Security News
Google has announced the rollout of two new non-negotiable security features for Android users who have also enrolled in the company's Advanced Protection Program. On Wednesday, Google said that the company is now automatically turning Google Play Protect on for all devices with a Google Account enrolled in Advanced Protection and will require that it remain enabled.
Late last week, researchers at network intelligence company DomainTools warned about an Android malware sample that caught our attention. Like many other cyberthreats doing the rounds these days, the criminals have used the coronavirus pandemic as a lure, offering an intriguing if rather creepy app called COVID 19 TRACKER. The website promoting the app offers to "Track Real-Time Coronavirus Outbreak in your Street, City and State", and says it will "Get Real-Time Statistics about Coronavirus outbreaks around you in over 100 countries."
Do you know what information you share within the Google ecosystem? You can easily control what is visible or hidden, from with your Android device. Did you know that you are actually in control of what personal information people see when you create or share content within the Google ecosystem, such as YouTube and Google Drive? If you're serious about your privacy, this is something you should certainly want to take control of.
The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found. A new type of ransomware known as CovidLock encrypts key data on an Android device and denies access to the victims unless they pay up, according to the threat intelligence firm DomainTools.
A recently discovered piece of Android stalkerware can install itself persistently on the system partition and steals the file containing the hash sum for the screen unlock pattern or password to allow its operators to unlock devices. Referred to as MonitorMinor, the stalkerware targets communication applications to intercept victims' conversations, including LINE, Gmail, Zalo, Instagram, Facebook, Kik, Hangouts, Viber, Hike News & Content, Skype, Snapchat, JusTalk, and BOTIM. Given that Android sandboxes applications to prevent direct communications between them - this feature is called DAC, or Discretionary Access Control - MonitorMinor requires root access to bypass the security system and perform nefarious activities.
A recently discovered Android Trojan was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app. While it's uncertain how the Trojan infects devices - it does not exploit flaws in the Facebook application or the browser - it achieves root by connecting with another backdoor installed on the smartphone, and passes it a shell command.
A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices. "Malware could steal cookie files of any website from other apps in the same way and achieve similar results."
The trojans are designed to gain control of Facebook user accounts by capturing browser cookies in Android, says Kaspersky. This trojan captures root rights on an Android device, thus allowing it to steal cookies from the browser and from Facebook and transfer them to the server of the cybercriminals behind it.
Their tastes however can run to a different sort of cookie, as evidenced by a fresh strain of Android malware that may be implanted prior to users purchasing a device. Appropriately dubbed "Cookiethief" by the Kaspersky researchers who discovered it, the trojan has a straightforward goal: "Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the cybercriminals' server," explained Kaspersky researchers Anton Kivva and Igor Golovin, in an analysis on Thursday.
How long do Android smartphones and tablets continue to receive security updates after they're purchased? Many millions of users hang on to their Android devices for much longer, which raises questions about their ongoing security as the number of serious vulnerabilities continues to grow.