Chinese Hackers have taken Smishing attack to the next level, using rogue cell phone towers to distribute Android banking malware via spoofed SMS messages.
SMiShing — phishing attacks sent via SMS — is a type of attack wherein fraudsters use number spoofing attack to send convincing bogus messages to trick mobile users into downloading a malware app onto their smartphones or lures victims into giving up sensitive information. Security researchers have uncovered that Chinese hackers are using fake base transceiver stations to distribute "Swearing Trojan," an Android banking malware that once appeared neutralized after its authors were arrested in a police raid.Read more
Turns out that the spyware gold rush is so hot even amateurs are trying to join it. Malware hunters often say that it's really hard to point the finger at who's behind a cyberattack or a specific piece of malicious software — what's known in the cybersecurity community as "attribution."
Hackers, especially if they work for a government, go to great lengths to obfuscate who they are and who employs them. But sometimes hackers make mistakes, even blatant ones like leaving a link to the website of the company that developed the malware in the malware code itself. It would be like a burglar broke into your home and left their business card behind.Read more
Bought a brand new Android Smartphone? Do not expect it to be a clean slate. At least 36 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi, Asus, Nexus, Oppo, and Lenovo, which are being distributed by two unidentified companies have been found pre-loaded with malware programs.
These malware infected devices were identified after a Check Point malware scan was performed on Android devices. Two malware families were detected on the infected devices: Loki and SLocker. These malicious software apps were not part of the official ROM firmware.Read more
Security doom-monger ESET has let off a warning about a threat that it once warned about and has now come to its dreadful fruition. ESET says that some Android banking malware that it recently found on Google Play is back in the wild and is back targeting banks.
It explains that the source code for the malware was released a couple of months ago - we are surprised that it has taken this long to come out, to be honest - and says that it was worth the wait, in a way. The malware was distributed via Google Play as a trojanized version of a legitimate weather forecast application Good Weather. It could lock and unlock infected devices remotely, as well as intercept text messages.Read more
A group of highly sophisticated state-sponsored hackers is spying on the Israeli military by hacking into the personal Android phones of individual soldiers to monitor their activities and steal data.
A newly released research by Lookout and Kaspersky suggests that more than 100 Israeli servicemen from the Israeli Defense Force are believed to have been targeted with spyware. Dubbed ViperRAT, the malware has specifically been designed to hijack Israeli soldiers’ Android-based smartphones and remotely exfiltrate data of high value, including photos and audio recordings, directly from the compromised devices.Read more
Researchers here at the RSA Conference demonstrated a way a hacker can bypass enterprise mobility management sandboxing tools known as Android for Work that are designed to segregate work and personal data on Android devices.
Researchers showed how two separate malicious apps can circumvent Android’s multiuser framework designed to secure a work profile from a personal profile on a single device. The prerequisite of the attacks hinge on a targeted victim downloading apps in their personal profile that grants attackers heightened privileges over the device’s Accessibility Services and Notification permissions in both work and personal profiles.Read more
Android-targeting banking Trojan Marcher is on the rise, infecting devices via a phishing attack using SMS/MMS, gaining extensive privileges, displaying an overlay window to your banking app and collecting all your data, all the while successfully avoiding your antivirus apps.
It all starts with a phishing attack using SMS or MMS, with the messages including a link leading to a fake version of a popular app, such as WhatsApp, Runtastic or Netflix, to name a few. The link, however, doesn’t lead you to the good old Google Play Store, which is safe for the most part, but to a third-party app store. Of course, this doesn’t work if you don’t have the option selected from your phone’s security settings.Read more
Donald Trump's phone use is raising security concerns among a pair of senate Democrats. Sens. Tom Carper and Claire McCaskill sent a letter last week to Secretary of Defense James Mattis about whether the president is using a secure device to make calls and post tweets.
The senators, who both service on the Homeland Security Committee, worry that an unsecured device could be vulnerable to hacking, posing a national security risk. "Public reports originally indicated that President Trump began using a 'secure, encrypted device approved by the U.S. Secret Service' prior to taking office," the senators wrote in the letter, which was made public Monday.Read more
The use of droppers to infect devices with ransomware has spread to Android, Symantec security researchers warn. The use of a dropper to deliver malware on Android is a new technique, although it is a very popular one when it comes to malware for desktop computers.
Furthermore, researchers say, the actors using it have also implemented a 2D barcode technique meant to help them receive payment from victims, but they did this ineffectively. Spotted about a year ago, the Lockdroid ransomware was designed to encrypt user files and perform other nefarious activities as well. It requests device admin rights and, if the user grants them, it can also lock devices.Read more
An alarming number of Android VPNs are providing a decidedly false sense of security to users, especially those living in areas where communication is censored or technology is crucial to the privacy and physical security.
A study published recently identified a number of shortcomings common to high percentages of 238 mobile VPN apps analyzed by a handful of researchers. Users downloading and installing these apps expecting secure communication and connections to private networks are instead using apps that lack encryption, are infected with malware, intercept TLS traffic, track user activity, and manipulate HTTP traffic.Read more