A new piece of malware, dubbed FireLeaker, has been found by NQ Mobile’s Security Research Center. Unlike other types of malware, which send premium rate SMS message or install a keylogger to try and steal password and banking information, FireLeaker wants your contacts and system information.
What FireLeaker does is collect your contacts and then uploads them to a remote server. The precise reason for this data stealing isn’t yet known, but most likely the information will either be sold on to e-mail spammers, who will bombard people in your address book with all kinds of unsavory and strange offers; or it will [...]
A couple of weeks ago Trend Micro spotted a fake version of Skype for offer. Now Microsoft, who own Skype, has published some more details about this malware dressed up as a legitimate app.
How the malware works is like this: once an unsuspecting user installs the app, it sends SMS messages to premium rate numbers without the users’ consent. This costs the user money which goes straight into the malware author’s pockets.
The problem for the victim is that the charges for the premium SMS messages will most likely only be seen once the next bill arrives and long after the app has been uninstalled (as the victim realizes that it isn’t a legit version of [...]
It’s no secret to Android fans that the security of their favorite mobile platform has been often questioned after various malware programs managed to bypass security measures and affect Android devices – quite a few malware-containing apps even made it to the Google Play store. In addition to that, the Android devices themselves were prone to being attacked by smart hackers that knew what to look for in order to trigger malicious actions on the device.
But that doesn’t mean Google hasn’t paid special attention to these exploits. In fact, it looks like Jelly Bean’s security has been significantly improved to prevent future malware [...]
Based on image from Symantec
A nasty bit of malware known as Android.Dropdialer has been hiding out in Google Play since June 24 and has managed to generate somewhere between 50,000 to 100,000 downloads. The malware was hidden inside two games “Super Mario Bros.” and “GTA 3 Moscow City”. The malware was discovered by Symantec and was removed from the Play store once Google was notified.
The malware managed to remain undetected for so long because the malicious components where downloaded separately, from a Dropbox account, and did not form part of the original package submitted to Google Play. “What is most interesting about this [...]
A new report by Trend Micro paints a worrying picture about the number of malicious Android apps in existence. According to the report, which was created by Trend Micro’s TrendLabs threat response team, there were just 5,000 malicious Android apps in circulation during the first three months of 2012. However that number has quadrupled between April and June to 20,000. The vast majory of these apps reside in unreliable third party stores. However, Trend also discovered that 17 apps did manage to get into Google Play and were downloaded over 700,000 times before they were removed.
Trend Micro Around 30% of the malicious apps found disguise themselves as highly popular [...]
Android’s security issues are well-known, documented and much debated, but even with the introduction of a new “Bouncer” system, the number of malicious apps in Google Play doesn’t seem to be dropping.
The latest malware app to be discovered is called (or rather was called) “Find and Call” and has already been removed from Google Play. What’s interesting is that the spam-sending app managed to make its way to iOS as well, a platform that has been praised as much more secure than Android.
In fact, the discovery of “Find and Call” in Apple’s App Store can be called iOS’ biggest security vulnerability ever, questioning what many thought to be the best designed and [...]
Yesterday, I wrote about evidence that suggested the existence of an Android botnet which was under control of spammers and is being used to send out spam via Yahoo! Mail. The accusation came from Terry Zink over at Microsoft.
Of course, once Google heard about this, they weren’t too happy! The creators of Android issued the following statement: “The evidence does not support the Android botnet claim. Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they’re using.” So the question is who is right?
In light of the “scandal”, [...]
Cyber security experts from Microsoft have spotted real-world examples of spam email sent, not from a dedicated spam server, but from Android phones. The spam being sent is the run-of-the-mill type trying to sell fake Rolex watches and other items (which can’t be mentioned in polite conversation) and their existence implies that the spammers have control of an Android based botnet. A botnet is a group of private resources (traditionally desktop PCs or servers) which have been infected with malware. Once infected the spammers can control the device and use it to send spam emails. This way they don’t consume their own resources in sending the [...]
Researchers at NC State University have found a weakness in the Android framework (meaning the Android GUI and services, not the underlying Linux kernel) which has allowed them to create a proof-of-concept prototype rootkit that can alter which apps are launched when an icon is tapped. The result is that malware could easily install fake apps which look and feel the same as normal apps but which steal information off the phone.
The example given by Xuxian Jiang, who led the research team, shows how malware could hide the smartphone’s built-in browser and replace it with a browser that looks and acts the same but steals banking information and login credentials as the [...]
German security researcher Thomas Skora has developed an app that can read the details off a contactless credit / bank card using an NFC-enabled (near field communications) handset. The app, which appeared briefly in Google Play before Google removed it, can read the card number, issue date, expiry date, and bank code from contactless cards.
Skora was only able to test his app using German PayPass Mastercards, but it is also believed to work on Germany’s popular GeldKarte. However, the technology behind the different cards is very similar, and if he managed it with one bank’s card then it is probably possible with them all! Once news broke [...]