Security News

Billions of Android devices are exposed to a vulnerability in Qualcomm's Mobile Station Modem chip. A vulnerability in Qualcomm's Mobile Station Modem chip- installed in around 30% of the world's mobile devices - can be exploited from within Android.

A heap overflow vulnerability in Qualcomm's Snapdragon 855 system-on-chip modem firmware, used in Android devices, could be exploited by baddies to run arbitrary code on unsuspecting users' devices, according to Check Point. The software bug, tracked as CVE-2020-11292, can be abused to trigger a heap overflow in devices that use a Qualcomm Mobile Station Modem chip, thanks to some in-depth jiggery-pokery in the Qualcomm MSM Interface voice service API. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations," said some not-at-all-excitable researchers from Israeli security firm Check Point in a blog post today.

Google announced the introduction of a privacy information section on the entries of Android applications listed in its Google Play Store digital distribution service starting with Q1 2022. "Today, we're pre-announcing an upcoming safety section in Google Play that will help people understand the data an app collects or shares, if that data is secured, and additional details that impact privacy and security," Suzanne Frey, Product VP for Android Security and Privacy, said.

In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem chips, including ones used in 5G devices. Mobile phone makers must apply the patch and roll out the fix to users, which means that any device not yet updated would still be vulnerable.

The bug listed here is what's known as a Universal Cross-site Scripting vulnerability, which means it's a way for attackers to access private browser data from website X while you are browsing on booby-trapped website Y. That's definitely not supposed to happen. Your browser is supposed to stop data such as cookies "Leaking" between websites, or else site Y could peek at data such as your login details for site X, and abuse that site-specific data to masquerade as you on site X and hijack your account.

The Android operating system updates released by Google for May 2021 patch a total of 42 vulnerabilities, including four considered critical severity. In addition to these critical bugs, five other vulnerabilities were addressed in Android System, all rated high severity.

The FluBot Android malware is spreading fast across Europe using an SMS package delivery scheme and it's soon expected to arrive in the United States as well, cybersecurity company Proofpoint warned this week. Initially observed in Spain, FluBot has since expanded operations to reach Germany, Hungary, Italy, Poland, and the UK as well, with tens of thousands of malicious SMS messages that leverage FedEx, DHL, and Correos lures being sent hourly.

Attention, Android users! A banking malware capable of stealing sensitive information is "Spreading rapidly" across Europe, with the U.S. likely to be the next target. FluBot, a nascent entry in the banking trojan landscape, began its operations late last year, with campaigns leveraging the malware infecting more than 60,000 users in Spain, according to an analysis published by Proactive Defence Against Future Threats in March 2021.

A new malicious piece of spyware is targeting Android users in the U.K. in an attempt to snag their passwords and other private information. Affecting Android phones and devices across the U.K., FluBot is triggered after a user receives a text message asking them to install a tracking app in response to a "Missed delivery package." Clicking on the link in the text directs the victim to a scam website that launches the spyware.

Roid mobile phone users across the U.K. and Europe are being targeted by text messages containing a particularly nasty piece of spyware called "Flubot," according to the U.K.'s National Cyber Security Centre. The malware is delivered to targets through SMS texts and prompts them to install a "Missed package delivery" app.