Collaborate Disseminate
Researchers say mobile malware purveyors have been abusing a bug in the Google Android platform that lets them sneak malicious code into benign mobile apps and evade security scanning tools. Google says it has updated its app malware detection mechanisms in response to the new research. Continue reading How Malicious Android Apps Slip Into Disguise
James Kilner contributed to the technical editing of this blog. Nethanella Messer, Segev Fogel, Or Ben Nun and Liran Tiebloom contributed to the blog. Although in the PC realm it is common to see financial malware used in web attacks to commit fraud, in Android-based financial malware this is a new trend. Traditionally, financial malware […]
The post A View Into Web(View) Attacks in Android appeared first on Security Intelligence.
Nethanella Messer and James Kilner contributed to the technical editing of this blog. IBM Trusteer researchers continually analyze financial fraud attacks in the online realms. In recent research into mobile banking malware, we delved into the BrazKing malware’s inner workings following a sample found by MalwareHunterTeam. BrazKing is an Android banking Trojan from the overlay […]
The post BrazKing Android Malware Upgraded and Targeting Brazilian Banks appeared first on Security Intelligence.
Continue reading BrazKing Android Malware Upgraded and Targeting Brazilian Banks
A malicious version of a popular modification or “mod” of the encrypted messaging app WhatsApp is carrying a mobile trojan that can launch advertisements, issue paid subscriptions and intercept text messages, security researchers said Tuesday. According to Kaspersky, hackers inserted the Triada trojan into a modified version of FMWhatapp, a WhatsApp mod. Such mods have a following among users who want to customize WhatsApp, such as being able to send larger files or apply custom animated themes. FMWhatsapp isn’t available on the Google Play store and is only available via third party websites, which means users who desire the extra features the mod offers don’t get the security protections inherent in more officially-vetted apps. Kaspersky first spotted Triada in 2016, when the company deemed the hacking tool “one of the most advanced mobile Trojans our malware analysts have ever encountered.” Users grant FMWhatsapp permission to read SMS messages, Kaspersky said, […]
The post Hackers exploit WhatsApp modification tool to snoop on texts, force paid subscriptions appeared first on CyberScoop.
A new Android malware strain ‘Ghimob’ is mimicking third-party mobile (mainly banking) apps to spy and steal user data when downloaded and installed. This Trojan virus steals data from users, primarily targeting online banking and cryptocurrency. As of the end of 2020, it is believed to siphon data from more than 153 apps by asking […]
The post What is Ghimob Malware? appeared first on Security Intelligence.
Facebook on Wednesday exposed what it said was a long-running hacking campaign targeting Uighurs living around the world and supported by Chinese technology firms. The scheme was aimed at journalists and dissidents, and affected Uighurs living in places like as far-flung as U.S., Turkey and Australia. It involved fake Facebook personas duping targets into clicking on links, as well as malicious Android and iOS software, Facebook said. Facebook said it’s aware of less than 500 people whom the campaign targeted. Facebook’s investigators traced the Android malware developers in the hacking campaign to Chinese firms Beijing Best United Technology and Dalian 9Rush Technology. Neither could be reached for comment on Wednesday. China has a history of allegedly using front companies as cover for its hacking operations. The hacking campaign began as far as back as 2019, and Facebook executives said they expected the attackers to continue their spying efforts. It’s only […]
The post China-based hackers used front companies to hack Uighurs, Facebook says appeared first on CyberScoop.
Continue reading China-based hackers used front companies to hack Uighurs, Facebook says
In one of his regular sweeps for new malicious software targeting Android phones, security researcher Vitor Ventura came across what looked like a run-of-the mill hacking tool. Like so many pieces of code before it, the malware was capable of stealing information from a mobile device and sending it back to a command and control server. But when Ventura dug deeper, he found that the remote access trojan (or RAT, as the tool is commonly known) was capable of surreptitiously recording conversations and taking screenshots. Spying, rather than immediately making money off of the illicit access, was the apparent goal. On Tuesday, Ventura and his colleagues at Talos, Cisco’s threat intelligence unit, publicly connected the new Android tool to the malware developers behind a multi-year effort to spy on people from South America to Bangladesh. Much about the people behind the hacking campaign is a mystery. Ventura and his colleagues […]
The post New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing appeared first on CyberScoop.
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more. Continue reading Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping
Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible. Continue reading ‘Minecraft Mods’ Attack More Than 1 Million Android Devices
The DoNot APT threat group is leveraging the legitimate Google Firebase Cloud Messaging server as a command-and-control (C2) communication mechanism. Continue reading Firestarter Android Malware Abuses Google Firebase Cloud Messaging