Tag Archive for: Cloned

Indians Are Being Monitored By A Cloned WhatsApp Software That Records Audio And Video 2022

/in


Indians are being monitored by a cloned WhatsApp software that records audio and video 2022

Among the most used apps in India is WhatsApp. More than 400 million Indians actively use the Meta-owned app. Several WhatsApp clone apps are online, even if the original app is free. These clone apps offer some functionalities that are now unavailable on WhatsApp. GB WhatsApp is one such software. According to reports, an unofficial WhatsApp clone software is monitoring the discussions of Indian users.

whatsapp's cloned application spying on indians through recording video audio

According to the data (via) published by cybersecurity research company ESET, India is one of the countries with the highest rates of Android trojan detections. Even if GB WhatsApp cannot be downloaded from the Play Store, it may be set up using an APOK file.

There is no other private communication platform like WhatsApp in India and the entire world. The Facebook-owned American freeware pass messaging application boasts 2 billion monthly users in 180 nations. It is undoubtedly the most widely used messaging service in the world, with an estimated 65 billion texts being exchanged daily and 2 billion seconds of voice and video conversations made daily in 2018.

With 400 million active users, India is WhatsApp’s largest market. In addition to becoming free, WhatsApp is easy to use and enables the sending of text, audio, and video messages and documents. Fresh analysis has cautioned that a cloned, third-party, unapproved edition of WhatsApp is dominating in the country in terms of spying on people’s chats and that India is one of the nations with the highest amount of Android malware detections.

whatsapp: how to use two different accounts on one phone in 4 steps

Most importantly, though, it guarantees end-to-end encryption for all texts and calls, ensuring users of their privacy and the secrecy of their communications. They are not viewable or listenable to anyone outside of this conversation, not even WhatsApp.

The texting service’s previous reputation for confidentiality is now in doubt in India. Beyond protecting content from being communicated and kept on its service from illegal users and exploitation, serious questions are being raised regarding WhatsApp’s capability to safeguard a person’s privacy.

Ironically, a slew of unrelated recent…

Source…

WhatsApp’s cloned app spying on Indians via recording video, audio

/in


New Delhi: India is among the countries with highest number of Android trojan detections and a cloned, third-party unofficial version of WhatsApp is leading in spying on people’s chats in the country, a new report has warned.

Behind a large portion of Android spyware detection in the past four months was ‘GB WhatsApp’ — a popular but cloned third-party version of WhatsApp, according to the report by cyber-security firm ESET.

Such malicious apps have a wide range of spying capabilities, including recording audio and video.

MS Education Academy

“The cloned app is not available on Google Play and, therefore, there are no security checks in place compared with the legitimate WhatsApp, and versions available on various download websites are riddled with malware,” said the report.

India (35 per cent) was also ranked second after China (53 per cent) as the geolocation for bots making up the largest internet of things (IoT) botnet called ‘Mozi’ from May to August 2022.

The IoT botnet ‘Mozi’ saw the number of bots drop by 23 per cdnt from 500,000 compromised devices to 383,000 in May-August.

However, China and India continued to have the highest number of IoT bots geolocated inside the respective countries.

“These statistics confirm the assumption that the ‘Mozi’ botnet is on autopilot, running without human supervision since its reputed author was arrested in 2021,” said the report.

Even with declining numbers, Russian IP addresses continued to be responsible for the largest portion of remote desktop protocol (RDP) attacks.

“Russia was also the country that was most targeted by ransomware, with some of the attacks being politically or ideologically motivated by the war,” said Roman Kovac, Chief Research Officer at ESET.

The report also examined threats mostly impacting home users.

“In terms of threats directly affecting virtual and physical currencies, a web skimmer known as Magecart remains the leading threat going after online shoppers’ credit card details,” said Kovac.

Source…

Chinese-Affiliated APT31 Cloned & Used NSA Hacking Tool

/in


APT31 cloned and reused a Windows-based hacking tool for years before Microsoft patched the vulnerability, researchers report.

APT31, an attack group affiliated with China, copied and used a National Security Agency (NSA) hacking tool years before Microsoft patched the vulnerability, Check Point Research reports.

Researchers have evidence revealing APT31 was able to access and clone a Windows hacking tool linked to the Equation Group, an operation discovered by Kaspersky in 2015. This group, described as one of the world’s most advanced, is believed to have been active since 2001 or earlier and is widely thought to have ties to the NSA’s Tailored Access Operations (TAO).

Both the American-affiliated and Chinese-affiliated versions of the hacking tool exploit CVE-2017-0005, a Windows privilege escalation vulnerability that was unknown at the time and previously attributed to APT31. The APT group has used its own version of the tool, which researchers call “Jian,” since at least 2015 and until Microsoft patched the vulnerability in 2017.

Jian was caught and reported to Microsoft by Lockheed Martin’s Computer Incident Response Team, indicating APT31 possibly used it against an American target. Some reports now indicate Lockheed Martin discovered the Chinese version of the tool used on a US-based network; however, it has not been confirmed which organization was affected. 

Now, researchers report Jian was actually a reconstructed version of an Equation Group tool. This tool, dubbed “EpMe,” is one of four different privilege escalation exploits included in the DanderSpritz attack framework, a post-exploitation framework used by the Equation Group that has a range of tools for persistence, reconnaissance, lateral movement, and bypassing security tools. EpMe dates back to 2013, years before APT31 was caught using it in the wild.

While they may exploit the same vulnerability, Check Point researchers point to “meaningful changes” between the original EpMe tool and the repurposed Jian tool. 

“EpMe, the exploit by Equation Group, is much more comprehensive and more professional,” says Itay Cohen, a Check Point senior security researcher. The entire DanderSpritz framework, of which EpMe is…

Source…

Researcher Showcases Unauthorized NFC Payments With Cloned Android Device – The Merkle

/in

The Merkle

Researcher Showcases Unauthorized NFC Payments With Cloned Android Device
The Merkle
While mobile payments may seem to be all the hype, it is evident there is still a lot of work to be done in the security department. Slawomir Jasek, a renowned security researcher, successfully completed an NFC payment with a cloned smartphone. This

android security – read more