Attention Android users: A malware posing as McAfee security app can steal your sensitive data

/in


New Delhi,UPDATED: Apr 4, 2024 19:00 IST

Security researchers have found that a trojan malware has been posing as the McAfee security app. The malware only affects Android users, and aims to steal personal data like passwords, credit card details, photos, videos, and other sensitive information. This was first reported by Bleeping Computer.

The trojan malware is reportedly a more powerful version of the Vultur malware. Vultur was among the earliest Android banking malware to incorporate screen recording abilities and include functions like keylogging and interacting with a victim’s device screen. Its primary focus was to target banking apps for keylogging and remote control. The discovery of Vultur was initially made by ThreatFabric in late March 2021.

The malware is being circulated via Google Play Store. Apparently, the malware was first distributed on the Android app store in 2022 and has since been active on the platform.

How does the malware work?

The malware pretty much looks like a promotion message for the MacAfee security app, and it is quite easy to fall for. Usually, an Android user will receive an SMS that will claim to have found an unauthorised transaction in your bank account, urging them to call a provided number for assistance.

When you call that number, users will get connected to the scammers, who will send a follow-up SMS with a link to download a malicious version of the McAfee Security app containing the Brunhilda malware dropper.

By installing this fake app, it will gain access to your device’s ‘Accessibility Services’, which will eventually connect it to the malware’s main server. And once that happens, the attackers can access any information on your device remotely.

How to stay safe from such malware?

To ensure you are safe from such malware, never download any app from random links sent to you. Don’t even download apps off browsers. Only download official apps through the Google Play Store. It is also good to always check reviews and ratings of an app before you download it, which can give you a good sense of the authenticity of the app. Also, always pay attention to the developer details of every app before you download it.

Published By:

Nandini…

Source…

Android 14 April security patch rolling out for Pixel devices

/in


Google has started the rollout of its critical April 2024 security patch for Pixel phones. The update, announced in a Pixel community post, addresses numerous vulnerabilities and potential exploits. If you own a compatible Pixel device, you might have it waiting already, but wide availability will take a few weeks.The April 2024 update targets the Pixel 5a 5G and all newer Pixel models. Look for build number AP1A.240405.002 (or the .A1 variant for the Pixel Fold). Carrier and regional factors may influence when you see the update available on your device.

Google’s release notes highlight a substantial list of fixes. The update addresses eight general Android 14 vulnerabilities (dated April 1st) and an additional 20 dated April 5th. Severity levels range from high to critical. Below are the most notable ones listed in the changelog:

  

Biometrics

  • Fix for issue causing black screen to appear when unlocking screen in certain conditions (Pixel 5a 5G)

Camera

  • Fix for camera stability under certain conditions when switching between different zooms (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel 8, Pixel 8 Pro, Pixel Fold)
  • Fix for issue with black halo artifacts appearing under certain conditions in the viewfinder upon transitioning from photo to video mode at 1x zoom (Pixel 8 and Pixel 8 Pro)
  • Fix for issue where users are unable to re-expose image after tapping anywhere on the viewfinder (Pixel 8 and Pixel 8 Pro)
  

More importantly, the company warns that two Pixel-specific flaws (CVE-2024-29745 and CVE-2024-29748), affecting the bootloader and firmware, “may be under limited, targeted exploitation.” While details are scarce, this underscores the urgency of updating your device.

Source…

OnePlus 12 receives new firmware with the March 2024 security patch

/in


What you need to know

  • OnePlus brings system-wide stability improvements with the latest OxygenOS 14 release.
  • It brings notable features like individual “app-specific volume” and pressing the volume down the rocker to turn on the flashlight.
  • The firmware rollout has been rolled out to a small percentage of OnePlus 12 users, and more will follow in the coming days.

It is that time of month when OnePlus 12 users should check their device’s settings for OTA updates, as the company announced a new update with the latest security patch.

After rolling out the OxygenOS 14.0.0.602 early last month, the company is now rolling out the 14.0.0.604 version for the OnePlus 12 devices across the Indian, North American, and Global regions, OnePlus shared in its accompanying community post over the weekend.

The new firmware released across regions brings the latest March 2024 Android security patch, and the shared changelog notably has system-wide improvements and fixes.

OnePlus 12R Genshin Impact Edition at MWC 2024

(Image credit: Nicholas Sutrich / Android Central)

The latest update allows users to “create photo collages without frames in Photos.” A new “Partial screenshot” option has been added to the Smart Sidebar in the latest OxygenOS 14 release.

Source…

Google on why it decided to offer 7 years of Android, security updates on Pixel 8 series

/in


Google Pixel 8 series launch announcement was a bit of a sweet surprise for potential buyers as the company promised 7 years of OS and security updates. Apart from a bunch of AI magic tricks and quarterly feature drops, Google went ahead with this USP to make Pixel phones stand-out from a sea of Android smartphones. Recently, one of the company executives spoke about it and why it was done.

Seang Chau, vice president – Devices & Services Software, said during a podcast that Google has active user data of its Pixel users which suggests that most people use one model for multiple years.

“So when we look at the trajectory of where the original Pixel that we launched in 2016 landed and how many people were still using the first Pixel, we saw that actually, there’s quite a good active user base until probably about the seven-year mark,” Chau said.

According to the executive, when Google realised that people have been using the phones for as long as six years, the company decided that it will support Pixel 8 and later models with a total of 7 years of OS and security updates.

How Google is able to promise this change
One of the major changes that Pixel smartphones have seen since Pixel 6 onwards is the Tensor SoC – designed by Google to undertake AI tasks and machine learning models, giving it a better control on features.

But 7 years is a long time in the smartphone industry, and to tackle hardware limitations, Chau said that by keeping features software-based, Google aims to extend the usability of older devices, allowing them to benefit from new features without needing hardware upgrades.

Recently, it was announced that Pixel 8 is also going to get some AI features that were available on Pixel 8 Pro.

Source…