Android seems to have become the preferred target of virus writers across the world, with new forms of malware capable of infecting more devices detected every day.
This time, security company Trend Micro warns of a new Android backdoor called GhostCtrl and which is a variant of the more famous OmniRAT that was discovered in late 2015 and affected a wider array of platforms, including Windows, Linux, and Mac. GhostCtrl is specifically trying to infect Android devices and it spreads as stand-alone APKs. The malware has been discovered in three different versions, with the most advanced giving hackers full control over a device and the rights to access and transfer any data stored locally.Read more
Wikileaks published another set of documents Thursday. The latest release of files purportedly from the U.S. Central Intelligence Agency (CIA) details a piece of malicious software for Android devices.
The malware, referred to as Highrise, can redirect or intercept text messages sent to a target’s phone, allowing a CIA agent to access it before it lands in the inbox of the person it was intended for. HighRise acts as a proxy server for text messages, bouncing the messages to internet “listening posts” that allow an agent to intercept them. While the malicious software provides the CIA with a powerful snooping tool, there is a major limitation to Highrise.Read more
A form of Android ransomware which threatens to send the victim's private information and web history to all of their contacts has been discovered in the official Google Play app store.
LeakerLocker doesn't actually encrypt the victims' files, but instead claims to have made a backup of data stored on the device and threatens to share it with all of the user's phone and email contacts. Those behind the malware demand $50 in exchange for not leaking personal data including photos, Facebook messages, web history, emails, location history and more, playing on fears of potential embarrassment rather than any form of cryptography.Read more
Google has released its latest monthly security update for Android devices, including a serious bug in some Broadcom Wi-Fi chipsets that affects millions of Android devices, as well as some iPhone models.
Dubbed BroadPwn, the remote code execution vulnerability resides in Broadcom's BCM43xx family of WiFi chipsets, which can be triggered remotely without user interaction, allows a remote attacker to execute malicious code on targeted Android devices. "The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes.Read more
A newly uncovered form of Android malware aims to steal data from over 40 popular apps - and the trojan has been actively engaging in in this illicit activity for almost two years.
Dubbed SpyDealer, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location. The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location.Read more
This CopyCat's got claws. A new strain of a malware called CopyCat has infected more than 14 million Android devices around the world, rooting phones and hijacking apps to make millions in fraudulent ad revenue, researchers at Check Point said Thursday.
While the majority of victims are in Asia, more than 280,000 Android devices in the US were hit by the massive hack. Google had been tracking the malware for the last two years and has updated Play Protect to block CopyCat, but millions of victims are getting hit through third-party app downloads and phishing attacks. There was no evidence that CopyCat was distributed on Google Play.Read more
EU antitrust regulators are weighing another record fine against Google over its Android mobile operating system and have set up a panel of experts to give a second opinion on the case, two people familiar with the matter said.
Assuming the panel agrees with the initial case team's conclusions, it could pave the way for the European Commission to issue a decision against Alphabet's Google by the end of the year. The Commission in April last year charged Google with using its dominant Android mobile operating system to shut out rivals following a complaint by lobby group FairSearch, U.S.-based ad-blocking and privacy firm Disconnect Inc.Read more
Google’s thesis to the automotive industry came packaged in a red glinting Maserati Ghibli. The luxury sedan, parked outside last year’s Google I/O developer conference, might have looked like just another sports car — a ubiquitous sight in Silicon Valley.
But what was inside captured the interest of automakers. And now, some automakers are buying into what they found, despite long-held fears of giving up too much control to outsiders like Google. “The traction we’re seeing in the car space is just ridiculous,” Patrick Brady, vice president of engineering for Android, told. “It’s surprising even to us and has caught us off guard.”Read more
A malicious Android app that downloads itself from advertisements posted on forums strongly resists removal, security firm Zscaler warns.
The dodgy Android utility poses as "Ks Clean", an Android cleaner app. Once installed, the app displays a fake system update message in which the only option presented to the user is to select the "OK" button, giving victims little immediate option other than to accept a supposed security update. As soon as the user presses "OK", the malware prompts the installation of another APK named "Update". The Update app asks for administrator privileges which, if granted, can't be revoked.Read more
An Android malware campaign called Judy has been discovered lurking in more than 40 apps in the Google Play Store, and it might have punched its way through as many as 36.5 million devices. Check Point discovered the malware that thankfully doesn't resort to ransomware or stealing bank credentials.
Instead, it installs a form of auto-clicking adware to generate large amounts of fraudulent clicks on advertisements in order to raise money for the perpetrators. The malware has a reach of anywhere between 8.5 million and 36.5 million users worldwide from 41 different apps offered for sale on the Google Play Store.Read more