Android component that collects the text messages some banks use as an extra security precaution, a researcher said today.

"The standard SpyEye now also entices a user to download an Android app, which is actually a component that's Android-specific malware," said Amit Klein, the chief technology officer of Boston-based Trusteer, a security firm that specializes in online anti-cybercrime defenses.

The number of infected Google Android devices actively communicating with command-and-control (C&C) servers has grown significantly in recent months and is expected to continue on that path, according to a report released this week by security firm Damballa.

During the first half of 2011, Damballa's network of sensors observed nearly 40,000 Android devices in North America engaged in live interaction with criminal operators, according to the report, which chronicles botnet activity this year.

At Baidu World 2011, Baidu, the company behind China's largest search engine, has announced that it will produce its own fork of the Android 2.x open source mobile operating system. The new Baidu Yi (Chinese language) mobile application system is expected as early as November on a range of mobile phones and tablets that Baidu will develop with hardware vendor Dell, according to a report from Reuters.

Malware on Google Android devices is becoming more and more of a problem for smartphone owners. Until now, malicious apps such as DroidDream and DroidDream Light, had exploited bugs in earlier versions of the OS but wouldn't affect those devices running Gingerbread (version 2.3). However, now researchers have spotted malware that exploits a critical vulnerability in this version of Google's mobile platform.