malware

"Modified" versions of popular apps have helped distribute a nasty piece of Android malware. The tactic expanded the reach of the Necro Trojan despite Google's security checks. Necro was able to survive for some time before discovery, largely ... because the infection wasn't obvious to users. Its main purpose was to hijack phones and use them to make money for the people behind the malware. This included displaying paid ads in the background so that users didn't see them, but the scammers were able to claim revenue from advertisers. The malware would also install apps on the phone to earn ... (view more)

Five rogue Android apps remained in the Google Play store for more than two years. They hosted notorious malware called Mandrake that was hidden through some creative means. According to SecureList, the apps were titled AirFS, Amber, Astro Explorer, ... Brain Matrix and CryptoPulsing. The good news is that the apps had hardly any downloads, one of the reasons they attracted little attention. The real concern is whether malware distributors are using the same tactics with other apps. (Source: securelist.com ) Mandrake has been known about since 2020, though appears to have been in circulation ... (view more)

Android scammers are using a creatively nasty way to spread malware. They've disguised it as an update for the Google Play store itself. It's a particularly cheeky way to try to get credibility for a malware scam. Not only is Google Play the ... official place to get Android apps in the first place, but the best and simplest Android security tip is to only use apps from Google Play. In this case, the malware doesn't originate as an app but instead as a bogus link. This could be on a web page, in a text message or in an email. The supposed source is Google itself and the link comes with a message ... (view more)

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Recently, Google has started baking artificial intelligence (AI) into its standard search results. However, the new AI-powered responses have been criticized for giving credibility to scams, including leading users to malicious sites where their ... systems could be compromised by ransomware and similar. Although the baked-in artificial intelligence results have already been available for people who have intentionally asked to try it, what's important to note is that Google is now rolling it out for some ordinary users when they carry out a search. The idea of the new tool is to better handle ... (view more)

Google says Chrome will now warn users about risky sites using real-time information. The improvements won't compromise user privacy. Chrome already offers a feature called Safe Browsing. The default option, "standard protection," kicks in when ... users are about to visit a site, download a file or install an extension. The feature compares the target URL (website address) against a database of known and suspected security risks and warns the user of a match. The optional "enhanced protection" option will also actively check the target site for any signs that it may be compromised, threaten ... (view more)

The latest malware targeting banking users may have infected up to 200,000 Android devices. The criminals behind Anatsa have deliberately exploited what's meant to be a useful feature that makes users' lives easier. The attacks have some familiar ... features such as distributing the malware through free tools that perform some basic functions and finding ways around the Android permission system. What makes it a particularly nasty campaign is that it takes advantage of the Android Accessibility system. Security researchers at ThreatFabric spotted the malware in five apps with similar names: ... (view more)

Mac users have been warned to watch out for bogus updates to the Safari and Chrome browsers. It's a scam to spread data-stealing malware. The AMOS malware, also called Atomic Stealer, is particularly nasty as it targets data stored or transmitted by ... web browsers. This includes login details, passwords, and credit card numbers. It also looks for cryptocurrency wallets, which give access to Bitcoin and other cryptocurrencies that can be stolen and turned into cash. (Source: malwarebytes.com ) The malware has been around since the spring when the scammers targeted people searching for popular ... (view more)

Artificial Intelligence tools aren't as useful for writing malware as it first seemed. However, they may be useful for phishing scams and other social engineering. Two recent security company reports covered by The Register explored how malware ... scammers are particularly interested in AI tools that generate material. The theory goes that such tools could write code designed to exploit vulnerabilities in software and websites. (Source: theregister.com ) It's not a completely outlandish theory as some users have found such tools can efficiently write code for a particular task. It can take ... (view more)

More than 60,000 Android apps contained a nasty piece of malware designed to steal banking information. The scam doesn't target the official Google Play store, but rather third-party sources. The rogue apps fall into two main categories. Some are ... designed to closely resemble real, popular apps. Others are promoted as "modded" versions of genuine apps that are supposedly identical but with an alteration that supposedly removes ads or a requirement to pay a subscription. In reality, the scammers have taken the genuine apps, copied them, and made one modification. Unfortunately that modification ... (view more)