Security News

Android banking malware infects 300,000 Google Play users
2021-11-30 16:07

Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. The Android banking trojans delivered onto compromised devices attempt to steal users' credentials when they log in to an online banking or cryptocurrency apps.

9.3M+ Androids Running ‘Malicious’ Games from Huawei AppGallery
2021-11-24 17:28

It doesn't: "Cat cute diary" is one of 190 trojanized games that Doctor Web malware analysts have found on AppGallery, the official app store for Huawei Android. Here's the full list of the 190 apps the researchers are identifying as malicious.

Mediatek eavesdropping bug impacts 30% of all Android smartphones
2021-11-24 14:23

MediaTek fixed security vulnerabilities that could have allowed attackers to eavesdrop on Android phone calls, execute commands, or elevate their privileges to a higher level. MediaTek is one of the largest semiconductor companies in the world, with their chips present in 43% of all smartphones as of the second quarter of 2021.

How a malicious Android app could covertly turn the DSP in your MediaTek-powered phone into an eavesdropping bug
2021-11-24 11:00

Check Point Research will today spill the beans on security holes it found within the audio processor firmware in millions of smartphones, which can be potentially exploited by malicious apps to secretly eavesdrop on people. Though its chips tend to power low-to-mid-end Android handhelds, MediaTek leads the world in terms of smartphone chip shipments; its tech is used nearly everywhere.

APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users
2021-11-24 00:49

A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that allow it to be stealthier and more persistent while passing off as seemingly innocuous app updates to stay under the radar. The new variants have "Incorporated new features into their malicious apps that make them more resilient to actions by users, who might try to remove them manually, and to security and web hosting companies that attempt to block access to, or shut down, their command-and-control server domains," Sophos threat researcher Pankaj Kohli said in a report published Tuesday.

Over 9 Million Android Phones Running Malware Apps from Huawei's AppGallery
2021-11-23 23:40

At least 9.3 million Android devices have been infected by a new class of malware that disguises itself as dozens of arcade, shooter, and strategy games on Huawei's AppGallery marketplace to steal device information and victims' mobile phone numbers. The mobile campaign was disclosed by researchers from Doctor Web, who classified the trojan as "Android.Cynos.7.origin," owing to the fact that the malware is a modified version of the Cynos malware.

Over nine million Android devices infected by info-stealing trojan
2021-11-23 16:00

A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps. Those who installed the apps on their devices will still have to remove them from their Android devices manually.

If you're serious about privacy, it's time to use DuckDuckGo as your default Android browser
2021-11-23 14:16

In the never-ending battle for privacy on mobile phones, I seem to be forever searching for the right combination of apps and services to lift Android to a more secure place. Recently the privacy-centric browser took yet another step forward, one that had me immediately set it as my default Android browser.

More Stealthier Version of BrazKing Android Malware Spotted in the Wild
2021-11-23 03:23

Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan that's capable of carrying out financial fraud attacks by stealing two-factor authentication codes and initiating rogue transactions from infected devices to transfer money from victims' accounts to an account operated by the threat actor. "It turns out that its developers have been working on making the malware more agile than before, moving its core overlay mechanism to pull fake overlay screens from the command-and-control server in real-time," IBM X-Force researcher Shahar Tavor noted in a technical deep dive published last week.

Android malware BrazKing returns as a stealthier banking trojan
2021-11-18 21:19

The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. RAT capabilities-BrazKing can manipulate the target banking application by tapping buttons or keying text in.