Researchers from Georgia Institute of Technology have released a full report on a new attack vector that affects Android up to version 7.1.2.
The exploit, called Cloak & Dagger, uses Android’s design and screen behaviours against users, effectively hiding activity behind various app-generated interface elements that lets a hacker grab screen interactions and hide activity behind seemingly innocuous screens. Experts have created proof of concept users of the exploit including a bit of malware that draws an invisible grid over the Android screen that exactly mirrors – and can capture – the onscreen keyboard.Read more
The two newest versions of Android are vulnerable to a permissions feature being exploited by ransomware and banking malware.
Security firm Check Point has examined Android's permission model and discovered it contains an odd bug that has become a favorite tool for ransomware, adware, and banking trojans to hijack victims' screens with phishing pages and extortion demands. This problem stems from an extremely sensitive permission in Android 6.0 Marshmallow, the most widely used version of Android, called SYSTEM_ALERT_WINDOW. The permission allows an app to create windows that overlay all other apps.Read more
The sheer dominance of Google's Android operating system in the mobile market also comes with a flipside. Due to the increasing number of people using the OS on their smartphones and tablets, it has become the most preferred choice for hackers attacking the platform with malware.
According to a new report from German software company G DATA, its security researchers discovered over 750,000 new Android malware apps in the first quarter of 2017. On an average, the number equates to nearly 8,400 new malware instances every day. The company said that the year 2017 was off to a slower start in comparison with the same period last year.Read more
There are plenty of privacy-invading marketing ploys to worry about in life. Some examples are in your face, some are more subtle. And a relatively new kind manages to be outright invisible. In the most inconspicuous hustle of all, apps have increasingly incorporated ultrasonic tones to track consumers.
They ask permission to access your smartphone microphone, then listen for inaudible “beacons” that emanate from retail stores and even websites. If you’re not paying attention to the permissions you grant, you could be feeding marketers information about your online browsing, what stores you go to, and what products you like and dislike.Read more
While going through the web browsing, annoying adverts get on your nerves and you are unable to do anything to get rid of them except closing them again and again. Sometimes, these advertisements are very useful in some context, but often, they are annoying and of course, you would like to find out a way to get rid of them.
Well! What you can do is to select an extension or app to block website ads. It is also necessary for you to get because, the appearance of these adverts can make your system slower down and thus, the website, you want to open will be also loaded slowly. It is incredibly irritating when you find yourself helpless before them.Read more
Android malware capable of accessing smartphone users' location and sending it to cyberattackers remained undetected in the Google Play store for three years, according to a security company.
Discovered by IT security researchers, the SMSVova Android spyware poses as a system update in the Play Store and was downloaded between one million and five million times since it first appeared in 2014. The app claims to give users access to the latest Android system updates, but it's actually malware designed to compromise the victims' smartphone and provide the users' exact location in real time.Read more
Palo Alto Networks researchers have analyzed a string of legitimate-looking Android apps and have discovered that the adware included in them has the potential to do much more than just show ads.
Variants of the Ewind adware/malware are usually packaged in popular game and social media apps such as GTA Vice City, Minecraft – Pocket Edition, VKontakte, but also in many mobile security apps such as AVG cleaner and Avast! Ransomware Removal. And these apps are offered for download on well-established online Android app stores catering Russian-speaking users. The adware Trojan in fact potentially allows full remote access to the infected device.Read more
Android apps are mining smartphone users’ data by secretly colluding with each other, according to a new study. Virginia Tech researchers have found that pairs of apps can trade information, a capability that can lead to serious consequences in terms of security.
The team analysed 110,150 apps – including 100,206 of Google Play’s most popular apps – over three years, using a custom-built software tool called DIALDroid. “Researchers were aware that apps may talk to one another in some way, shape, or form,” said Gang Wang, an assistant professor at Virginia Tech’s department of computer science and one of the co-authors of the research.Read more
A new version of one of the most sophisticated forms of mobile spyware has been discovered, and this time it's being used to spy on Android users. Made public last summer, the Pegasus mobile spyware was used by a nation state to monitor iPhones belonging to activists in the Middle East.
The spyware uses three separate iOS vulnerabilities, collectively known as Trident, to allow an attacker to remotely jailbreak a target's iPhone and install spyware capable of tracking every action on the device. The discovery of the malware forced Apple to release a security fix for iPhones and iPads in order to protect users.Read more
If the death of online privacy rules wasn't enough for Internet Service Providers and advertisers to celebrate, Verizon has planned to pre-install spyware on customers' Android devices in order to collect their personal data.
The telecom giant has partnered with Evie Launcher to bring a new application called 'AppFlash' — a universal search bar that will come pre-installed on the home screens of all Verizon Android handsets for quickly finding apps and web content. AppFlash is simply a Google search bar replacement, but instead of collecting and sending telemetry data including what you search, handset, apps and other online activities to Google, it will send to Verizon.Read more