Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Kindle Fire HD - Infected ???

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
Noob_Computa_Ninja



Joined: Sat Jan 11, 2014 5:39 pm
Posts: 4

PostPosted: Sun Jan 12, 2014 6:59 pm    Post subject: Kindle Fire HD - Infected ??? Reply with quote

Hi there.

I was hoping that you could help me with an issue I'm having with my kindle fire HD

I was surfing reddit/r/superman yesterday. I cliked on a link, it took me to an external website. Once I got there
I immediatley got a pop up message on my kindle telling me that I was infected.

It then asked my to click ok to continue (to install the malware I suspect).
I did not click on the pop up box (or anywhere in it).

I took a screenshot, sent the image to myself on my email account (from the Kindle email app itself).

The error message/pop up image states the following = (I've just broken up the http in that link incase it was pointing to a real site)

The page at 'ht tp://mobilekd.com' says:
Thursady January 9 ALERT! Your Amazon KFTT is INFECTED. Please INSTALL to
continue.

I then downloaded the Bit Defender AV app for andriod/kindle and performed a scan. The scan came back clean.

However when I downladed the Bit defender App I was expecting it to download some virus definitions (like you'd expect, if you were on your PC), but it didn't. I thought that was a little strange.

Once I hade scanned the device. I turned off the wifi and then turned off the Kindle.

I'm about to factory wipe my Kindle.

What do you reccomend ? Am I being a little paranoid ? (I don't think there is anything wrong with a little healthy paranoia when you're dealing with computer security though).

I've not noticed any unusual activity on my Amazon app account today. (However, that's not really surprising as I've turned off the Kindle. So even if it had been infected it wouldn't have had much of a chance to do anyting yet).

I suspect it's just a scare-ware pop up. Has anyone else seen this, or anyting like this at all on thier tablet devices ?

Any help or advice would be greatly appreciated ! TIA
Back to top
View user's profile Send private message
purplepenguin
LXF regular


Joined: Wed Oct 05, 2011 3:19 pm
Posts: 121
Location: Blissfully at the Command Line

PostPosted: Sun Jan 12, 2014 10:30 pm    Post subject: Reply with quote

Welcome to the Forum Very Happy

I'm not qualified to give you a definitive answer. So I give you my opinion.

Kindle's OS is probably based on Android/Linux and would not be affected by malicious code created for a PC. Most PCs run Windows so the people who create viruses tend to focus on code for that platform.

The kindle's storage area is like a USB flash drive (The Firmware/OS would be on a separate partition). While a virus cannot run in the storage area it is unlikely but possible that it could transfer to your PC from there.

When you connect the Kindle to your PC it should show up as a mass storage device. There's no harm in letting your PC's AV scan it.

Can you post a link to the screen shot?

I don't have any AV on my Android devices and have never had any issues.

If you are particularly worried. Restore the Kindle to factory settings. That should wipe any iffy files that you have downloaded as well as your data.

PP
_________________
Debian Testing 64bit KDE i5 CPU 8GB RAM

Firefox 29 wont let me move the Reload and Back buttons. It's my computer Mozilla not yours.
Back to top
View user's profile Send private message
guy
LXF regular


Joined: Thu Apr 07, 2005 1:07 pm
Posts: 1070
Location: Worcestershire

PostPosted: Mon Jan 13, 2014 5:33 pm    Post subject: Reply with quote

Caveat: I speak from a general background, not current knowledge of Kindle security.

There is relatively little malware capable of directly infecting a Kindle Fire (which AFAIK uses Amazon's own hacked version of Android). The OS is fairly secure against traditional PC viruses, and Amazon's hacks probably won't help compatibility with Android-specific attacks either. BitDefender is hopefully more concerned that basic lockdown settings haven't been compromised, and could get any handful of signatures it needs by transparently downloading them from Mummy without bothering to tell you.

Most malware of the type you describe requires the user to (unknowingly) grant it access permissions by clicking something, which, since you carefully didn't, makes it unlikely that anything cached by your browser ever got activated.

Does the browser have a cache that can be cleared? Other than that, personally I'd just keep an eye on the device for a while, just in case it was compromised and something recurs.

Frankly, the data sucked off and traded around the world as a matter of course by the likes of Amazon, Google, Facebook, et. al. is likely to have compromised your privacy far more.
_________________
Cheers,
Guy
The eternal help vampire
Back to top
View user's profile Send private message
Noob_Computa_Ninja



Joined: Sat Jan 11, 2014 5:39 pm
Posts: 4

PostPosted: Mon Jan 13, 2014 8:17 pm    Post subject: Reply with quote

Hi all.

Thanks very much for the help and advice !
It's much appreciated.
Back to top
View user's profile Send private message
Noob_Computa_Ninja



Joined: Sat Jan 11, 2014 5:39 pm
Posts: 4

PostPosted: Sun Jan 19, 2014 4:35 pm    Post subject: Reply with quote

Hi all.

Here are the two screen shots of those error/ fake AV messages
(These are direct links to my basic imgur gallery)

01. http://i.imgur.com/aMeuZEM.jpg
02. http://i.imgur.com/o108jmY.jpg

Since I last posted, I received another message claiming I was infected with another virus.

I got fed up, and wiped my Kindle and started again fresh.

As an aside, I currently have the Bit defender app installed on my device.
Is it wise/possible to run two or more AV apps on the kindle at the same time ?
I know you really shouldn't do this on a win PC, as they tend to conflict.
Does this cause any issues on android ?

Thanks again for any help or advice.
Back to top
View user's profile Send private message
purplepenguin
LXF regular


Joined: Wed Oct 05, 2011 3:19 pm
Posts: 121
Location: Blissfully at the Command Line

PostPosted: Sun Jan 19, 2014 6:13 pm    Post subject: Reply with quote

Quote:
The page at.......... says your infected


Who is this website to make such a claim? They don't look to be a page from a trusted AV provider. To be honest it looks more like a phising attempt. Could the site be compromised? Is it always the same site/domain? It may even just be an aggressive advert. Even if I was on a Windows machine and that message popped up I'd just ignore it and carry on my merry way.

I've just had a quick look on-line and none of the big boys (Symantec, Kaspersky etc.) offer on-line kindle scans. If Kindle was at risk I'm pretty sure they would as they do for PCs. They love to scare you into buy their products after all that is how they make money.

PP
_________________
Debian Testing 64bit KDE i5 CPU 8GB RAM

Firefox 29 wont let me move the Reload and Back buttons. It's my computer Mozilla not yours.
Back to top
View user's profile Send private message
purplepenguin
LXF regular


Joined: Wed Oct 05, 2011 3:19 pm
Posts: 121
Location: Blissfully at the Command Line

PostPosted: Sun Jan 19, 2014 6:17 pm    Post subject: Reply with quote

Post a link to the page and I'll have a look on my Android devices. See if its saying the same.
_________________
Debian Testing 64bit KDE i5 CPU 8GB RAM

Firefox 29 wont let me move the Reload and Back buttons. It's my computer Mozilla not yours.
Back to top
View user's profile Send private message
Noob_Computa_Ninja



Joined: Sat Jan 11, 2014 5:39 pm
Posts: 4

PostPosted: Sun Jan 19, 2014 8:53 pm    Post subject: Reply with quote

Hi there Purple penguin.

I posted one of the links in my first post.
(I just broke up the link in case that it may have sent someone to a dodgy infected site)
I don't think it would have, I just wouldn't want anyone to get caught out.

Thanks for the help so far.
Back to top
View user's profile Send private message
purplepenguin
LXF regular


Joined: Wed Oct 05, 2011 3:19 pm
Posts: 121
Location: Blissfully at the Command Line

PostPosted: Sun Jan 19, 2014 9:22 pm    Post subject: Reply with quote

Yeah I tried that one. mobilekd.com?
All I get is a blank white page on Android and PC. Absolutely nothing.

The source for the page is:

Code:
<iframe src="" style="border: 0px; width: 100%; height: 100%;"></iframe>


There's no DTD or other html tags. eh!!

What is the site supposed to be?

If you ask me it's looking more and more like the site and not your device that has problems.
_________________
Debian Testing 64bit KDE i5 CPU 8GB RAM

Firefox 29 wont let me move the Reload and Back buttons. It's my computer Mozilla not yours.
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast