Read more of this story at Slashdot.
Newly discovered Trojan malware, which has been dubbed as GPlayed by the IT security experts at Cisco Talos, disguises itself as Google Play Store to trick users into downloading it. After getting installed, it steals location information and bank details from the device. Additionally, it is capable of transferring code between desktop and mobile platforms. […]
This is a post from HackRead.com Read the original post: Malicious Platform Independent Trojan GPlayed Disguised as Google Play Store
Trojan architecture and capabilities
The Android package is named "verReznov.Coampany." The application uses the label "Installer" and its name is "android.app.Application."
This is the last of the three main timers that are created. The trojan will register the SMS handler, which will forward the contents and the sender of all of the SMS messages on the phone to the C2.
The final step in the trojan's initialization is the escalation and maintenance of privileges in the device. This is done both by requesting admin privileges on the device and asking the user to allow the application to access the device's settings.
The HTTP requests follow the format below, while on the WebSocket only the query data is written.
Trojan activityAt the time of the writing of this post, all URLs (see IOC section) found on the sample were inactive, and it does not seem to be widespread. There are some indicators that this sample is just a test sample on its final stages of development. There are several strings and labels still mentioning 'test' or 'testcc' — even the URL used for the credit card data exfiltration is named "testcc.php."
CoverageAdditional ways our customers can detect and block this threat are listed below.
Indicators of compromise (IOC)
Package.apk - A342a16082ea53d101f556b50532651cd3e3fdc7d9e0be3aa136680ad9c6a69f
eCommon.dl - 604deb75eedf439766896f05799752de268baf437bf89a7185540627ab4a4bd1
Reznov.dll - 17b8665cdbbb94482ca970a754d11d6e29c46af6390a2d8e8193d8d6a527dec3
Custom activity prefix
Read more of this story at Slashdot.
Beginning this week, Google has announced some striking decisions that takes a leap towards user privacy. In addition to the
The Register: Rap for WhatsApp chat app chaps in phone-to-pwn security nap flap – “Memory corruption flaw present in Android, iOS builds. Aaand it’s been fixed”
Further to this story: Intel Management Mode – Apple didn’t lock
Thomas Claburn for The Register: Intel’s commitment to making its stuff secure is called into question – ‘In an email to The Register in response to our report about the problems posed by the Manufacturing Mode in Intel’s Management Engine (ME), which if left open leaves processors vulnerable to local attack, Kanthak called Intel’s statement “a blatant lie.”‘
The Register: Pixel 3, 3XL, Slate tab launch: Google emits swanky iPad botherer while tarting up mobes – “The day after Google confessed to almost exposing the private data of hundreds of thousands of Google+ accounts to app developers, the ad giant unveiled perhaps the most-leaked phone in recent memory.”
Searching for a legal free movie download app? In this article, we will help you to find out the 10 Best Free Movie Download Apps For Android using which you can stream or even download free movies.
Smartphones have completely revolutionised the way we watch movies and TV shows. Gone are the days when people relied on physical Compact disc for storing and sharing media files. Well, here’s a list of some exciting applications that will help you to stream and download movies.
Modbro is an excellent application for streaming and downloading movies. A majority of content on this application is available in high-definition quality. Moreover, the streaming and downloading speeds are also reliable.
Modbro offers an enormous collection of free movies and TV shows.
Content on Modbro is very well organised, and search filters like language and genre make it easier to find content. Lastly, the installation process of Modbro apk is similar to any other application. You can use Modbro for freely downloading a new movie.
- Clean UI
- Language and genre filters
- Content is organized in categories
- Random playback issues
2. Popcornflix- Movies.TV.Free
Popcornflix is the next perfect application for free movie download. Well, Popcornflix has an extensive collection of around 700 movies all available in high-definition. This catalogue is enough for a year if you watch two movies a day.
Moreover, Popcornflix regularly updates and add more new movies to the application.
Movies on Popcornflix are very well organised into different genres like Comedy, Romance, Family/Kids, Drama, Urban, Action/Thrillers, Horror, Espanol, Documentaries, Bollywood and much more.
Popcornflix is a legal application and can be easily downloaded from Playstore. Lastly, the app has no watching restrictions, so you can watch as much you want.
- Available on PlayStore
- Exclusive and new content
- Annoying advertisements
- Slow streaming speeds
- Small catalogue for TV shows
Crackle is the next free movie downloading application on the list that is available both for Android and iOS users. Similar to other applications, Crackle has a decent collection of TV shows and exclusive movies.
Furthermore, Crackle offers the fastest streaming speeds, and the UI is clean and easy to navigate.
Crackle displays some random advertisements, but they are not a big issue. Crackle has impressive filter features like the genre, alphabetical order, full episodes, recently added, trailers, clips and much more.
Once you log-in, the application will start suggesting personalised content. Lastly, there is no watching limit on Crackle as well.
- Fast download and streaming speeds
- Available for both iOS and Android
- Limited UI customization features
4. Megabox HD
Megabox HD is another useful application for free movie downloads. As the name of the app suggests a majority of content on Megabox is available in HD quality. You can either stream or download free movies for offline viewing.
Megabox HD is not available on playstore, so you have to download the application manually and then install it.
Surprisingly, Megabox HD is also available for Windows and MacOS. So you can enjoy your movies and TV shows on a bigger screen. Megabox HD has a decent collection of some latest and exclusive TV shows and movies.
Lastly, if you create a free account, you can add movies to your watchlist.
- Available for PC
- An enormous collection of exclusive movies
- Outdated UI
- Lacks personalized content
The next application on the list possibly came pre-installed on your smartphone. Yes, YouTube has a massive collection of movies. Many old movies are uploaded by production companies on their Youtube channels.
Moreover, a majority of indie film-makers upload their content on YouTube.
It is worth noting that you can even buy the latest movies on Youtube. Moreover, YouTube offers unmatched streaming quality, speed, and reliability. There are also some users who upload the entire film on their channel. These movies are generally taken down, but you can still find some of them.
- Fast Streaming speeds
- Available for every computing device
- Fairly difficult to find full movies
Tubi offers thousands of hit movies and TV series for free. Well, Tubi is a very-well developed application using which you can download free movies. Tubi allows users to personal queue to bookmark which videos they want to watch.
Moreover, new TV shows and movies are added to the collection on a weekly basis.
A majority of content on Tubi is available in HD quality. Tubi also has a dedicated “Not on Netflix” category. You can even stream your content on a more prominent display as Tubi supports Chromecast, Apple TV, Roku devices, Amazon Fire TV, and many other streaming devices. Lastly, Tubi is 100% legal and offers unlimited streaming.
- Available on Play Store
- Supports Chromecast and Firestick TV
- Suggest Personalized content
- Dark theme
- Limited UI customization features
7. Popcorn Time
Next popular application on the list is Popcorn Time. The major highlight of Popcorn Time is that all of its content is directly streamed from Torrent. Consequently, you can find almost every TV show or movie on Popcorn Time.
A majority of content on Popcorn Time is available in high-definition quality and the service also provides subtitles.
Next up, Popcorn Time is available on all major platforms like Windows, Android, iOS, MacOS, and Linux. Lastly, Popcorn Time also offers some impressive UI customization tools and you can even change the language of the app.
- Seamless cross-platform integration
- Content is available in HD and FHD quality
- Sometimes it takes too long to stream from torrent links.
Viewster offers a wide range of ad-supported free TV shows and movies. This on-demand service has a massive collection of old sci-fi movies and geek-documentaries. Viewster has a Newsfeed-style homepage, which displays recently added and featured content. You can easily watch popular movies online using Viewster.
Viewster is completely free and is most popular among anime watchers. That said, the random app crashes coupled with advertisements may annoy some users. Overall, its a great app for watching and downloading free movies.
Viewster also allows users to create a watchlist and suggests content on the homepage, based on users preference.
- An impressive collection of anime
- Newsfeed-style homepage
- During playback audio or video freezes
- Lack of movies and TV shows
9. Cinema Box
Cinema Box is also a popular application. Well, Cinema Box allows users to watch free HD movies and TV shows on your Android phone, tablet, and TV box. Moreover, similar to other apps on the list you can easily download both free movies and TV shows for offline viewing.
Cinema Box is available for both Android and iOS users.
Cinema Box supports Google Chromecast, using which you can easily cast your content on a bigger display. This streaming service has a massive collection of some exclusive titles. Infact, new content is added to the entire catalogue on weekly basis.
- An enormous collection of popular titles
- Supports Chomecast
- Outdated UI
- Slow streaming speeds
10. Sky HD
The last application on the list can be used to stream HD movies and TV shows online for free. Sky HD has a clean and easy to use UI. Using Sky HD, you can easily segregate movies and TV Shows based on movie type or movie genre.
The installation process of Sky HD is fairly simple, though you have to regularly check the official website for application updates.
Similar to Cinema Box, Sky HD is also compatible with Chromecast and you can easily cast your content on a bigger display. Overall if you prefer a simple app for downloading and watching offline content than Sky HD will definitely impress you.
- Clean UI
- Supports Chromecast
- Random app crashes
- Issues while casting content
Do help the community by sharing any other application for free movie downloading in the comments section below.
The post Free Movie Download Apps For Android- Best of 2018 appeared first on TechWorm.
Google has announced that it will be closing down the consumer version of Google+, its failed answer to Facebook, and is introducing more granular Google Account permissions, new limits for third-party apps that seek permission to access users’ Gmail data, and new limits for apps’ abilities on Android devices. The Google+ problem Ben Smith, Google Fellow and VP of Engineering, cited “significant challenges in creating and maintaining a successful Google+ that meets consumers’ expectations” and … More
The post The end of Google+: Low usage and an API bug that exposed user data appeared first on Help Net Security.
Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all.
On Labs, we raised the question of whether it is a good idea to bring your own security or not, talked a little bit more about fileless malware, homed in on a malware campaign targeting Fortnite gamers, and looked into LoJack, a bootkit malware that has been targeting government entities.
Other cybersecurity news:
- Google Chrome extension developers were the target of a phishing campaign going after their credentials. (Source: ZDNet)
- If you think you won’t fall for dubious links or email attachments, perhaps a real-life human on the phone—who speaks professionally, uses a trusted number, and assures you throughout the conversation that there’s nothing wrong—could. (Source: KrebsOnSecurity)
- The FBI and DHS warned the American public of the rise of Remote Desktop Protocol (RDP) attacks. (Source: SC Magazine)
- Researchers discovered that password managers in Android can be tricked into entering true valid credentials into phishing apps. (Source: Help Net Security)
- Meet Torii, the new IoT botnet that puts the Mirai botnet to shame. (Source: Infosecurity Magazine)
- That’s novel: Seattle law enforcement encourages techies and streamers to sign up to their anti-swatting service. (Source: Ars Technica)
- Adobe patches more than 80 serious flaws in Acrobat and Reader. (Source: Sophos’s Naked Security Blog)
- Five out of six routers are found to have inadequate security updates. Yikes! (Source: ZDNet)
- Evil entrepreneurs in the hacking underground are using blockchain to improve their security posture. (Source: CSO)
- Hack the Marine Corps, a challenge to hack public-facing Marine Corps websites, uncovers 150 vulnerabilities. (Source: Fifth Domain)
Stay safe, everyone!
Alphabet subsidiary and tech incubator Jigsaw, which concentrates on creating solutions for “the toughest geopolitical challenges,” has released Intra, an Android apps that encrypts DNS queries. About Intra Intra encrypts DNS queries so that they can’t be analyzed or manipulated by oppressive governments. Users can get to the wanted (blocked) website or use the wanted (blocked) app and can be sure that the site they were directed to is the site they wanted to visit, … More
The post Jigsaw releases Intra, an Android app that encrypts DNS queries to thwart online censorship appeared first on Help Net Security.
Read more of this story at Slashdot.
Filip Truta for Bitdefender: Researchers use Android password managers to make phishing attacks more practical
“Simone Aonzo, Alessio Merlo, and Giulio Tavella from the University of Genoa and Yanick Fratantonio from EURECOM found that certain Android password managers can be tricked into entering valid login credentials into phishing apps. The trick even works with Google’s try-before-you-buy Instant Apps, which allows users to take apps for a spin without actually installing their contents on the device.”
Graham Cluley, also for Bitdefender: Even with the latest iOS 12 update, your iPhone’s lockscreen is unsafe
“Jose Rodriguez, who has uncovered vulnerabilities in iOS’s lock screen security on a number of occasionsin the past, has produced a video demonstrating an (admittedly convoluted) way of accessing information on locked iOS devices that really should be out of bounds.”
Lawrence Abrams for Bleeping Computer: Roaming Mantis Group Testing Coinhive Miner Redirects on iPhones
Kaspersky has discovered that [Roaming Mantis Group] is testing a new monetization scheme by redirecting iOS users to pages that contain the Coinhive in-browser mining script rather than the normal Apple phishing page.
Pierluigi Paganini: Expert demonstrated how to access contacts and photos from a locked iPhone XS
“…Jose Rodriguez has discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could be exploited … (with physical access to the iPhone) to access photos, contacts on a locked iPhone XS and other devices.
The hack works on the latest iOS 12 beta and iOS 12 operating systems, as demonstrated by Rodriguez in a couple of videos he published on YouTube (Videosdebarraquito).”
Zeljka Zorz for HelpNet: How to minimize the negative effect of mobile device loss or theft
Read more of this story at Slashdot.
Read more of this story at Slashdot.
Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant Apps, a Google technology that allows users to “try” Android apps without the need to fully install them, can make phishing attacks more practical. Android password manager Dashlane suggesting Facebook credentials to a fake malicious app The research Simone Aonzo, Alessio Merlo, and Giulio Tavella from the University of … More
The post Vulnerable Android password managers make phishing attacks easier appeared first on Help Net Security.
Read more of this story at Slashdot.
Security researchers discovered an emerging malware-as-a-service threat from Russia that would allow cybercriminals to infect Android phones with malicious software and block users from running security solutions on their devices.
The offering, called Black Rose Lucy, has a dashboard that shows simulated victims in France Israel and Turkey. This led researchers at Check Point Research to conclude that the Russian-speaking developers have likely run demos for prospective cybercrime groups that are interested in attacking targets in those countries. China is another likely target because it is the largest market for Android devices.
“Given time it could easily become a new cyber Swiss Army Knife that enables worldwide hacker groups to orchestrate a wide range of attacks,” the researchers warned in a threat report dated Sept. 13.
Malware-as-a-service is very much like any traditional cloud service, but instead of subscribing to a harmless application in the cloud, cyberthieves can subscribe to black-market malware services that provide them with all the tools they need to execute attacks.
How Black Rose Lucy Works
Black Rose Lucy has two main components:
- Lucy Loader, a dashboard that allows users to control an entire botnet of victim devices and deploy additional malware payloads.
- Black Rose Dropper, which targets Android phones, collects victim device data and can install extra malware from a remote command-and-control (C&C) server.
To infect phones, the dropper prompts victims to enable the Android accessibility service for an application called Security of the System, which is actually the dropper, according to Check Point Research. When enabled, Black Rose Lucy can grant itself device administrative privileges. When it receives Android Package Kit (APK) files from the C&C server, it installs the files by simulating user clicks.
Black Rose Lucy also has self-protection features. If popular security solutions or system cleaners are launched, it simulates a user click to the “back” or “home” button to exit the tools. The dropper also blocks users from performing a factory reset.
The researchers noted that Black Rose Lucy is likely designed to target China because its dropper pays attention to Chinese security and system tool applications.
How to Protect Your Network From Malware-as-a-Service Threats
The threat alert issued on the IBM X-Force Exchange advised IT organizations to update their antivirus software, apply the latest patches to all applications and operating systems, and monitor their environments for indicators of compromise (IoCs).
Security experts also recommend conducting hands-on security awareness training that includes immersive simulations and promotes organizationwide security buy-in from the top down.
The post New Malware-as-a-Service Threat Targets Android Phones appeared first on Security Intelligence.
Searching For A Legal MP3 Or Song Download App? In this article, we will help you to find out the 10 Best Free Music Download Apps For Android where you can listen to music online and even download them on your device.
Smartphones have completely changed the way we listen and organize our music. People rely on subscription-based services like Spotify and Apple music for enjoying music. Well, if vital music streaming services are not available in your region or you don’t want to pay for your music, then these free music download apps might help you.
List of 10 Best Free Music Download Apps For Android
Soundcloud is an impressive music streaming service that offers an extensive collection of more than 150 million songs. Well, Soundcloud is the only platform where you can listen to remixes, beats, remakes and EDM’s created by upcoming music artists. Furthermore, a majority of indie creators offer permissions to download their tracks.
Apart from music Soundcloud also has a decent collection of shows and finding your favorite podcast won’t be an issue. Moreover, the user interface of the application is very intuitive, and SoundCloud offers the best quality of music.
- Massive Collection Of Songs
- Podcasts And Different Shows
- Good Streaming Speeds
- Paid Subscription For Popular Titles
- Lack Of Exploration Tools
YouTube has a vast collection of songs and music videos uploaded by popular music services like VEVO, T-Series, Sony Music and much more. Well, using TubeMate you can easily convert and download these YouTube videos. Tubemate allows users to convert YouTube videos to MP3 format and save them either on internal or external storage.
Using TubeMate is self-explanatory, and the installation is similar to any other apk file. Tubemate allows users to download a maximum of up to 128kbps bit-rate music. This is decent for casual music listeners, but a majority of audio enthusiasts won’t prefer it.
- Massive Collection Of Content
- Fast Download Speeds
- Ability to store music either on internal storage or SD card
- Unresponsive and buggy UI
- Maximum 128kbps of music
Audiomack is another best music downloader for Android smartphone users. This app offers a vast collection in different genres like Hip-Hop, Rap, R&B, EDM, Reggae music, and mixtapes. Users can easily stream or download music as per their preference. Audiomack also acts as a platform to help upcoming music creators to share their content. Lastly, Audiomack has a clutter-free UI.
- Find & stream music and mixtapes
- Create unlimited playlists
- Unlimited listening & streaming
- Lack of popular and actual music tracks
- Streaming music takes quite a bit of time
4. Simple MP3 Downloader
This application does exactly as the name suggests. Using the app is simple, and search filters like genres, artists or albums enhance the overall experience. Simple MP3 Downloader includes auto-completion features so that as you type, it suggests possible songs of interest. All of the songs downloaded can be located in the downloaded folder.
- A vast amount of content
- Simple To Use UI
- Auto-completion features
- Limited features on the default music player
- Few advanced features
DOWNLOAD Simple MP3 Downloader
5. Rock My Run
Rock My Run is an impressive music listening application for fitness freaks that also doubles up as a best free music download app. Using the application users can download songs from vast public domains. Well, this workout app offers some of the most advanced features like Body Driven Music adjusts music tempo of mixes and playlists to match your steps or goal cadence.
Rock My Run has a clean UI and decent music organization tools. You can select music from genres like Pop, Rock, Hip-hop/Rap, House, Dubstep, Drum & Bass, 80’s, 90’s, Oldies, Christian, R&B, Latin, Reggae, Seasonal, Country, Bmore, Classical. Lastly, the application also has dedicated Marathon playlists.
- Mixes build in BPM
- Ads not too intrusive
- Massive music collection
- You can’t view the actual list of songs in the playlist
- Doesn’t work on low-speed internet connection.
DOWNLOAD Rock My Run
Next android music downloader on the list is SONGily. Using SONGily, you can either stream or download music. SONGily offers accurate search results and has impressive background playback and file transfer features. Furthermore, SONGily has a capable inbuilt music player and inbuilt download manager. Lastly, you can even use SONGily to download Youtube, Facebook, Instagram videos.
- Download history
- No ads
- Many fan-made covers
- Not ideal for downloading popular songs.
- Random download issues
7. Napster Music
Napster Music is one of the best free music download app for android users. This free music download app for android offers an extensive collection of 40 million songs from 35 countries. Apart from songs, Napster Music can also be used for listening to FM radio. Lastly, this song download app also offers capable playlist management tools.
Napster Music comes with a free one month trial, you can continue using it if you like the application by paying a small amount.
- Napster is Ad free
- Download unlimited songs and playlists
- Available For Android, iOS, Windows and Mac
- Playback is often interrupted
- You can’t play music simultaneously on different devices
DOWNLOAD Napster Music
8. Ganna Music
Ganna Music is a perfect application for streaming and downloading Indian Music. Apart from 30 million Bollywood & English songs collection Ganna Music also doubles up as a full-fledged FM Radio. Furthermore, Ganna also offers lyrics for every song on the streaming service.
Upgrading to Ganna Music Plus, you can download unlimited songs for offline listening and sync downloads on five devices.
- Black and white theme
- Music updated daily
- Music in high definition audio quality
- Ads with the free version
- Random issues with music queue
DOWNLOAD Ganna Music
9. Wynk Music
Wynk Music is another capable music streaming and downloading service. This streaming service offers thousands of curated playlists, and you can even follow artists and playlists. One of the major highlights of the Wynk Music is that it supports chromecast.
Similar to Ganna Music you have to pay to download songs, but streaming songs is completely free of cost. Lastly, Wynk Music also has Internet-based Radio and capable exploration tools.
- Personalized recommendations
- High-quality music streaming
- Free music streaming at low internet speeds
- Too many ads in the free version
- Low bit rate music with the free version
DOWNLOAD Wynk Music
10. Saavn Music And Radio
Last application to download and stream music online for free is Saavn. Well, Saavn has possibly the best UI among all of the applications as mentioned earlier. While searching music on Saavn, you can even type lyrics that you remember to play a song.
Similar to all applications you can create and save playlists of your favourite songs. Saavn has a decent organization for different moods or genre.
- 320kbps high-quality audio downloads on Pro version
- Saavn Radio – endless music for any mood, song, or artist
- Saavn Pro has a low subscription charge
- Screen covering Ads on Free version
- Unusable at slow internet speeds
So these were some of the best music downloading and streaming apps for android users. Well, if you made it so far do let us know which music streaming or downloading app do you use. Lastly, do share any other personal recommendation in the comments section below.
Microsoft are quietly trying to eliminate passwords, the company has made an announcement that users of Windows 10 and Office
Android is one of the most vulnerable mobile operating systems with hackers developing new Android malware and banking trojan every 17 seconds. Then, there is Google and questionable security measures to protect users from sophisticated and persistent malware attacks. Recently, Lukas Stefanko, an IT security researcher at ESET has discovered a nasty piece of banking trojan targeting […]
This is a post from HackRead.com Read the original post: Banking trojan found in call recorder app on Play Store – stole over €10,000
Recently, a co-worker received an enticing SMS message from ASPXPPZUPS Human Resources. It read:
Tired of your old job? Join our team today, work from home and earn $6,200 per month: hire-me-zvcbrvpffy.<hidden>.com.
Could it be that our dream job awaits via random text message? On the contrary, this SMS phishing attack could cause nightmares for unsuspecting job hunters.
Don’t quit your day job
In order to investigate this phish further, the first step is browsing to this so-called career-changing website mentioned in the message.Click to view slideshow.
Amazon!? Awesome! Let’s review this exciting position of Prime Agent. Great base salary plus commission! Full healthcare and minimal working hours! Brand new car!? All for a couple of easy job responsibilities you can do from home—Apply now!
Okay, seriously though, if the brand-new car bit doesn’t tip people off this is a ruse, I don’t know what will.
Knowing this is a ruse, let’s proceed forward by clicking Apply now regardless.Click to view slideshow.
This is where I’m a little disappointed in the scammers. This could be an opportunity to gather a person’s full resume, with history of work, education, where they live, and a plethora of other information. Instead, they only ask for name, email, and phone number. Lazy. Still, this is enough to send spam emails and even more SMS phishing attacks.
Adding fake information and turning on a network sniffer, I submitted the information.
As a result, the network capture shows the information going to a amz-jobs-careers.<hidden>/apply.php. After hitting Submit Details, it redirects to amazon.com to make things look legitimate.
Job hunters beware
Many studies have shown that in America, many people are unhappy with their current jobs. For example, the Conference Board conducted a 2018 study reporting that 51 percent of people are satisfied with their jobs, thus leaving 49 percent unhappy. In addition, it’s a job-rich economy right now, which means it’s a great time to be looking if you aren’t happy in your current situation. It’s no wonder scammers are targeting job hunters. For those in the 49 percent, best to stick with more trustworthy methods than through SMS phishing messages.
To aid in the battle against SMS phishing attacks, our premium version of Malwarebytes for Android alerts users of dangerous links in SMS messages. Furthermore, our it also scans phishing URLs when using the Chrome browser, once again alerting on detection.
In case anyone was wondering, I’m fortunate to be in the 51 percent of people happy with their jobs—mainly because I get to protect readers like you! Stay safe out there!
The post Mobile Menace Monday: SMS phishing attacks target the job market appeared first on Malwarebytes Labs.
Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign.
Other cybersecurity news:
- NewEgg attacked by MageCart (Source: Volexity)
- UKGOV tackled the talent gap (Source: The Register)
- Maximum fine touted for Equifax (source: ICO)
- Microsoft Jet engine vulnerability (Source: Zero Day Initiative)
- Always wipe your data (Source: PrivacyFly)
- CCTV ransomware hacker found guilty (Source: The Register)
- Scottish brewery attacked by ransomware (Source: BBC)
- Fake finance apps on Google Play (Source: ESET)
- Malicious login attempts on the rise (Source: Akamai)
- Why identity verification is important (Source: Help Net Security)
Stay safe, everyone!
ESET researchers have discovered malicious apps impersonating various financial services and the Austrian cryptocurrency exchange Bitpanda on Google Play. The fake apps Uploaded to Google’s official app store in June 2018 and collectively downloaded and installed over a thousand times, upon launch the apps would immediately request the user to enter credit card details and/or login credentials to the targeted bank or service. The entered information would then be sent to the attacker’s server, and … More
The post Bogus finance apps on Google Play target users worldwide appeared first on Help Net Security.
Lucian Constantin for Security Boulevard: New Android Botnet Pops Up on Malware-as-a-Service Market – “The toolkit, dubbed Black Rose Lucy by researchers from security firm Check Point Software Technologies, is made up of a back-end control panel dubbed the Lucy Loader and an Android implant called the Black Rose dropper. The malware was created by a team of Russian speaking developers that Check Point calls the Lucy Gang.”
Betanews: Unless you upgrade to Android Pie, a vulnerability leaves your phone trackable — and Google won’t fix it “The vulnerability (CVE-2018-9489) was revealed in a report from Nightwatch Cybersecurity which warns that it can be used to “uniquely identify and track any Android device” and also to “geolocate users”.”
Zeljka Zorz for Help Net: Scan reveals known open source vulnerabilities in popular Android apps – “Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center for Citizen Research (ACI)…. “Critical vulnerabilities were found in many common applications, including some of the most popular banking, event ticket purchasing and travel apps,” the researchers noted.”
Last week on Malwarebytes Labs, we assessed the security of a portable router, identified ways to waste a scammer’s time, named the many faces of omnichannel fraud, questioned the security of 2FAs, profiled a massive tech support scam operation, and exposed a new HMRC phishing campaign.
Other cybersecurity news:
- Trend Micro addressed the burning questions related to their Mac App store apps “stealing user data.” (Source: Trend Micro’s Simply Security Blog)
- There’s a new Trojan horse in town. And one we all have in our mobile devices: apps. (Source: Help Net Security)
- Ransomware has been silent of late. And now we know why. They have become targeted. (Source: Sophos Naked Security Blog Post)
- Tor will release its official Android browser in 2019. (Source: CyberScoop)
- Security researchers noted an increase in the use of the Ramnit banking Trojan. (Source: Help Net Security)
- DARPA wanted to find and dismantle botnets before they are used for attacks. (Source: NextGov)
- Threat actors are using recon malware to spot targets of interest and further infects them. (Source: Threat Post)
- Microsoft purged thousands of tech support scams hiding on its TechNet support domain. (Source: Sophos Naked Security Blog)
- Credentials phished from users, not malware, was found to cause twice as many breaches in 2017. (Source: Help Net Security)
- Project Verify, the new authentication initiative wherein US wireless carriers will serve as their users’ online ID, is in its private beta testing phase. And everyone affected is peeved. (Source: Krebs On Security)
Stay safe, everyone!
Researchers spotted two new Monero malware attacks targeting Windows and Android devices that hide in plain sight and masquerade as legitimate application updates.
Quick Heal Security Labs discovered the new “invisible” Monero mining infection trying to hide on Windows PCs. Once installed, this self-extracting executable unpacks a VBS script, extraction utility, password-protected archive and batch file in the C:/ProgramFiles/Windriverhost directory. It then launches ouyk.vbs to maintain persistence and xvvq.bat to keep the computer on by modifying the PowerCFG command.
Finally, it runs the driverhost.exe mining program, which mines for Monero, while xvvq.bat regularly checks for analysis and antivirus tools using the tasklist command. The infection vector is currently unknown, but Quick Heal speculated that spear phishing and malvertising are likely culprits.
Meanwhile, as noted by Fortinet, the Android/HiddenMiner.A!tr malware attempts to compromise Android devices by posing as an update to the Google Play Store. If installed on an emulator or virtual machine, it shuts down to avoid analysis. If installed on a mobile device, it activates and asks for administrative privileges. If not granted, the malware will continue asking for permission until users allow installation.
Monero Malware Hides in Plain Sight
Along with efforts to avoid analysis, Quick Heal noted that the Monero malware also limits central processing unit (CPU) usage to 35 percent for all mining activity. Given the persistence of the malware and the low CPU cap, users may not encounter the system performance issues and application lag commonly associated with mining attacks, improving the malware’s ability to go undetected for long periods of time.
On the other hand, the HiddenMiner malware is problematic for Android users because it appears in the Google Play Store as an update to the Store itself. As a result, users aren’t surprised by requests for admin rights since the “update” seemingly comes from Google.
How to Mitigate the Threat of Monero Malware
Shutting down these Monero malware tools requires keeping devices up to date and regularly checking desktops for indicators of compromise (IoCs). As noted by IBM X-Force Exchange, the HiddenMiner malware won’t work on Android 7.0 or later thanks to a change in Android PacKage (APK) format that introduced a new signing mechanism. Malware attempting to execute on devices running 7.0 or later will instead return an error message.
IBM security professionals also recommend targeting common IoCs to detect mining malware. As noted by Quick Heal, a flaw in the xvvq.bat file means it only kills driverhost.exe if taskmgr.exe is running — making it easier for security teams to track down the driverhost.exe IoC and take action to remove the malware.
The post Two New Monero Malware Attacks Target Windows and Android Users appeared first on Security Intelligence.
Naked Security - Sophos