Security News

Unpatched Android App with 1 Billion Downloads Threatens Spying, Malware
2021-02-16 14:08

An Android app that's been downloaded more than 1 billion times is riddled with flaws that can let attackers hijack app features or overwrite existing files to execute malicious code, or launch man-in-the-disk attacks on people's devices, researchers discovered. The flaws exist in an app called SHAREit, which allows Android app users to share files between friends or devices.

LodaRAT Windows Malware Now Also Targets Android Devices
2021-02-15 03:57

A previously known Windows remote access Trojan with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker's espionage motives. "The developers of LodaRAT have added Android as a targeted platform," Cisco Talos researchers said in a Tuesday analysis.

Pro-India hackers use Android spyware to spy on Pakistani military
2021-02-14 17:12

The malware strains named Hornbill and SunBird have been delivered as fake Android apps by the Confucius advanced persistent threat group, a pro-India state-sponsored operation known to spy on Pakistani and South Asian targets, since at least 2013. A report from California-based cybersecurity firm Lookout has revealed counterfeit Android apps laden with malware that was used by pro-India actors to spy on Pakistan's military and nuclear authorities, in addition to Kashmir's election officials.

Qualys expands VMDR to mobile devices with support for Android and iOS/iPadOS
2021-02-12 01:15

Qualys announced it is expanding Qualys VMDR to mobile devices with support for Android and iOS/iPadOS delivering an end-to-end solution for mobile device security. Qualys' all-in-one VMDR provides in-depth mobile device visibility, data security insights, proactive posture monitoring, and automated response for all iOS and Android devices and installed apps - just like VMDR does for on premises, endpoints, clouds, containers, OT and IoT assets.

Newly Discovered Android Spyware Linked to State-Sponsored Indian Hackers
2021-02-11 15:10

Researchers at mobile security firm Lookout have published information on two recently discovered Android spyware families employed by an advanced persistent threat group named Confucius. For the past several years it also switched to mobile malware, with the first Android surveillanceware ChatSpy being observed in 2018.

Military, Nuclear Entities Under Target By Novel Android Malware
2021-02-11 12:00

Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call "Hornbill" and "SunBird," have sophisticated capabilities to exfiltrate SMS messages, encrypted messaging app content and geolocation, as well as other types of sensitive information.

Researchers Uncover Android Spying Campaign Targeting Pakistan Officials
2021-02-11 08:23

Two new Android surveillanceware families have been found to target military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign. "Some notable targets included an individual who applied for a position at the Pakistan Atomic Energy Commission, individuals with numerous contacts in the Pakistan Air Force, as well as officers responsible for electoral rolls located in the Pulwama district of Kashmir," the researchers said in a Wednesday analysis.

Android Devices Hunted by LodaRAT Windows Malware
2021-02-09 15:47

A newly discovered variant of the LodaRAT malware, which has historically targeted Windows devices, is being distributed in an ongoing campaign that now also hunts down Android devices and spies on victims. Along with this, an updated version of LodaRAT for Windows has also been identified; both versions were seen in a recent campaign targeting Bangladesh, researchers said.

Android app joins the dark side, sends malware update to millions
2021-02-08 16:52

Google has removed a popular Android barcode scanner app with over 10 million installs from the Play Store after researchers found that it turned malicious following a December 2020 update. After lying dormant for years, the previously legitimate Barcode Scanner app developed by LAVABIRD LTD self-updated and took over the users' devices using malicious code now tagged by security vendors as trojan malware.

NoxPlayer Android Emulator Supply-Chain Attack
2021-02-08 12:34

It seems to be the season of sophisticated supply-chain attacks. ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company's official API and file-hosting servers.