Posts tagged with: malware
  • by |

    It gives wibbly weather reports even those at the Met Office in London would tsk at. And it bothers users every so often with battery consumption notices, just like many a Chinese Android phone. You can probably tell that we are editorially not in favor of LG's Smart Notice widget, found on its major Android flagships from the past several years. But on the LG G3, the widget was more than just unfavorable: according to two security firms, Smart Notice lacked a security check feature when passing on new contact notifications to the user. Malicious types would be able to insert code that ...

    Share
    Read On
  • by |

    Chrome is the web browser at the center of Google's empire - both on desktops as well as mobile devices. In addition to being just a standalone app (which may or may not be preloaded on your smartphone), the Chrome engine also drives the component that displays web content inside apps. As you might expect, a vulnerability in that engine could cause significant problems for the device running it. Such is the case with a particularly troublesome Android Google Chrome exploit. During the recent PacSec conference in Tokyo, Qihoo 360 developer Guang Gong showed off a vulnerability which takes ...

    Share
    Read On
  • by |

    Is 2015 destined to go down in history as the year we all started developing a healthy sense of fear about the state of smartphone security? Exploits like Stagefright have exposed an unprecedented number of handsets to possible attack, and every time the powers that be patch one vulnerability, it feels like we're hearing about a new one popping up. The latest to come to our attention threatens to compromise any Android device running recent versions of Chrome, gaining full control of the platform when the user visits a malicious website. The attack was demonstrated earlier this week at the ...

    Share
    Read On
  • by |

    We're always protecting our devices and the content inside them from the big, bad wolves. It's government, it's hackers and it's all annoying. But while the Stagefright exploits are taking the spotlight at the moment, it's important to remember that there are plenty of other worries out there, waiting to be picked up on. Lookout Security picked up on three worries within Android that have altogether affected over 20,000 applications. They are trojans that have been found in ten countries including the United States, Germany, India, Brazil and Mexico. Shuanet, Kemoge (christened ...

    Share
    Read On
  • by |

    We first heard of the XcodeGhost malware back in September as reports identified hundreds of iOS apps built with unauthorized copies of Apple’s Xcode IDE that managed to introduce some sneaky, unwanted code. Infected apps had the potential to seriously compromise system security, so Apple was understandably quick to remove offenders from the App Store. Now, over a month later, is XcodeGhost finally something Apple can put behind it? Maybe not, warn security researchers, as signs of XcodeGhost infections persist, and new iOS-9-optimized variants are uncovered. While Apple might have ...

    Share
    Read On
  • by |

    There's a short list of advice any smartphone user should heed if he or she wants to keep their device as safe as possible from nasty mobile malware, and right up there at the top is “get your apps from trustworthy sources.” While Android users have the freedom to turn to the distributor of their choice, making that decision very important, things are much more straightforward at iOS (jailbreakers notwithstanding), and for Apple users there's hardly even a question here: you get your apps from Apple's App Store. As such, users have to place a lot of faith in Apple that it's keeping the ...

    Share
    Read On
  • by |

    Phone unlocking, to be clear, is legal in the United States if the phone in question is out of a service contract. Even though some companies have a hard time of coping with this reality, it's codefied law of the land here. But what AT&T accuses three former employees, one owner of an unlocked phone resale company and 50 unnamed people of doing definitely raises some eyebrows. In the case filed in Seattle US District Court, the ex-AT&T staff allegedly installed malware onto a Seattle-area's AT&T store's computers that was able to compromise the carrier's proprietary customer ...

    Share
    Read On
  • by |

    For the past couple years now, Apple's allowed iOS and OS X devices to easily share files with other units in their proximity, thanks to the company's AirDrop protocol. Unfortunately, users who have AirDrop enabled may have inadvertently put their systems at risk, as news of a new exploit arrives – one capable of bypassing normal system protections and allowing for the installation of possibly malicious apps. The hack is triggered when an attacker sends an AirDrop payload to the target device – much like the recent Android Stagefright exploit and MMS, there's no direct user interaction ...

    Share
    Read On
  • by |

    None of us "like" out-of-date things. Updates to apps and operating systems bring us new features, improved functionality, better user interfaces, and (most importantly) bug fixes. We all hate bugs, but bugs vary in severity from mildly frustrating to zero-day security holes that can be exploited to do all kinds of nasty stuff. Depending on their type and scope, patches and updates aren't things that arrive on our smartphones and tablets all that easily. Each bringing its own set of challenges and frustrations. Apps Applications get updated with whatever frequency their developers deem ...

    Share
    Read On
  • by |

    You've read the headlines and heard the rhetoric: 97% of mobile malware is on Android, Android malware threat rears its head again, Android malware spies on you even after phone is shut down, and more. Based on those headlines, you'd think that Android is a cesspool of filth and simply having a phone powered by the OS opens you to a host of problems - problems that might be solved by switching to another platform from another company. Unfortunately, the headlines are fantastical, and the "problem" with Android malware doesn't really exist - and never has. "But Joe, Google says it just cut ...

    Share
    Read On
  • by |

    A while back, Jesper Jensen from Denmark wrote in to the Pocketnow Weekly Podcast with a question about antivirus software for Android, specifically, whether or not he needs it on his new Xperia Z3 Compact. I have just received my Sony Xperia Z3 Compact and I am infatuated with this little beauty. Coming from a Nokia Lumia 620 it is quite a leap ahead, though I do find I miss a few things about Windows phone. One of the things I didn't miss about Android is the ... more or less useful (apps that come pre-installed from Sony, such as) AVG antivirus. Under normal circumstances I would ...

    Share
    Read On
  • by |

    Malware issues and Android have been a mix of repeated controversy over the last couple of years. We do know of the existence of malware for Android, and we do know of the security risks involved, but it's hard to remember the last time we've ever heard of a virus attack that's rendered Android smartphones useless, or at risk. Malware on mobile devices is surely possible, but sadly not as popular as it was a decade ago on Windows computers, and still, new reports emerge today of a new risk to Android. A new "Fake ID" exploit reportedly allows fake applications or services to poise as ...

    Share
    Read On
  • by |

    Heartbleed may be dominating the headlines when it comes to security topics lately, and while that one does pose some specific risks for smartphone users, it's far from alone among all the vulnerabilities out there. Today we hear about Google's efforts to address one that's new to us, an oversight in how Android manages permissions that could set the stage for malicious software to orchestrate a phishing attack. The problem stems from a pair of unprotected permissions tied to the Android launcher's configuration settings. Since they're classified at the low-risk “normal” permission ...

    Share
    Read On
  • by |

    Back at the tail end of February we heard about an improvement Google was working on to the way Android helps protect users against malicious software, building off the existing Verify Apps framework that evaluated apps at the time of installation to introduce a system that continually monitored apps to check for ne'er-do-wells, even after the software was already loaded on your phone. Today Google confirms that report and announces the introduction of this newly enhanced scanning service. While this is largely a better-safe-than-sorry measure, and most users who get their apps from ...

    Share
    Read On
  • by |

    Thanks to last month's big Facebook acquisition, WhatsApp has been attracting a lot of attention lately. While that should only help grow its already impressively large 450-million-person-strong user base, that extra attention also means that more people are placing the app under a critical light. Today we learn of a potential security vulnerability in how WhatsApp saves logs of your conversations; what exactly is the problem here, and is it one you need to be concerned about? WhatsApp uses your phone's SD card for storage (whether physical or a virtual part of the internal file system), ...

    Share
    Read On
  • by |

    Malware can do a lot of scary things: your money, your documents, even your identity can be taken from you. But on Android smartphones the threat posed by malicious apps has largely seemed manageable, so long as users take certain precautions, like not sideloading apps without trusting the devs behind them, and sticking to mainstream app stores. But now we're hearing about a troubling new wrinkle in the war on malware, with reports suggesting that some phones are being sold with such nasty apps present; is there cause for concern? Here's what's going on: a security firm got some complaints ...

    Share
    Read On
  • by |

    Android malware exists – there's no sugar-coating that – but for the majority of users, it's a remote threat at best. So long as you're installing apps from trusted sources and keeping on top of any security updates that come your way, you're in great shape. But just because Android security is already decent doesn't mean it can't get even better. A new update going out in the next few weeks will help do just that, making an important change to Google's “Verify Apps” feature. Right now, Verify Apps does a quick check of apps when you install them. It scans them – even sideloaded ...

    Share
    Read On
  • by |

    Malware – whether we're talking trojans, viruses, worms, or the old logic bomb – tends to be very platform-specific. By its nature, that makes a lot of sense; the exploits that allow malware to plant its roots in a system are themselves often intimately tied to the OS, and the need for this code to run and spread virtually unassisted means it can't get too bogged down by planning to infect every possible system it comes across – it needs to do one thing, and do it well. So smartphone malware, by and large, tends to stay just on smartphones. Last year, though, there was at least one ...

    Share
    Read On
  • by |

    When a developer is writing code, the presumption is that he or she is attempting to do so while avoiding the creation of unwanted security vulnerabilities. And then we have review and testing to help catch any holes that may have slipped through. Still, it's not a perfect process, and some of those vulnerabilities make their way to released software. Eventually, the bugs might be spotted, either by white hats looking to keep things secure, or hackers looking for something new to exploit. Google isn't content to just sit back and let all that happen on its own, and has been getting ...

    Share
    Read On
  • by |

    Today at Pocketnow we're going to diverge from talking about smartphones and tablets for a moment, and instead we're going to talk about diseases -- communicable diseases. Don't worry though, the topic is applicable to whatever smartphone you're carrying around with you now, and has much to do with Android malware, the way Google handles it, the various layers of protection involved, and the number of people who are exposed to threats that could get through the defenses. The Centers for Disease Control and Management know that it's impossible to eradicate all disease. Instead, the ...

    Share
    Read On
  • by |

    It's been a while since we've seen malware, Android Trojan, or other malicious software reports; not that we missed them! Google is doing it's best, and a good job at that, to keep malware off of our phones. Some slip through the cracks though. Kaspersky Lab Expert Roman Unuchek brings our attention to what he calls "the most sophisticated" Android Trojan. Long story short: we're looking at a multi-functional Android Trojan than can send text messages to premium-rate numbers; download and install other malware programs on its own; share them via Bluetooth; and perform commands in the ...

    Share
    Read On
  • by |

    The story of the Trojan Horse originates from an ancient battle between the Greeks and their siege of the city of Troy. As the tale goes, the Greeks, after trying to defeat Troy for 10 years, built a huge wooden horse -- a supposed token of victory to the Trojans. They wheeled the large statue to the gates of Troy, then pretended to sail away. The Trojans pulled the horse inside the gates, not knowing that a Greek invasion force lay hid inside. When night fell, the Greeks crept out of the horse,  opened the gates, and allowed the rest of the Greek army in -- they'd sailed back under cover ...

    Share
    Read On
  • by |

    Apple's Phil Schiller recently posted a tweet aimed squarely at Android users: "Be safe out there", followed by a link to F-Secure's latest Mobile Threat Report. That was last week and the talking-heads are already on a roll. Some are claiming vindication, even going as far as saying that Apple has won the war. Others have retaliated against Schiller saying tweet was uncalled for. The source behind the tweet is really at the meat of the issue. It's a 34-page .PDF that outlines the mobile threats in the world today. That report, too, has received quite a bit of coverage in the news and ...

    Share
    Read On
  • by |

    When we talk about risky apps, we're usually doing so in the context of malware. Such malicious programs are one way our data can be compromised, but even apps that are on the up-and-up could still be putting our personal data and privacy at risk. Appthority recently took a look at the fifty most popular free Android and iOS apps to see just how safe they might be, and Android seems to be the platform that's putting its users at less of a risk. For this comparison, the study looked at behaviors like the use of encryption when connecting with servers, requesting access to your contacts and ...

    Share
    Read On
  • by |

    One of the advantages of locking down devices and only allowing apps to be installed through a "walled garden" of an app store is the ability to (theoretically) pre-screen every line of code in every app that's submitted, which virtually guarantees that your platform will be "malware free". Of course neither Apple nor Microsoft pre-screen every line of code in every app in their respective app stores, but who's counting, right? Google does things differently. Rather than approving every single app before it's listed in their Play Store, Google includes it automatically -- letting the free ...

    Share
    Read On
Mobile Version