Researchers create prototype Android clickjacking rootkit

by 2 years ago

Researchers at NC State University have found¬†a weakness in the Android framework (meaning the Android GUI and services, not the underlying Linux kernel) which has allowed them to create a proof-of-concept prototype rootkit that can alter which apps are launched when an icon is tapped. The result is that malware could easily install fake apps which look and feel the same as normal apps but which steal information off the phone. The example given by Xuxian Jiang, who led the research¬†team, shows how malware could hide the smartphone‚Äôs built-in browser and replace it with a browser that looks and acts…

Researcher develops Android app that can steal credit card information via NFC

credit card
by 2 years ago

Images_of_Money/Flickr German¬†security¬†researcher Thomas Skora has developed an app that can read the details off a contactless credit / bank card using¬†an NFC-enabled (near field communications) handset. The app, which appeared¬†briefly¬†in Google Play before Google removed it, can read the card number, issue date, expiry date, and bank code from contactless cards. Skora was only able to test his app using German PayPass Mastercards, but it is also believed to work on Germany‚Äôs popular GeldKarte. However, the technology behind the different cards is very similar, and if he managed it with one bank’s card then it is probably possible with them…

Kaspersky finds mobile versions of the Zeus trojan posing as fake Android security software

android trojan
by 2 years ago

Android’s security concerns have been the primary focus of an on-going debate for a while now. Google has been trying to fend off malicious app developers, with the introduction of a new security system called “Bouncer”,¬†but we have still seen over 5,000 malicious apps already in just the first quarter of 2012. In what is a further cause for concern, Kaspersky Labs Expert Denis Maslennikov¬†has uncovered a fake Android security application that steals incoming SMS messages from infected devices. In a blog post, he wrote that he discovered at least 6 files that go under the name “Android Security Suite…

Anti Spy Mobile: Your self-defense against privacy and malware threats

by 2 years ago

Making your smartphone “smarter” also means granting it permission to do certain things. Some apps collect usage statistics, for example, and others read your e-mails and messages. That’s not really a problem when you’ve downloaded your app from a trusted developer, but what happens when you’ve been bitten by the app bug and you go on an app downloading spree? Not every app on the Google Play store is safe, and some of them could be collecting all sorts of information from your device for some nefarious and dastardly end. Some discriminating device users will avoid apps that ask for…

Researchers fool Google’s Android malware Bouncer by “fingerprinting” it

by 2 years ago

In February of this year, Google revealed some details of a new malware scanner which it had been developing during the latter half of 2011. Dubbed “the Bouncer”, the automated service runs each app submitted to Google Play to see if it has any malicious intentions. According to Google’s initial figures, the Bouncer has been responsible for a 40% drop in malicious apps available in Google Play. However, this week security researchers¬†Jon Oberheide and Charlie Miller will present a new method they have developed which allows them to bypass the Bouncer and successfully submit malware to Google Play. As with…

How secure is Android?

by 2 years ago

Mobile device usage continues to climb and companies like Google and Facebook are working hard to cash in on the potential revenues¬†available¬†from mobile users. But they aren’t the only ones trying to make money from mobiles. Cyber criminals, organized crime gangs and malware authors are also trying to get a slice of the pie. As an Android user, it is important to step back a moment and look at the security implications of using a mobile device, and more¬†specifically¬†of using an Android based mobile device. Physical access Before looking at all the sophisticated ways hackers can try and steal data…

Best Antivirus Apps for Android

by 2 years ago

UPDATE: We have an updated Best Android antivirus app list, click here to see. With startling headlines like “Number of malicious Android apps grows by 2200% year over year” and “86% of all malware delivered via repackaging of legitimate apps” it is worth looking at what measures you can take to protect yourself from malware. Besides common sense items like not downloading apps from an untrusted app store or not installing apps which ask for odd permissions (like a game wanting SMS¬†permissions), there is the option of installing an anti-virus app for your device. There are quite a few big…

UK company involved in fake apps scam fined $78,000, told to refund money

Angry Birds Space
by 2 years ago

Unsuspecting victims of fake versions of¬†Angry Birds, Assassin’s Creed and Cut the Rope, posted on third party Android app stores, will be getting their money back, after the UK phone regulator¬†PhonepayPlus took action against the premium rate number provider, A1 Agregator Limited. The fake apps contained malware which charged vicitm’s¬†¬£15 ($23) every time one of the apps was opened. The malware did this by sending three ¬£5 premium rate texts. Once they were sent, the malware hid the sent and received messages that would normally notify the user that the text incurred a charge. The first time victims would know…

Android Malware Genome Project shows that 86% of all malware delivered via repackaging of legitimate apps

by 2 years ago

The Department of Computer Science at the North Carolina State University has started the Android Malware Genome Project in an attempt to dissect Android based malware and see what makes it tick. The researchers are working with a collection of some 1,200 examples of Android malware, including the very first Trojans found in August 2010. The team has started to systematically analyze the malware and create a database of the varying characteristics, including how the malware gets installed, how it is activated, and the nature of the malicious payloads. Not surprisingly, one “discovery” made by the team is that malware…

Why you should always upgrade to the latest version of Adobe Flash Player

by 2 years ago

It is¬†likely¬†that you have some Adobe software installed on your PC or Mac. It could be Adobe¬†Acrobat¬†Reader, it could be¬†Adobe¬†Air, or it could be Adobe Flash Player. Flash is so popular that Google ships it as a built-in plugin for its Chrome web browser. It is also¬†likely¬†that you have some Adobe software on your Android device, and it would be one (or all) of the same three listed above. All very nice – you can view PDF files on your PC and on your mobile device, you can use Flash on your PC and on your Android phone. But there…