The magic of "xx artifact": Why mobile Internet in front of 19 years old, appear to be fragile?

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

The fragility of mobile internet is alarming.

Tanabata in the nationwide outbreak of the Super Mobile virus "XX artifact", so many people lost the phone bill, the handset virus maker was arrested on August 2 18 o'clock in the evening by Shenzhen police. What's alarming is that "xx artifact" the author is just an entry-level mobile phone programming freshman, six months ago he also knew nothing about the mobile phone Trojan, during the summer vacation after trying to make a trojan, unexpectedly nationwide spread, has more than 500,000 mobile phones have been infected, more than 5 million users received the Trojan mass of fraud messages.

Why does the mobile Internet appear to be vulnerable to a 19-year-old boy?

The terrible power of social transmission of mobile internet

Behind the wide spread of mobile phone viruses is the social model of mobile Internet. In the past, it is said that to let a product spread viral, before the face Meng, the recent neuro-cat, are social communication model. However, "xx artifact" and these paths are exactly the same, but this time is really "viral" spread.

Full follow-up of the virus Incident 360 security experts Wan Renguo, for us to restore the incident:

July 24, South Central University software department freshman Lee made a virus, and use their mobile phone to carry out the spread.

July 28, 360 of a security engineer in a network disk first discovered the Trojan horse program, in the confirmation of 360 mobile phone guards can kill the Trojan, at the same time, to the National Computer Network Emergency Technology Processing Coordination Center (Cncert) and other security authorities and the network of the Center for the Bulletin, At that time the Trojan did not explode in large areas.

August 2 (Tanabata) 8:00, 360 Security Center monitoring of the Trojan, a large area of the explosion, many people mobile phone received a strange message from different relatives and friends, the message clearly stated the name of the machine owner, and with a link address, point open link, downloaded a "Xxshenqi" Application, and then, without the knowledge of the owner, the software began to send the same message to the contact people in his phone address book.

August 2 9:00 due to a large number of the same characteristics of the message also sent to trigger the 360 mobile phone Guardian Intelligent Cloud interception system, 360 mobile phone guards began to intercept the Trojan sent the message, for the whole network interception, making nearly billion virus message did not send, so that the spread of the virus greatly reduced.

August 2 4 o'clock in the afternoon, 360 Security Center in the start of the sample analysis, and again to the relevant safety management agencies and public security, despite the briefing.

August 2 night 6 o'clock, because the Trojan horse in the virus to leave mobile phone number and QQ mailbox, the public security organs quickly locked the Trojan maker, public relations agencies in central South Central University control Trojan makers.

It is easy to see that the root of the rapid expansion of the virus is the "social network", which contains two key factors:

One is the trust in social networks. Nowadays, many kinds of products and articles based on social networks are all based on people's more trust in friends and relatives, and the recommendation of relatives and friends is more easy to get attention than the website and the automatic recommendation of the system. The social network The virus uses is "address book," But fortunately just use SMS push, let the link exposure is more special, and the text of more rough message is easy to let life suspect, if the virus using the link hidden deeper micro-letter, micro-blog and other ways, and attach more masking words, I am afraid that the hit rate higher, the impact of greater.

The second is that the mobility of social networks is faster and more aggressive. The virus from the production to the outbreak interval is very short, and the real outbreak time is particularly concentrated, the past PC network virus transmission cycle and the outbreak cycle is much longer, but in the mobile internet era, mobile phone is real-time online, at any time for virus control, expansion time is very short, and on the other hand, Because there are hundreds of numbers in each person's address book, these numbers form a large and complex social network, which only needs to spread a few hops to cover a very large population, for example, each person's address book has 200 numbers (actually many people have thousands of numbers in the Address book), if issued after 10% Recruit and carry out the spread, then the spread of (200*10%) ^n, a transmission (from texting to receive SMS download) if for half an hour, then as long as 3 hours (n=6), you can let 64 million mobile phone.

In the mobile internet age, the virus will have a very terrible power of transmission.

The painful choice of mobile internet: Security vs Convenience

This year's endless network security incidents, tell us again and again, the network is far more unsafe than imagined.

April Noisy heart bleeding events, let us suddenly see, originally used for security encryption OpenSSL originally not safe. And the first half of a number of electronic business site of the backdoor incident, once again let people see, we do everything possible confidential information, in fact, in the background of the famous web site management, just be randomly placed general information.

This incident is even more ironic, a young man who has just learned how to develop mobile phones can poison thousands of people. Spread is on the one hand, can be easily broken by rookie, fragile Android ecology is also difficult to escape responsibility.

Unlike iOS, Android appears to be a mixed bag of open software. iOS's control of mobile phone-sensitive information, including address books, is very severe, and few software touches the core. But in the Android camp, almost every software is shamelessly accessing the most sensitive and important data for ease of installation, almost everyone has opened the option to agree to install the unknown source software, while in the installation software prompts a variety of requirements for system capabilities, almost all of them are blind to direct click agreement.

Can we disagree? The disagreement means that most of the software is not available. And more importantly, including mobile phone manufacturers pre-installed software, including most of the applications, read the user information and upload user information as a potential business model, the United States, the name is large data, is to provide users with more accurate information, but it is undeniable that the user data will be rich, the virus is the same. This industry unspoken rules are irresponsible, of course, can not completely blame manufacturers, users download software is also free, to free use always pay the price.

The security impact of mobile phones is much larger than that of PCs. This "xx artifact" virus is OK, it is said that the author just for fun, and did not use it to profit, if the virus lurking in a number of popular applications spread, and quietly stay in the process does not make, I am afraid the threat is greater. Because the mobile phone has become our privacy data most places.

Mobile phone has a variety of our communications content (SMS, micro-letter), which may have bank accounts, passwords, ID cards and other information, if you really want to dig a person, mobile phone is the best monitoring tool. In addition to communication, mobile phone has become the most important mobile payment tools, Alipay, micro-credit payment, etc. applications, greatly facilitate the day-to-day payment, but also potential risk, once the mobile phone is controlled by the virus how to do?

But applications are becoming more convenient for people to use. Now what application will allow the same mobile phone two times to access it, but also to enter the password, that is sick, now there is any user to endure every time to enter the application to lose the password (PC is very different)? The jump between application and application (such as sharing to other applications) is incredibly simple, and there are various authorizations behind it. and mobile anti-virus software is far from the popularity of PCs, one power consumption resources, users do not want to, and the many applications of a variety of interception pop-up also makes life annoying (almost all applications are in access to the things that should not be accessed), people will even use the application and ban security software.

To be convenient or to be safe, this is a difficult problem. Of course, as in the PC era after a number of virus outbreaks, almost all PCs are equipped with anti-virus software, as the mobile phone and the user's privacy, more and more depth of the binding, more than a few such events, the balance will be more moved to safety.