Security News

Check Point Research will today spill the beans on security holes it found within the audio processor firmware in millions of smartphones, which can be potentially exploited by malicious apps to secretly eavesdrop on people. Though its chips tend to power low-to-mid-end Android handhelds, MediaTek leads the world in terms of smartphone chip shipments; its tech is used nearly everywhere.

At least 9.3 million Android devices have been infected by a new class of malware that disguises itself as dozens of arcade, shooter, and strategy games on Huawei's AppGallery marketplace to steal device information and victims' mobile phone numbers. The mobile campaign was disclosed by researchers from Doctor Web, who classified the trojan as "Android.Cynos.7.origin," owing to the fact that the malware is a modified version of the Cynos malware.

Interesting Twitter thread on how cell phone metadata can be used to identify and track people who don’t want to be identified and tracked.

A new and dangerous form of malware for rooting Android phones has been spotted in 19 apps on Google's Play store, as well as in several in the Amazon Appstore, the Samsung Galaxy Store, and other third-party sites. Dubbed AbstractEmu by bug-hunters at Lookout, who first spotted the code, the malware would give full access to all functions on an Android device and would be almost impossible to remove without doing a full system wipe.

Facebook has sued a Ukrainian national for allegedly harvesting and selling personal data describing 178 million of the Social NetworkTM's users - actions it says violates the service's terms of service. The suit alleges that Alexander Alexandrovich Solonchenko created millions of virtual Android devices, each with a different phone number, and used them to deliver automated requests to Facebook systems using the Messenger app.

Over the past few years, mobile devices have become increasingly chatty over the Bluetooth Low Energy protocol and this turns out to be a somewhat significant privacy risk. More recently, the US-based researchers explain, software for tracking COVID-19 has used mobile devices as BLE beacons, broadcasting signals in the service of public health.

A new study by a team of university researchers in the UK has unveiled a host of privacy issues that arise from using Android smartphones. The researchers have focused on Samsung, Xiaomi, Realme, and Huawei Android devices, and LineageOS and /e/OS, two forks of Android that aim to offer long-term support and a de-Googled experience.

The Federal Communications Commission announced earlier this week that phone companies are now required to filter calls from providers who haven't complied with a deadline to block illegal robocalls expired on September 28th. They can only accept calls from voice service providers registered in the Robocall Mitigation Database who have implemented caller ID authentication technology for calls carried made over Internet Protocol networks or filed a robocall mitigation plan with the FCC. "This technology is critical to protecting Americans from scams using spoofed robocalls because it erodes the ability of callers to illegally spoof a caller ID, which scammers use to trick Americans into answering their phones when they shouldn't," the FCC explains. To make it easy to comply with this robocall blocking deadline, the FCC provides an email subscription service that telecom companies can use to keep track of changes to the Robocall Mitigation Database.

A large-scale malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge. According to the researchers' estimates, the cybercriminals could steal millions in recurring payments every month from victims around the world.

Threat actors are targeting voice-over-Internet provider VoIP.ms with a DDoS attack and extorting the company to stop the assault that's severely disrupting the company's operation. On September 16th, 2021, VoIP.ms became the victim of a distributed denial-of-service attack targeting their infrastructure, including DNS name servers.