Security News

Google has released the March 2022 security updates for Android 10, 11, and 12, addressing three critical severity flaws, one of which affects all devices running the latest version of the mobile OS. Tracked as CVE-2021-39708, the flaw lies in the Android System component, and it's an escalation of privilege problem requiring no user interaction or additional execution privileges. "The most severe of these issues is a critical security vulnerability in the System component that could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." - mentions Google's bulletin.

How to check Android 12 permissions with the Privacy Dashboard. One of the new features in Android 12 makes it very easy to check up on your device privacy by way of service access.

The threat actor behind a nascent Android banking trojan named SharkBot has managed to evade Google Play Store security barriers by masquerading as an antivirus app. Where SharkBot stands apart is in its ability to carry out the unauthorized transactions via Automatic Transfer Systems, which stands in contrast to TeaBot, which requires a live operator to interact with the infected devices to conduct the malicious activities.

An Android banking trojan designed to steal credentials and SMS messages has been observed sneaking past Google Play Store protections to target users of more than 400 banking and financial apps from Russia, China, and the U.S. "TeaBot RAT capabilities are achieved via the device screen's live streaming plus the abuse of Accessibility Services for remote interaction and key-logging," Cleafy researchers said in a report. Also known by the name Anatsa, TeaBot first emerged in May 2021, camouflaging its malicious functions by posing as seemingly innocuous PDF document and QR code scanner apps that are distributed via the official Google Play Store instead of third-party apps stores or via fraudulent websites.

SharkBot banking malware has infiltrated the Google Play Store, the official Android app repository, posing as an antivirus with system cleaning capabilities. SharkBot was discovered in Google Play by researchers at the NCC Group, who today published a detailed technical analysis of the malware.

An Apple AirTag is a Bluetooth-based device finder released in April 2021 that allows owners to track the device using Apple's 'Find My' service. Although Apple has implemented an intricate anti-stalking system to prevent cases of abuse, stealthy AirTag tracking continues to remain a problem.

An Apple AirTag is a Bluetooth-based device finder released in April 2021 that allows owners to track the device using Apple's 'Find My' service. The university researchers decided to do something about the Apple AirTag privacy problem in the Android world and reverse-engineered the iOS tracking detection to understand its inner workings better.

A security analyst has devised a way to capture Visual Voice Mail credentials on Android devices and then remotely listen to voicemail messages without the victim's knowledge. Visual Voice Mail is a voicemail system used by numerous mobile carriers that allow customers to view, listen to, and manage voicemails in any order.

New Xenomorph Android malware targets more than 50 banking and financial applications. Figure B. The Alien malware has more overall capabilities than Xenomorph, which is far more targeted at stealing banking information.

An analysis of SMS phone-verified account services has led to the discovery of a rogue platform built atop a botnet involving thousands of infected Android phones, once again underscoring the flaws with relying on SMS for account validation. SMS PVA services, since gain prevalence in 2018, provide users with alternative mobile numbers that can be used to register for other online services and platforms, and help bypass SMS-based authentication and single sign-on mechanisms put in place to verify new accounts.