Security researchers have discovered a way to target a huge number of Android and iOS apps that could allow them to remotely sign into any victim's mobile app account without any knowledge of the victim.
A group of three researchers – Ronghai Yang, Wing Cheong Lau, and Tianyu Liu – from the Chinese University of Hong Kong has found that most of the popular mobile apps that support single sign-on (SSO) service have insecurely implemented OAuth 2.0. It is an open standard for authorization that allows users to sign in for other third-party services by verifying existing identity of their Google, Facebook, or Chinese firm Sina accounts.Read more
A new Android banking Trojan, which masquerades as a Flash Player app, targeting customers of at least 90 major banks across the US and Europe has been uncovered. The malware can be considered to be highly advanced and dangerous, especially given its ability to bypass SMS-based two-factor authentication.
Some of the banking apps targeted by the malware include Deutsche Bank, Santander, American Express, Coinbase, Credit Karma, Paypal and Wells Fargo, among others. This banking malware can steal login credentials from 94 different mobile banking apps. The banking Trojan also comes with the ability to target some of the more popular social media apps.Read more
An analysis of transactions originating from devices protected by Zscaler security products reveals that iOS applications leak private user information in more situations than Android apps.
The result of this study shows that the generally accepted theory of iOS being more secure than Android doesn't necessarily apply to the apps running on these two platforms. According to data gathered in the last quarter, Zscaler says it detected around 200,000 transactions from a total of 45 million, where an app has leaked user data. The type of leaked information includes personally identifiable information, geo-location data, and device metadata.Read more
It's been more than two years since the existence of the Ghost Push mobile Trojan was made public – but millions of devices are still vulnerable.
The Trojan infected up to 600,000 Android smartphone and tablet users per day at its peak. The malware runs a malicious DEX file after installation, an Android program executable, to root victim devices and run malicious processes on startup. Ghost Push is also able to install unwanted apps and programs, display adverts, spy on users, and steal personal information. The Trojan also pushes ads in the Android notification bar to trick users into paying for additional services," such as porn or other third-party software.Read more
Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to.
One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections.Read more
Don't miss an important update at the bottom of this article, which includes an official statement from Xiaomi. Do you own an Android Smartphone from Xiaomi, HTC, Samsung, or OnePlus?
If yes, then you must be aware that almost all smartphone manufacturers provide custom ROMs like CyanogenMod, Paranoid Android, MIUI and others with some pre-loaded themes and applications to increase the device's performance. But do you have any idea about the pre-installed apps and services your manufacturer has installed on your device?, What are their purposes? And, Do they pose any threat to your security or privacy?Read more
Sometimes Android users have to download murky apps from Google Play. By “murky” we mean unfamiliar apps, apps from small publishers, and so forth — not the likes of Evernote, Dropbox, banking apps, or other popular programs. It might be a specialized engineering calculator, for example, or an alternative music player.
Many such apps exist in the Google Play store — thousands of them, in fact. And choosing isn’t easy. Seasoned Android users recommend going with the apps that have been downloaded the most times, the highest-rated apps, or the apps reviewed by the most people. It seems to make perfect sense.Read more
The Check Point mobile threat prevention research team discovered a new Android malware on Google Play, called “DressCode,” which was embedded into more than 40 apps, and found in more than 400 additional apps on third party app stores.
Check Point notified Google about the malicious apps, and some have already been removed from Google Play. The oldest apps were uploaded to Google Play on April 2016, where they remained undetected until recently. Some of the apps reached between 100,000 and 500,000 downloads each. Between 500,000 and 2,000,000 users downloaded the malicious apps from Google Play.Read more
Google has removed an Android app from the Play Store after security researchers from Symantec noticed the application was secretly scanning and stealing personal photos and videos from users' devices.
The app is HTML Source Code Viewer, and it was developed by a developer named Sunuba Gaming. At the time Google removed it, the application had between 1,000 and 5,000 installs. The app's moniker is self-explanatory, and it allowed users to view the source code of a Web page. Users only had to enter a URL, and the application retrieved that site's source code and printed it on the screen. According to Symantec, the app did a little more than that.Read more
When it comes to theft, cybercriminals usually use malware: ransomware, banking Trojans, viruses, and other such means. But sometimes, a good story and some perfectly legal software may be enough for them to accomplish their goals.
For example, some crooks have been using AirDroid — a powerful app for remote smartphone management — to steal money from freelancers. The scheme is simple. Criminals start by finding a potential victim on a website where employers look for freelancers and freelancers look for work. A crook claims to be an employer in search of a specialist for a simple project.Read more