Security News
Roid malware 'FakeCalls' is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to fool bankers into giving away their credit card details. "We discovered more than 2500 samples of the FakeCalls malware that used a variety of combinations of mimicked financial organizations and implemented anti-analysis techniques," reads CheckPoint's report.
Microsoft will soon fast-track multi-factor authentication adoption for its Microsoft 365 cloud productivity platform by adding MFA capabilities to the Outlook email client. The company says in a new Microsoft 365 roadmap entry that users will be able to complete MFA requests for Microsoft 365 apps directly in the Outlook app via a new feature dubbed Authenticator Lite.
The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system framework and the ability to steal credentials for 400 banks. "With these new features, Xenomorph is now able to complete automate the whole fraud chain, from infection to funds exfiltration, making it one of the most advanced and dangerous Android Malware trojans in circulation," warns ThreatFabric.
A new variant of the Android banking trojan named Xenomorph has surfaced in the wild, the latest findings from ThreatFabric reveal. "This new version of the malware adds many new capabilities to an already feature-rich Android banker, most notably the introduction of a very extensive runtime engine powered by Accessibility services, which is used by actors to implement a complete ATS framework," the Dutch security firm said in a report shared with The Hacker News.
Google has released March 2023 security updates for Android, fixing a total of 60 flaws, and among them, two critical-severity remote code execution vulnerabilities impacting Android Systems running versions 11, 12, and 13. "The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution with no additional execution privileges needed," reads the security bulletin.
An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that was released on December 16, 2021.
An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "Serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies and labels of the 20 most popular paid apps and the 20 most popular free apps on the app marketplace.
Threat actors are exploiting the popularity of OpenAI's ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting vitims to phishing pages. Security researcher Dominic Alvieri was among the first to notice one such example using the domain "Chat-gpt-pc.online" to infect visitors with the Redline info-stealing malware under the guise of a download for a ChatGPT Windows desktop client.
Google has started working to harden the security of Android at the firmware level, a component of the software stack that interacts directly with the various processors of a system on a chip. The plan is to expand the security in Android devices beyond the operating system, which runs on a multi-core CPU, to the other processors on the SoC for dedicated tasks like cellular communication, media processing, or security modules.
Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn.