Search Results for: android malware

At Black Hat Asia, a team of Trend Micro security researchers claimed that millions of Android devices are infected with malware before they leave the factories.

One of the most effective ways of infecting Android devices is to do so before they even make it into the hands of customers. First spotted by The Register, operations may have been going on since at least 2017.

Continue reading →

Over 140 apps on the Google Play store have been discovered to contain malicious Windows executable files.

Researchers at Palo Alto Networks found that among the infected apps, several had more than 1,000 installations and carried 4-star ratings.

Continue reading →

It has been quite some time -- nearly a year in fact -- since we were talking about the Dirty COW vulnerability affecting the Linux kernel. Now the vulnerability is back, but this time it is Android users who need to be concerned.

The privilege escalation vulnerability has been exploited by a piece of malware by the name of ZNIU, or AndroidOS_ZNIU. The malware uses the Dirty COW exploit to root devices and install a backdoor which can then be used to collect data and also generate profit for the attackers through a premium rate phone number.

Continue reading →

Millions of Android devices could have been affected by a new auto-clicking adware program found in apps developed by a Korean company.

Uncovered last week by security company Check Point malicious apps included a series of casual cooking and fashion games under the 'Judy' brand.

Continue reading →

Malware is something of a recurring problem for Android users, and it seems as though Google is fighting a never-ending battle to keep the blight out of the Play Store. The latest large-scale batch to be discovered takes the form of adware known as FalseGuide.

As you may have guessed from the name -- and your own experience of Google Play -- this malware spreads by fooling people into installing apps purporting to be guides to popular games. The apps themselves are fairly innocuous -- and often are guides as they claim to be -- but they then download additional modules which can be used to bombard users with ads.

Continue reading →

Despite being based on the very secure Linux kernel, Android isn't necessarily a very secure operating system. Unlike iOS which does a great job of shielding its users from installing apps from outside Apple's own App Store, it is far too easy to do so on Google's mobile OS. Also, there is nothing requiring manufacturers to issue device updates, meaning many users are forced to use outdated and vulnerable versions of the operating system.

For the most part, however, Android users can remain safe by acting intelligently, such as only installing apps from the Play Store. Well, that might not be so true anymore. You see, it has been discovered that many models of Android smartphones -- from manufacturers such as Samsung, LG, and even Google's own Nexus line -- are being sold with malware pre-installed. This is particularly bad malware, as it can steal user information. Some devices even came pre-loaded with ransomware!

Continue reading →

When we take a look at the Android distribution updates that Google posts every month one thing seems to never change, and that is the overwhelming number of devices that run an outdated version of the operating system. As of early-June 2016, nearly 90 percent of the handsets with Google Play access are rocking Lollipop, Jelly Bean or another old distribution. Meanwhile, Marshmallow powers only 10.1 percent of Android devices.

And, as Trend Micro security researchers point out, that can be a serious problem in terms of security as there is a new family of malware, known as Godless, that affects "virtually any Android device running on Android 5.1 (Lollipop) or earlier". Using Google's figures, that's 89.9 percent of the Android handsets in use. What's really worrying is that this malware is actually linked to apps available in major app stores, like Google's Play, and it has already made 850,000 victims across the globe.

Continue reading →

Researchers at threat defense company Skycure have uncovered an Android proof of concept malware that uses accessibility services to allow attackers to spy on and even control a device.

It can monitor all of a victim's activity and allow attackers to read, and possibly compose, corporate emails and documents via the victim's device, as well as elevating their permissions to remotely encrypt or even wipe the device.

Continue reading →

Security experts are warning about a new malware attack that targets Android users. Mazar Bot is delivered via SMS, is able to gain root access to devices, installs software including Tor, and can even go as far as completely wiping a victim's phone.

Mazar Bot was discovered by Heimdal Security whose researchers analyzed a text message that had been found sent to random numbers. The message purports to provide a link to an MMS, but in fact tricks recipients to install the malicious mms.apk -- Mazar Android BOT in disguise.

Continue reading →

Around a year and a half ago, Symantec warned about the personal data stealing malware Android.Bankosy. Now the Trojan has been updated so it can steal passwords delivered via voice call-based two-factor authorization systems.

Such 2FA systems are often used by banks to communicate one-time passcodes to people. While these have usually been delivered via SMS, voice call delivery is becoming increasingly common. Malware makers are keen not to miss out on data stealing opportunities, and the Android.Bankosy introduces a call-forwarding feature that sends 2FA calls to a C&C server so the code can be intercepted and exploited.

Continue reading →

There’s an adware out there which uses features for the visually impaired to install malicious apps on an Android-powered device. The worst part is that it doesn’t use a vulnerability in the system, but instead abuses a service’s legitimate features.

Researchers from mobile security provider Lookout have spotted the abusers and published a blog post about it.

Continue reading →

Rooting a phone is something that many people decide to do to allow them to do things and use apps that would not otherwise be possible. If you make the choice, you are in control. But security researchers at Lookout have discovered a new form of malware disguised as apps from the likes of Facebook and Twitter.

While some of the apps are partially functional, the malware has a nasty payload: it could be quietly rooting your phone in the background. Lookout has identified three families of malware -- Shuanet, ShiftyBug, and Shedun -- that can be found in more than 20,000 apps in Google Play. Once installed, the malware is almost impossible to remove.

Continue reading →

Most of the malicious software for mobile devices targets Google’s Android operating system, a new report by Pulse Secure says.

Last year, almost one million individual malicious apps for Android were released, according to Pulse Secure’s Mobile Threat Report. That means the number of threats quadrupled in comparison to the year before.

Continue reading →

Updated at 18:00 IST: Bluebox and Xiaomi are now confirming that the handset the security firm tested was a counterfeit product purchased through an unofficial channel. You can read Xiaomi's full statements below.

Xiaomi’s Mi 4 is one of the best smartphones you cannot purchase so easily -- but it might be for the best, it seems. Don’t get me wrong: The Mi 4 packs in top-of-the-line specifications, the latest Android-based operating system, and is incredibly cheap, but if data security firm Bluebox's latest report is to be believed, it also comes with malware and a host of other issues. The handset seems to have been tampered with by an unidentified third party, however. We’ll have more details on this later today.

Continue reading →

According to a new report from telecommunication company Alcatel-Lucent's Motive Security Labs security threats to mobile and residential devices and attacks on communications networks all rose in 2014.

It estimates that 16 million mobile devices worldwide have been infected by malware. It also points out many retail cyber-security breaches in 2014 were the result of malware infections on cash registers or point-of-sale terminals, not online stores, so shopping offline isn't guaranteed to keep your details safe.

Continue reading →