Moral of the Story: “I will never own a phone without Lookout!”
How Lookout Saved the Day for Neil: “I had spent almost an entire year organizing my wife’s surprise 30th birthday party. I had compiled a guest list of nearly 200 people, and I had spent hours collecting the phone numbers for distant relatives and friends whom I hadn’t seen in years.
“The day I booked the venue for the event, I typed out a text message with all of the party details and sent it to the first 30 invitees. Suddenly, my phone froze. I left it alone for a few minutes, but it was still frozen. I took the battery out, waited a minute and then turned the phone back on. To my relief, the phone was working again. However, after I powered the phone back on, I noticed the background picture wasn’t the same. I clicked into my contact list and saw it was empty—there wasn’t a single number listed! I checked again and again. I felt sick. Not only had I lost all my personal contacts’ phone numbers, I lost all the numbers of my wife’s friends; it had taken nearly a year to gather all of that information… there was no way I’d be able to track down all of those contacts again.
“Then I remembered Lookout. I went to open Lookout’s application on my phone, but all of my apps were gone too. Once I reinstalled Lookout, I also went online and logged into my account. I couldn’t believe it… all of my contacts were still on file! I started to transfer all the numbers back onto my phone and was amazed that I recovered everything I’d lost in less than ten minutes. Five months later, everyone came to my wife’s surprise party; it was a huge success. Thanks, Lookout!”
Sometimes in the news you’ll notice that companies use huge percentage numbers to report on the state of the mobile security. In some cases this can be extremely informative but in other instances, the stats are daunting, create FUD and ultimately don’t provide real value to people who want to know how to keep their phone safe. While threat statistics can be informative, as they provide valuable knowledge about mobile threats on the rise, context needs to be given in order to help people understand the true risk of encountering a security threat.
That’s why at Lookout we take a different approach to mobile threat reporting. It’s all about providing context. For instance, when it comes to overall malware growth, we tend to look at the number of malware variants and how it relates to a user’s risk. For example, after reviewing how many threats were detected across our user base, we determined a person’s likelihood of encountering a threat over a year. In 2011, we found that a person has a 4% annual likelihood of encountering malware. Absolute numbers and risk assessments keep things in perspective without promoting anxiety.
Also, sometimes a growth number isn’t the most important statistic to people – it actually does a disservice to people who want to have an accurate understanding of mobile threats. That’s why at times we focus on educating people about new families of malware, the places that malware is being distributed and the variance of new threat strains. It gives people a more complete understanding.
If our information isn’t going to help people in some way, be it protection from an existing threat or the inside scoop on a new trend, we won’t sound the alarm. With the right information on mobile threats and a reasonable level of awareness of risks, we think people can do more with their phones — no fear necessary.
Drop us a note in the comments section if you have feedback for us!
Bonjour! こんにちは! Today, we’re excited to announce Lookout is available for download from the Android Market in Japanese and French languages!
Lookout’s international launch began in November with the United Kingdom, Australia, Canada, and then Germany. Now smartphone and tablet users in France and Japan have access to a localized app that offers top-notch security, find-my-phone, data backup and data restore features. Lookout Premium is also available for upgrade for €2.49/month in France, and 250 yen/month in Japan.
Everyday, everywhere, people rely on their mobile devices. Lookout’s committed to protecting smartphones worldwide and we will continue to roll out regionally adapted versions of our app to countries across the globe.
Can you guess where Lookout will pop up next? Stay tuned for more localized versions to come!
Do you love your smartphone? Do you love downloading apps? If you said yes, you’re not alone. Smartphones have taken the world by storm! Check out this infographic to learn more about mobile device and app growth.
Over the past few months we’ve seen mobile ad networks adopt increasingly aggressive methods of ad delivery. At Lookout, we’ve been particularly watchful of ad networks that are capable of pushing ads to the default Android notification bar, placing generically designed icons on the mobile desktop, and changing browser settings, like bookmarks or homepage. We’ve heard directly from our users that they find these ads especially confusing because the ads are displayed outside of an application. Often these ads can be misinterpreted as malware.
To give you more insight into which ad networks are present on your device, our Lookout Labs team has released a beta version of Push Ad Detector. Push Ad Detector scans your device for the presence of a select number of ad networks that are capable of displaying out-of-app advertisements. When an ad network is detected within an app on your phone, Push Ad Detector lists the app and the ad network. We want you to be able to make an informed decision about what apps and ad networks you keep on your phone. When possible, Push Ad Detector provides an opt-out link for the ad network.
It’s also common practice for ad networks to collect personally identifiable information for use in marketing campaigns. Much like ads served by email providers or social networks, this practice helps show more personalized and relevant ads to users. However, it is often unclear to users what information is collected. In addition, there are a number of best practices to make sure that the data collection is more secure, such as using hashing to obfuscate user identities. Push Ad Detector tells you exactly what personal data is being collected, and whether it is collected securely. This release tracks six of the more aggressive ad networks out there.
Ad Networks Detected
Airpush
Appenda
LeadBolt
Moolah Media
Startapp
Tapit!
Lookout Labs began development of this product late last year, planning to launch in late February. Considering the recent stir around ad networks and the amount of confusion these ads can cause, we decided to launch a beta version of Push Ad Detector today. As with any beta product, there are a number of features that we will continue to test and build on. Push Ad Detector is a free download in the Android Market. Are you going to download it? Let us know what you think!
Last Saturday, Opscode and Lookout hosted a Chef hack day at Lookout’s new office in San Francisco. For the layperson, Chef is a tool that lets Operations Engineers automate the hard work it takes to add new backend servers to support a website or mobile app. We had a great turnout; over 75 people from the Bay Area DevOps community came together for a day filled with good food, good people, and hacking!
Throughout the day, there were a number of mini-tutorials, workshops, and brainstorming sessions about how to solve common Chef problems. A big thanks to Opscode and everyone who came out to the event, we’re so glad you could join us. We can’t wait for the next Chef Hack Day!
Today, news came out that claimed a particular family of malware, termed ‘Android.Counterclank’, had infected 5 million users. We disagree with the assessment that this is malware, although we do believe that the Apperhand SDK is an aggressive form of ad network and should be taken seriously.
This isn’t malware.
The average Android user probably doesn’t want applications that contain Apperhand on his or her phone, but we see no evidence of outright malicious behavior. In fact, almost all of the capabilities attributed to these applications are also attributable to a class of more aggressive ad networks – this includes placing search icons onto the mobile desktop and pushing advertisements through the notifications bar.
Malware is defined as software that is designed to engage in malicious behavior on a device. Malware can also be used to steal personal information from a mobile device that could result in identity theft or financial fraud.
Apperhand doesn’t appear to be malicious, and at this point in our investigation, this is an aggressive form of an ad network – not malware.
We’re researching ad networks closely.
We spend a significant amount of time looking not just at mobile apps, but also at SDKs that are commonly integrated into apps. We’ve recently been focusing heavily on the capabilities of various mobile advertising SDKs. We believe that ad networks are important for the overall mobile ecosystem; however, some advertising networks go beyond the commonly accepted behavior of ad networks with more aggressive tactics.
This particular ad network SDK, com.apperhand, bears similarities to one previously distributed in a number of apps in June of 2011 as the “ChoopCheec platform” or “Plankton”. Early incarnations of this SDK crossed several privacy lines in the data it collected about users, but the current version does appear to have cleaned up its act somewhat. That said, the current SDK has several capabilities that are common to many ad networks:
It is capable of identifying the user uniquely by their IMEI, for instance, but unlike some networks this SDK forward-hashes the IMEI before sending to its server. They’re identifying your device, but they are obfuscating the raw data.
The SDK has the capability to deliver “Push Notification” ads to the user. We’re not huge fans of push notifications, but we also don’t consider push notification advertising to be malware.
The SDK drops a search icon onto the desktop. Again, we consider it bad form, though we don’t consider this a smoking gun for malware provided the content that is delivered is safe. In this case, it is simply a link to a search engine.
The SDK also has the capability to push bookmarks to the browser. In our opinion, this crosses a line; although we do not believe this is cause to classify the SDK as malware.
Of the applications that were originally identified as malicious, a subset of them have subsequently been pulled from the Android Market. However, it’s important to note that this does not include all identified applications, and reasons for removal may also include content, copyright, or other violations of the Android Market’s Terms of Service.
We’re continuing our investigation.
At this point, it appears that what we’re seeing is an example of an ad network that pushes the lines of privacy. Over the past few months we have been closely tracking this, and we are seeing a trend of this type of behavior. While this is not malware, we do think that consumers should take it seriously, and we’re actively working on a solution to help users understand whether applications have potentially undesirable behavior such as this while not creating unnecessary worry.
Lookout believes in educating our users about the apps that they’re installing. We’ll have more to share about what we’re working on in this area in the coming weeks – stay tuned.
If you have questions, please comment or write us.
How Natisha learned about Lookout: “I was browsing for apps and found Lookout. I noticed that the app was highly rated and that the reviews said it was very ‘easy-to-use.’ They were right—I’m sure glad I downloaded Lookout!”
Moral of the story:
“Lookout saved me! Lookout stopped me from downloading a bad application on my phone.”
How Lookout Saved the Day for Natisha:
“My sister and I were installing apps to our phone, and we came across a game app that we both had been interested in downloading. When I went to install the app, I immediately got a notification from Lookout, alerting me that the content I was attempting to download was from a bad source. Without a second thought I refused it. I let my sister know that the app was not safe to download, but she didn’t believe me. If she had downloaded your app, she would have been protected!”
Here at Lookout, we like to push the boundaries of mobile. That’s why we started “Lookout Labs,” an initiative that enables our team to quickly create and launch new mobile products. Many of you have already had the chance to find a lost phone with Plan B, or learn a little more about Carrier IQ with our detector app; both were concocted in Lookout Labs. Today, we’re excited to introduce our Mobile Threat Tracker: (available for download on the Android Market). This interactive app allows you to zoom through time and watch as thousands of sparks light up the globe; each spark represents Lookout blocking a threat to protect a real user. With the Lookout Mobile Threat Tracker, you can now see the threats that Lookout identifies and catches every day. This app should answer some of the questions we get all the time: “Are there really mobile threats?” “How many mobile threats are there?” “What are the most common mobile threats?”
In the Mobile Threat Tracker app, tap on the information icon to see the names of the top three trending threats. Tap on a name to learn more about that threat. This week’s top threat, RuPaidMarket, masquerades as a useful app but actually sends premium SMS messages without allowing you to opt out, or letting you know that you will be charged.
Behind the Mobile Threat Tracker
As an engineering intern at Lookout, I love reading the stories that Lookout users submit to our company. It’s pretty cool to hear how Lookout has saved the day for our users by finding their lost or stolen phone, backing up their precious data, or blocking them from downloading a malicious app. I thought it would be interesting to build an application showing the many threats that Lookout detects across the world, telling the story of these individual users at a macro level. This was the idea behind the Mobile Threat Tracker. The Mobile Threat Tracker shows a globe against a starry backdrop where each flying spark is a mobile threat we’ve detected and blocked. With a swipe of your finger, you can travel through time to see mobile threat activity, and learn more about the top threats Lookout protected against for the current week. This data is updated hourly so you can see mobile threats appear and disappear over time.
We hope you enjoy using the Mobile Threat Tracker to see the mobile threats Lookout protects against across the globe. Download the app from the Android Market today: Mobile Threat Tracker. We’d love to know your thoughts, too: feedback@mylookout[dot]com. Be sure to stay tuned for more innovative projects from Lookout Labs!
Good news T-Mobile customers! Now, rather than manually entering in credit card numbers to purchase Lookout Premium, T-Mobile customers* can simply charge Lookout Premium directly to their T-Mobile phone bill. We’re excited to offer this new service as a secure and convenient way for T-Mobile customers to pay for Lookout Premium.
In addition to all of Lookout’s free features, Premium offers comprehensive protection with:
Safe Browsing to scan every site you visit and every link you click in real-time, protecting you against the latest online threats.
Remote Lock and Wipe to secure and erase the data on your phone if it is lost or stolen.
Privacy Advisor to help you make smart choices to protect your privacy
Back up to securely back up and restore photos and call history, in addition to contacts.
Download Lookout Premium for $2.99/month or $29.99/year today!
* Limited to T-Mobile devices preloaded with Lookout
About this blog
This is the official blog of Lookout, a mobile security company in San Francisco. Find out more about us or our product.
Download Free
Learn More
This interactive app allows you to zoom through time and watch as thousands of sparks light up the globe; each spark represents Lookout blocking a threat to protect a real user. With the Lookout Mobile Threat Tracker, you can now see the threats that Lookout identifies and catches every day. This app should answer some of the questions we get all the time: “Are there really mobile threats?” “How many mobile threats are there?” “What are the most common mobile threats?”
backing up their precious data, or blocking them from downloading a malicious app. I thought it would be interesting to build an application showing the many threats that Lookout detects across the world, telling the story of these individual users at a macro level. This was the idea behind the Mobile Threat Tracker. The Mobile Threat Tracker shows a globe against a starry backdrop where each flying spark is a mobile threat we’ve detected and blocked. With a swipe of your finger, you can travel through time to see mobile threat activity, and learn more about the top threats 
© 2012 Lookout, Inc. All rights reserved. Patents pending.