Smartphone users are just as vulnerable to cryptocurrency mining hijacks as their PC counterparts, and sometimes on a dramatic scale.
Malwarebytes has detailed a "drive-by" mining campaign that redirected millions of Android users to a website that hijacked their phone processors for mining Monero. While the exact trigger wasn't clear, researchers believed that infected apps with malicious ads would steer people toward the pages. And it wasn't subtle -- the site would claim that you were showing "suspicious" web activity and tell you that it was mining until you entered a captcha code to make it stop.Read more
A new botnet that distributes malware for mining Monero cryptocurrency has emerged, infecting Android devices through a port linked with a debugging tool for the OS, according to researchers at Qihoo 360 Netlab.
Dubbed ADB.Miner by 360 Netlab, the botnet is gaining entry to Android devices–mostly smartphones and TV boxes–through port 5555, which is associated with Android Debug Bridge, a command-line tool that is used for debugging, installing apps and other purposes. ADB typically communicates with devices via USB, but it’s also possible for it to use wifi with some setup, according to Android documentation.Read more
Sega has said it is looking into claims that a trio of its Sonic games for Android are leaking personal data.
Security company Pradeo said late last week that it had discovered the Android games -- Sonic Dash, Sonic the Hedgehog Classic, and Sonic Dash 2: Sonic Boom -- were leaking user location data and device info. Based on the download ranges offered by the Play Store, collectively the leaks could impact between 120 million and 600 million users. Among the tracking and advertising issues, the security firm also said it found two issues that could result in man-in-the-middle attacks, and a bagful of others that could potentially lead to encryption weakness and denial of service.Read more
Malware which aims to steal Facebook login credentials and also aggressively displays pop-up adverts has been uncovered targeting Android users via the Google Play store -- and may have been downloaded by hundreds of thousands of unwitting victims.
Dubbed GhostTeam after strings in the code by the analysts at security company Trend Micro which uncovered it, the malware was first published in April 2017 and was disguised in the official Android marketplace as utility apps, performance boosters, and social media video downloaders.Read more
Researchers have identified a powerful new Android malware strain called Skygofree capable of eavesdropping on WhatsApp messages, siphoning private data off phones and allowing adversaries to open reverse shell modules on targeted devices, giving attackers ultimate remote control.
Researchers said the malware was developed three years ago and has evolved significantly since then to include 48 unique commands in it most recent iteration. Several of those features have never been seen before in Android malware, according to researchers at Kaspersky Lab who discovered the Skygofree strain last year and disclosed its findings Tuesday.Read more
If you happen to have an old Android device lying around and a reason to worry about people messing with your business, Edward Snowden has an app for that.
Haven is an open-source project that Snowden developed in conjunction with Freedom of the Press Foundation and Guardian Project. You can find directions and links for downloading and installing it on the latter organization's Github page. This isn't your typical security app. Haven doesn't lock down a single device or prevent tampering; instead, it repurposes an Android device — an old, unused one, preferably — and, using an assortment of built-in sensors, turns it into a multi-functional security gadget.Read more
Among the four dozen vulnerabilities Google patched this week was a fix for a bug that allowed attackers to inject malicious code into Android apps without affecting an app’s signature verification certificate.
The technique allows an attacker to circumvent device anti-malware protection and escalate privileges on targeted device with a signed app that appears to be from a trusted publisher, according to researchers. The vulnerability, dubbed Janus, was discovered earlier this summer by Eric Lafortune, CTO of GuardSquare. He reported the bug to Google in July.Read more
Checkpoint researchers discovered several vulnerabilities in Android application developer tools that put any organization that does Java/Android development at risk of an outsider gaining access to their system.
The vulnerability affects cross-platform users that use Android Studio, IntelliJ, Eclipse and APKTool and the most common Android Integrated Development Environment (IDES), according to the ParseDroid – Targeting The Android Development & Research Community report. Researchers said the attacks could be used to target any Android developer in any organization and that there are a lot of open source tools that are using APKTool.Read more
Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app's developer failed to secure the database's server. The server is owned by Eitan Fitusi, co-founder of AI.type, a customizable and personalizable on-screen keyboard, which boasts more than 40 million users across the world.
But the server wasn't protected with a password, allowing anyone to access the company's database of user records, totaling more than 577 gigabytes of sensitive data. The database appears to only contain records on the app's Android users. The discovery was found by security researchers at the Kromtech Security Center, which posted details of the exposure.Read more
Researchers at YALE Privacy Lab and French nonprofit Exodus Privacy have documented the proliferation of tracking software on smartphones, finding that weather, flashlight, rideshare, and dating apps, among others, are infested with dozens of different types of trackers collecting vast amounts of information to better target advertising.
Exodus security researchers identified 44 trackers in more than 300 apps for Google’s Android smartphone operating system. The apps have been downloaded billions of times. Yale Privacy Lab is working to replicate the Exodus findings and has already released reports on 25 of the trackers.Read more