Collaborate Disseminate
When it comes to security updates, Android is a real mess.
Even after Google timely rolls out security patches for its Android platform, a major part of the Android ecosystem remains exposed to hackers because device manufacturers do not deliver patch… Continue reading Google Makes 2 Years of Android Security Updates Mandatory for Device Makers
A few hours ago the company announced its “non-shocking” plans to shut down Google+ social media network following a “shocking” data breach incident.
Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google ha… Continue reading From Now On, Only Default Android Apps Can Access Call Log and SMS Data
In Q2 2018, Kaspersky Lab published two blogposts about Roaming Mantis sharing details of this new cybercriminal campaign. During our research, it became clear that Roaming Mantis has been rather active and has evolved quickly. The group’s malware now supports 27 languages, including multiple countries from Asia and beyond, Europe and the Middle East. Continue reading Roaming Mantis part III: iOS crypto-mining and spreading via malicious content delivery system
In early 2018 we found a suspicious Android sample that, as it turned out, belonged to an unknown spyware family. Further investigation showed that the malware, which we named BusyGasper, is not all that sophisticated, but demonstrates some unusual features for this type of threat. Continue reading BusyGasper – the unfriendly spy
The growing popularity of car sharing services has led some experts to predict an end to private car ownership in big cities. But information security specialists have started raising some pertinent questions: how are the users of these services protected and what potential risks do they face in the event of unauthorized access to their accounts? Continue reading A study of car sharing apps
If you are wondering how to receive latest updates for an Android app—installed via a 3rd party source or peer-to-peer app sharing—directly from Google Play Store.
For security reasons, until now apps installed from third-party sources cannot be updat… Continue reading Google Solves Update Issue for Android Apps Installed from Unknown Sources
In May, while monitoring Roaming Mantis, aka MoqHao and XLoader, we observed significant changes in their M.O. The group’s activity expanded geographically and they broadened their attack/evasion methods. Their landing pages and malicious apk files now support 27 languages covering Europe and the Middle East. Continue reading Roaming Mantis dabbles in mining and phishing multilingually
ZooPark is a cyberespionage operation that has been focusing on Middle Eastern targets since at least June 2015. The threat actors behind the operation infect Android devices using several generations of malware, with the attackers including new features in each iteration. Continue reading Who’s who in the Zoo
We found that because of third-party SDKs many popular apps are exposing user data to the internet, with advertising SDKs usually to blame. They collect user data so they can show relevant ads, but often fail to protect that data when sending it to their servers. Continue reading Leaking ads
In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. During our research we received some invaluable information about the true scale of this attack, we decided to call it ‘Roaming Mantis’. Continue reading Roaming Mantis uses DNS hijacking to infect Android smartphones