DoJ Stamps Out Sites Allegedly Hawking Pirated Android Apps
For the first time ever, the U.S. DoJ has seized the domains of websites for allegedly dealing pirated Android software. This may have been the first time Justice took down sites for illgotten cellphone apps, but it probably won't be the last, said McAfee consultant Robert Siciliano. "The worst thing the Department of Justice can do in a case like this is nothing," he said.
Aug 23, 2012 7:00 AM PT
The U.S. Department of Justice executed seizure orders against three website domains allegedly engaged in the illegal distribution of copies of copyrighted Android cellphone apps. It is the first time that website domains involving cellphone app marketplaces have been seized, the DoJ said.
The seizures of the domains -- applanet.net, appbucket.net and snappzmarket.com -- are part of a push to crack down on the infringement of copyrighted mobile software. The operation was coordinated with international law enforcement, including Dutch and French officials.
This may have been the first time Justice took down a website domain involving cellphone apps, but it probably won't be the last, said Robert Siciliano, a McAfee consultant. Cybercrime, especially illegal distribution of copyrighted content, is continually proliferating.
"The worst thing the Department of Justice can do in a case like this is nothing," he told the E-Commerce Times.
Pressure from the software industry, Siciliano speculated, might have also spurred the Department of Justice to take action. While it is doubtful the seizure will put a stop to such activity, he said, "at least it puts the pirates on notice that Justice is taking action in this area now."
Others are not so sure this message will be properly appreciated by the criminal element.
Stop Me If You've Seen This One ...
"Haven't we seen this movie already?" said Tim 'TK' Keanini, chief research officer at nCircle.
"The DOJ can shut down these websites, but the pirates will just find other distribution channels," he told the E-Commerce Times. "It's like a massive game of whack-a-mole."
The Lure and Danger of Free Software
Part of the problem is that consumers will download anything appearing to be even remotely legitimate, so long as it is free, he said.
"Consumers need to know that 'free' apps aren't really free at all, it's very likely they have been pirated," Keanini said. "Software obtained through unofficial distribution channels is often infested with malware that can create serious problems. Downloading these apps is pennywise and pound foolish."
Free Is Not Always Good
There is a lot of malware associated with the Android community, and not just because the apps are free, Dean Coclin, senior director of business development at Symantec, told the E-Commerce Times.
For starters, he said, there is no authentication for developers, and it is very easy to misrepresent software when uploading it to the Android store. "All there is in terms of security is a self-sign certification that no one trusts," he said.
Another problem is that there is no centralized app store model, such as with the iPhone or Windows. "So third parties can easily set up distribution channels," he said. Some are legitimate, but others, allegedly including the ones seized by the Department of Justice, are not.
"Android is all about being open, and open is good if you are developer, but not so good in terms of security," Coclin concluded.
What Comes With Pirated Software
Downloading pirated software usually leads to additional trouble for consumers and businesses beyond the mere fact of having to reload legitimate software once the mistake is realized.
"Pirated software often contains root kits, backdoors, key loggers, and other malware designed to steal passwords, credit card and banking information, or to remotely control the infected computer, smartphone or tablet," Lamar Bailey, director of security research and development at nCircle, told the E-Commerce Times. "Companies using pirated software also open themselves up to Business Software Alliance investigations, fines and lawsuits."
The Department of Justice did not respond to our request for further details.