Category Archives: apps

Kaspersky Lab official blog: Mobile beasts and where to find them — part one

In recent years, cybercriminals have been increasingly fixated on our phones. After all, we never part company with our smartphones; they are our primary means for storing personal docs and photos, communicating, and taking pictures. We even use them as tickets and wallets, and much more besides.

They also store oodles of valuable data that can fetch a handsome reward in certain quarters. And mobile devices are excellent for other malicious purposes as well. So there’s no shortage of smartphone malware out there.

Last year we caught 42.7 million pieces of malware on smartphones and tablets. For this series on mobile malware, we divided them into several types according to purpose and behavior. In part one, we look at three fairly common types.

 

Adware: Ad clickers and intrusive banners

 

One of the most common types of mobile infection comes in the shape of adware. Its task is to increase the number of clicks on online banners either automatically or manually (by exploiting users). Some just show you unwanted advertising.

In the first case, you don’t even see the ad, but the clicker uses up your smartphone’s resources, including battery charge and data. The infected smartphone dies in just a few hours, and the next bill may hold an unpleasant surprise.

The second type of adware replaces online banners with the ones of its own, and drowns the user in so many ads that, like it or not, they end up following some links. In many cases, the flow of spam is so overwhelming that the device becomes impossible to use — everything is smothered with ad banners.

Some malware also collects information about your online habits without asking. This data then ends up in the hands of advertisers, who use it to fine-tune their advertising campaigns. What’s more, banners can link to malicious sites where your device might pick up something even worse.

 

SMS and Web subscribers

 

The second type of malware we discuss today is subscribers, also known as Trojan clickers. Their job is to steal data from your mobile account, where thievery is much simpler because it bypasses card numbers, which tend to be under tighter guard. The funds flow out through WAP or SMS billing, and in some cases through calls to premium numbers at the victim’s expense.

See here for details of what WAP is and how cybercriminals exploit it. To take out a paid subscription in your name, all the WAP clicker needs do is click on the relevant button on the site. SMS malware requires permission to send messages, but many users give it to any app without a second thought. Programs that waste your money on IP telephony have a slightly harder task: They have to register an account with the service.

A striking example of a subscriber is the Trojan Ubsod. This pest is a WAP specialist. To conceal its activity for as long as possible, it deletes all SMS messages containing the text string “ubscri” (a fragment of the word “subscribe” or “subscription”). Moreover, it can switch from Wi-Fi to mobile Internet, which is required for WAP operations.

Fortunately, getting rid of unwanted subscriptions isn’t complicated; all subscriptions are displayed in the user’s personal account on the operator’s website. There, you can delete them and even forbid new ones from being linked to the phone number (though in some cases such a block can be imposed only temporarily). The main thing is to notice money leaking from your account as early as possible to prevent a deluge.

 

SMS flooders and DDoSers

 

These two categories combine malware that instead of downloading, sends data — lots of data! And they do it on the sly without requesting permission. Scammers are able to make a pretty penny from ruining other people’s lives at your expense.

As such, SMS flooding is often used by hooligans to tease their victims or disable their devices. A user can willingly install a flooding app on his or her device to swamp their enemies with thousands of SMS messages. But many go further and try to send messages at others’ expense, surreptitiously planting the malicious app on the devices of unsuspecting owners.

DDoSers are able to overwhelm not only smartphones, but also far more powerful devices and even major online resources. Cybercriminals do so by combining infected gadgets into a network, known as a botnet, and bombarding a victim with requests from it. Incidentally, clickers can also act as DDoSers when trying to open the same Web page countless times.

Both flooders and DDoSers try to use your smartphone to harm third parties. But you too will suffer from the load on your device’s battery and processor, not to mention your wallet. Typically, such programs are not widely distributed, but in July 2013, the SMS flooder Didat made it into the Top 20 malicious programs sent by e-mail.

 

The further you get, the harder the going

 

To be honest, the types of mobile miscreants we’ve covered today are small fries. At worst, they’ll siphon off a bit of cash from your phone account and frazzle your nerves. In any event, many of them are easy to detect and remove with the help of antivirus software.

In the chapters to come, we’ll discuss some villains higher up in the pecking order. Keep track of updates and remember the rules of mobile security:

  • Don’t install apps from third-party sources, or better still, block them in the operating system settings!
  • Keep your mobile OS and all installed apps updated to the latest versions.
  • Protect all of your Android devices with a mobile antivirus solution
  • Regularly check the list of paid services in your personal account with your mobile operator and disable anything that you didn’t subscribe to yourself. If you see a subscription you don’t recognize, immediately scan the entire device for viruses.
  • Always read the list of permissions requested by an app, and grant only what’s absolutely essential.


Kaspersky Lab official blog

GitHub Marketplace is allowing developers to upload apps for free

Developers can now upload apps to the Github Marketplace for free

GitHub, a source code management platform, is celebrating first anniversary of its GitHub Marketplace, a developer-focused app store, by opening the marketplace to more developers. It is allowing anyone to list their app along with a free product on the marketplace without having to pay.

For those unaware, GitHub had released GitHub Marketplace last year to promote, share, and sell the developer tools built on GitHub and to also create a single destination for developers community to discover the apps and services they need without setting up multiple accounts or payment methods. The Marketplace is divided into five different categories, including code quality, code review, continuous integration, monitoring and project management. Also, the platform offers support for several popular apps like Travis CISentry and Waffle.

Currently, GitHub Marketplace has more than 100,000 users and offers almost 50 different tools that makes it easier for the developers to build apps and help them build a business. In the past one year, GitHub Marketplace has managed to attract products from the likes of Travis CI, BackHub, ZenHub and Microsoft for its platform. By opening the marketplace to everyone and allowing users the flexibility to use third-party services, GitHub is looking not only to grow its marketplace but also have a competitive edge over rival products, like Atlassian’s Bitbucket and Gitlab.

In April, instead of making the users wait for manual approval to include themselves on the platform, it allowed them to do it on their own. It has also introduced free trials of paid apps for developers that lets them try app free for 14 days to ensure that they are selecting the right tool for their team. According to GitHub, by supporting a free trial, can increase developers’ revenue by 43 percent. Additionally, apps that offer free trials now account for more than 60 percent of Marketplace’s revenue.

Source: TNW

The post GitHub Marketplace is allowing developers to upload apps for free appeared first on TechWorm.

3 Ways to Strengthen Your Family Bond this Summer (Without Ditching Your Devices)

My parents recently went through a health crisis that required me to travel to be with them for several weeks. During that time, I started using FaceTime on my iPhone to daily connect with my teenage daughter back home. Until this life event, I wasn’t one to video chat. However, the live video technology of FaceTime bridged the miles between us in a way texting, calling, or social media scrolling simply couldn’t. Happily, the grandparents kept the habit up, and now FaceTime has become a powerful daily connection tool for our family that lives 2,000 miles apart. In fact, FaceTime has replaced Facebook and texting as our preferred check-in tools.

Small Shifts, Big Power

This small but powerful shift got me thinking.

How many other digital tools do I have at my disposal that could actually strengthen rather than chip at our family bond? With a child now headed off to college in just weeks, the goal this summer is to spend more quality time with her while exploring digital ways to keep our connection strong once she moves to campus.

My views on technology use in the family have changed significantly over the years. Like many parents who contribute to the conversation in this space, I have gradually shifted my parenting approach from one of anxiety and monitoring to equipping and balance. The change has been cultural as well as practical; the older my children became, and the more filtering tools evolved, so too, did my view of technology within our family.

Even so, the storm clouds loom. I’m reminded daily that unless we intentionally seek and strike a balance in our collective tech use, our family relationships could easily (and irreversibly) go by the wayside. So how do we make a dent in this effort to stay connected — not just in theory — but a real dent? How do we find that elusive balance that preserves, protects, and nurtures family relationships and at the same time keep step with the professional and cultural demands technology puts on each one of us?

We do it (I’ve humbly resolved) with much intention. And, we do it with reality and balance at the helm of our efforts. Spending more quality time together — as FaceTime taught me — isn’t necessarily void of devices. Here are just a few ideas our family hopes to implement this summer you might find useful as well.

Three ways to boost the family bond

  1. Discuss your summer goals together. Unless you parent kids 13 and under, the days of handing down technology mandates are over. Devices are now too ingrained in our educational system and in the social fiber of older kids to attempt issuing no-tech edicts. This reality makes any effort to build stronger family relationships a genuine team effort. So, let’s get talking! Summer goes quickly, so ask your kids what they’d like to achieve this summer as a family. Is it more camping trips? A beach adventure? Family movie nights? More family dinners? Whatever picture emerges, follow up with, “How do we achieve that goal?” Get out a calendar and put your goals in ink! As Antoine de Saint-Exupery has said, “A goal without a plan is just a wish.” Put the power in your kids’ hands, so everyone shares the path to achieving the goal.
  2.  Set ground rules to protect family time. We don’t have to banish technology to boost our family bond. We can, however, agree on standards that everyone can happily buy into. Setting summer ground rules depends on your summer goals, the age of your kids, and your family dynamic. Here are some basics to get you thinking: 1) No devices at the dinner table, restaurants, or during short drives. These times are set aside for one-on-one conversations. 2) Put your phone away when a family member enters the room. Prioritize the living, breathing person in front of you ahead of the ding on your phone. 3) No devices during movie nights, beach days, hikes, or any other official family event.
  3. Try new technologies. Finding common ground between family members is one sure-fire way to strengthen a bond. Can we admit that sometimes we don’t know what we don’t know? What is your son or daughter’s favorite video game? What exactly do they enjoy about it? To figure this out, try it for yourself. Join them (even try to beat them) on that digital battlefield. What’s the big deal about all those funny Snapchat filters? Open an account and find out; it’s easy. Explore apps specifically designed to build personal connections. There are chat, photo, location, family journaling apps, family tree, and online games such as Words with Friends and Trivia to play together. And remember: When exploring new apps, make sure you have both your security software and privacy settings fired up on all devices.

Technology isn’t winning and the family isn’t losing. The world is just changing and as parents, we can find creative, strategic ways to change with it. By working with and not against your family’s love of devices this summer, it may just be possible to hit a stride that works for everyone. With some open discussion and small shifts, you too might find surprising new ways to connect hearts and adventure together.

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures).

The post 3 Ways to Strengthen Your Family Bond this Summer (Without Ditching Your Devices) appeared first on McAfee Blogs.

Facebook suspends 200 apps for misusing user data

Facebook suspends 200 apps over data misuse investigation

In the wake of Cambridge Analytica scandal wherein 87 million Facebook users’ data were collected without their explicit consent, the social media giant has now suspended 200 apps on its platform over uncertainties of misusing user data as part of the first phase of an investigation into third-party apps. In order to avoid a second Cambridge Analytica data scandal, it has also investigated thousands of other apps that may have misused people’s personal data.

Ime Archibong, Facebook’s Vice President of Product Partnerships, in a company post on Monday said:

“We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date thousands of apps have been investigated and around 200 have been suspended – pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015 – just as we did for Cambridge Analytica.”

This action taken by Facebook comes after CEO Mark Zuckerberg in March had promised that the company would “investigate all apps that had access to large amounts of information.”

In their audit, the company examined how many third-party apps especially those created before Facebook’s data policies were changed in 2014 had widespread access to user information. For those unaware, in 2014, Facebook had changed its policies to no longer allow developers accessibility to information of their app users’ friends. This year the company said it is further restricting the amount of information developers are supposed to gather.

The social network will be conducting a “thorough investigation” to check whether these apps have misused user data or not.

Ime Archibong, claims the audit is “in full swing”, and consists of two stages:

“First, a comprehensive review to identify every app that had access to this amount of Facebook data. And second, where we have concerns, we will conduct interviews, make requests for information (RFI) — which ask a series of detailed questions about the app and the data it has access to — and perform audits that may include on-site inspections.”

While Facebook did not mention the 200 suspended apps in question, there is also no clarity as to how long will the investigation take. However, Archibong in his post wrote, “There is a lot more work to be done to find all the apps that may have misused people’s Facebook data – and it will take time.”

Apparently, even the 200 suspended apps are expected to be further investigated via interviews and RFI requests. If the audit happens, the chances of the number of third-party apps going up is likely.

The post Facebook suspends 200 apps for misusing user data appeared first on TechWorm.

Could You Have a Toxic Relationship with Your Smartphone?

It’s the elephant in the room no one wants to talk about: our devotion to and dependence on our smartphones. For most of us, our children included, smartphones have become an appendage; a limb of voracious digital consumption and social obligation that keeps us scrolling, refreshing, swiping, and responding with no end in sight.

Any friend or psychologist would encourage us to rid ourselves of toxic relationships that hinder — even threaten — our emotional and physical well-being, but what if that relationship is with a smartphone? Would you be willing to give it up (or reset the relationship) if you knew it was toxic?

Researchers are increasingly debating the impact of the smartphone on our emotional well-being, and the debate often returns to striking a balance between the ethical design of technology versus corporate profitability. One of the most compelling arguments is that of researcher Tristan Harris, a former Google Design Ethicist, on a crusade to inspire people to stop clicking and start caring about how technology is intentionally designed to shape the behavior of the people who use it. Harris has launched a nonprofit called Time Well Spent. His viral TED Talk proposes a renaissance in online design that can free tech users from being manipulated by apps, websites, and advertisers as the race for user attention increases.

From Facebook notifications to Snapstreaks to YouTube auto plays, Harris argues that our online behavior is anything but random. Instead, our thoughts and feelings are being carefully manipulated by technologists behind the scenes persuasively competing for more and more our attention.

Not convinced you among the tech lemming crowd? I wasn’t either. But the discussion got me thinking and inspired me to make some specific changes to test my smartphone dependence.


5 Ways to Drastically Reduce Smartphone Dependence

  • Turn your phone to grayscale mode (google how to do this – it’s amazing)
  • Turn off all push notifications (reclaim your attention span).
  • Park your phone in one physical location (stop carrying it everywhere).
  • Stand up when you use your phone (no more getting cozy for hours).
  • Ban your phone from the bedroom (get an alarm clock).

I made these changes for a week and here’s what happened.

Not as interesting, right?
Grayscale mode, iPhone.

Absolutely no fun in sight for the first three days. Initially, I felt overcome with a sense of vulnerability, panic even that suddenly, somehow, I wasn’t in control of something. I felt an overwhelming need to check my phone every 15-30 minutes. That time gradually increased to about an hour by the third day. Not having my phone nearby, I was sure I’d miss out on something important. For the first few days, I constantly felt as if I had lost something and I’d get up and wander around before realizing my phone was docked safely in the kitchen — just like when I was growing up and had to physically walk to the kitchen to use the phone. I resolved to check my phone once every three hours rather than carry it with me from room to room. When I did check it, surprisingly, the world had not collapsed without my attention to it. I found an average of three texts (two from family with non-critical comments, and usually, one discount text from a retailer).

Because I turned my screen grayscale (wow, what a game changer!) I didn’t feel the anticipation of checking social media, scrolling, reciprocating, uploading, or commenting. My phone in the grayscale mode made using it stale, almost irritating. I realized looking at my phone in grayscale that I being overly influenced and pulled by pretty pictures and all the colors, sounds, links, and prompts, which had come to own my attention. Sadly, I was giving my time to this relationship without any meaningful, lasting benefit coming back to me. I was in a toxic relationship, and something had to change.

By the end of the week, I felt awesome, empowered almost. I had successfully distanced myself from a toxic relationship and redefined it on my terms. I also realized something profound: There’s an unspoken cost to unbalanced technology use I’m not willing to hand over any longer, and that is my time.

When I parked my phone in the kitchen, banned it from the bedroom, and refused to sit down with it, I noticed patches of extra time magically appear in my day. What could I do with all the time I once poured into my phone? As it turns out, quite a lot.

I’m keeping my new habits, and I’m encouraging my family to do the same for a good reason. Here’s what we know: Kids are spending more time on digital devices than ever before, and that trend has no reason to reverse. Anxiety disorders linked to social media use is at an all-time high. Also, researchers are confirming the link between technology, depression, and suicide among youth.

I’m not willing to just go with the flow on this one. There’s just too much is at stake.

Take the challenge: Are you willing to take specific steps (like the ones listed above) to rethink and redefine your relationship with your smartphone?

Let us know the highs and lows of your experience by commenting below. We’re cheering you on.

 

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures). 

 

The post Could You Have a Toxic Relationship with Your Smartphone? appeared first on McAfee Blogs.