Tag Archive for: Caught

16 Google Play Store apps caught hiding adware

/in


Apps hiding malware are becoming a common problem. Malicious apps like these have been around in third-party app stores for a while. But official app stores are supposed to protect us from bad actors getting to our devices.

Sadly, that’s not always the case. Cybercriminals can bypass security processes to get their malicious programs into official app stores. Tap or click here for a recent list of bad apps that you should delete ASAP.

A new threat was recently discovered that you need to know about. Malware dubbed Clicker was caught hiding in 16 apps that secretly click ads after installation. Keep reading for the list of bad apps and ways to protect your devices.

What is Clicker?

Cybercriminals the world over pride themselves on the different ways they’re able to squirm their malicious programs into your tech. Researchers at McAfee Labs recently discovered 16 apps hiding Clicker malware.

They all have one thing in common. They masquerade as useful utility apps, including a language translator, dictionary, and other tools like flashlights and task managers.

The reality is these apps are hiding adware. Once installed, the malware starts visiting sites in the background to click on ads, turning a profit for the cybercriminals while slowing down your system. It can even serve annoying pop-up ads on your device.

The apps were all on the Google Play Store and have been downloaded over 20 million times. Thankfully Google removed the apps in question once reported by McAfee. But that doesn’t mean you don’t already have one or more on your device.

Here’s the complete list:

  1. High-Speed Camera (10,000,000+ downloads)
  2. Smart Task Manager (5,000,000+ downloads)
  3. Flashlight+ (kr.caramel.flash_plus) (1,000,000+ downloads)
  4. 달력메모장 (1,000,000+ downloads)
  5. K-Dictionary (1,000,000+ downloads)
  6. BusanBus (1,000,000+ downloads)
  7. Flashlight+ (500,000+ downloads)
  8. Quick Note (500,000+ downloads)
  9. Currency Converter (500,000+ downloads)
  10. Joycode (100,000+ downloads)
  11. ExDica (100,000+ downloads)
  12. Instagram Profile Downloader (100,000+ downloads)
  13. Ez Notes (100,000+ downloads)
  14. 손전등 (1,000+ downloads)
  15. 계산기 (100+ downloads)
  16. Flashlight+ (com.dev.imagevault) (100+ downloads)

NOTE: There are two flashlight…

Source…

Iranian Cyberspy Caught on Zoom Trying to Hack U.S. Target

/in


iran hacker video phishing attempt iran-hacker-video.jpg - Credit: Adobe Stock

iran hacker video phishing attempt iran-hacker-video.jpg – Credit: Adobe Stock

Last month, a U.S. academic logged into a Zoom meeting with “Samuel Valable.” The academic had heard from “Valable” via a LinkedIn account, suggesting the two meet. When the academic logged on, the figure on the other end came through in grainy stills, blaming a bad internet connection for his lack of live footage. Midway through the conversation, he dropped what appeared to be a Google Books link into the Zoom chat. “This is the book that I use as my main material. It’s down here. I sent it in the little chat box,” says “Valable” in the video as a web link with the name “googlebook” appears in the Zoom chat window.

The academic became suspicious, and thanks to some quick thinking — and with the help of a group of cybersecurity researchers — they’ve captured the first-known public live action-recording of an Iranian cyber-spy at work.

More from Rolling Stone

The real Samuel Valable, a French biologist, was nowhere near the Zoom call. Instead, the academic was Zooming with a member of “Charming Kitten,” a cybersecurity industry nickname for a group of hackers affiliated with Iran’s Islamic Revolutionary Guard Corps intelligence organization. And the “Google Book” link was actually a phishing link designed to trick users into “signing in” to a real-looking Google Accounts page and steal their password.

The U.S. academic — who shared the story on the condition of anonymity — wasn’t fooled. Instead, they recorded the call and sent it to the Computer Emergency Response Team in Farsi (CERTFA), a cybersecurity research group that tracks Iranian hackers. The fake links used by the hackers pointed to infrastructure previously used by and attributed to Charming Kitten.   

Live action role playing by a trained, english-speaking impersonator over Zoom represents the next phase of an evolving Iranian hacking campaign. The “Distinguished Impersonator” tactic —  first identified by CERTFA  — moves past traditional tricks like phishing emails and instead present targets with a more reassuring lure—a talking, seemingly authentic representation of a trusted public…

Source…

13 cleaner apps caught hiding malware on the Google Play Store

/in


Between thousands of photos, shared videos and information-intensive applications, your mobile phone’s internal storage can fill up quickly. And if you aren’t sure what is using up the most space, it often involves sifting through the settings to find the culprits.

However, there are a few apps that can do that for you. They scan all the folders, browser cache, system files and games to determine where you can free up some real estate. Many of these apps are helpful, but some only pretend to clean up your device.

Read on for 13 dangerous apps recently found to be hiding malware.

Here’s the backstory

McAfee’s Mobile Research Team found several apps on the Google Play Store that aren’t what they seem. The apps promote themselves as mobile cleaners, promising to remove junk and unused files so your Android device can run smoother.

But instead of doing that, the apps hide malware and continuously show advertisements on the infected device. Furthermore, you don’t need to open the app for the malicious code to start working, as simply downloading it to your phone is enough to trigger it.

According to McAfee, some of the apps hide on the infected device by changing their icon and name to something familiar. The built-in automatic advertising is so aggressive that it pops up every time you install, uninstall, or update apps.

Here’s a list of the malicious apps grouped into the number of downloads:

  • Junk Cleaner (1 million downloads)
  • Keep Clean
  • Full Clean – Clean Cache
  • Quick Cleaner
  • Power Doctor (500,000 downloads)
  • Windy Clean
  • Cool Clean
  • Super Clean
  • Fingertip Cleaner
  • Strong Clean
  • EasyCleaner (100,000 downloads)
  • Carpet Clean
  • Meteor Clean

What you can do about it

In most cases, Google quickly acts when malicious applications appear on the Play Store, removing them before spreading too wide. But don’t leave cybersecurity up to Big Tech. You also need to take precautions on your own.

Here are some tips on how to stay safe:

  • Before downloading an app, check the reviews to see what others say about it. If it has a relatively low…

Source…

2 high school students caught hacking teachers' laptops to steal exam papers

/in



Two high school students in the southwestern city of Gwangju are under investigation after being caught hacking into their teachers’ notebook computers to steal exam papers, police and municipal …

Source…