Tag Archive for: delete

More than 20 million Android users urged to delete three apps right now

/in


If you entered 2023 with a fitness-focused new year’s resolution, you might be among the millions who have downloaded active apps to stay motivated.

But cyber experts are now warning that dodgy developers could be exploiting your health kick.

WATCH THE VIDEO ABOVE: Queen’s Brian May warns fans his Twitter account has been hacked.

Watch the latest news and stream for free on 7plus >>

Three apps that claim to track and encourage healthy habits are actually serving advertisements and lies.

Pedometer and health tracking apps have been flagged by anti-virus company Doctor Web for claims that users can accrue virtual rewards which can then be exchanged for real money and online gift cards.

However, the developers have removed the applications’ functional ability to withdraw payment in a later update, which effectively means that users attempting to earn money using the app will find their balance becomes worthless.

Apart from being told they can earn these ‘virtual rewards’ by performing fitness tasks, users are also constantly served advertisements and actually encouraged to boost their reward balance by watching them.

The deceptive update was detected in three apps including Lucky Habit: health tracker, which has the same command-and-control (C&C) server as two fitness apps: WalkingJoy and Lucky Step-Walking Tracker.

“This might indicate that they are all connected and that at any moment ‘Lucky Habit: health tracker’ and ‘WalkingJoy’ users may also lose all hope of receiving payments,” Dr Web reports.

All three applications were previously available for download on the Google Play Store, boasting average star ratings above 3.9 stars. However, at the time of writing only Lucky Habit: health tracker was available for download.

The apps had been downloaded over 20 million times cumulatively.

Experts have found that fitness app Lucky Habit, and two associated apps, have been scamming Android users. Credit: Dr Web

The apps’ users are told they need to collect two million “coins” to withdraw the cash equivalent of around $35, but once they have reached the required balance they are prompted to watch 30 more advertisements in order to make a withdrawal.

But after that, no…

Source…

Delete these malware apps from your Android device right now!

/in


A recent virus attack on Android smartphones makes it possible for hackers to remotely control your device and access all of your data.

Hook, a new malware created by the same hackers who made the Android banking viruses BlackRock and ERMAC, opens up new avenues for remote interaction and access to files saved on devices.

Recall that BlackRock made it possible to steal your money and the passwords to all of your banking applications, whereas ERMAC can target cryptocurrency wallets by stealing the victims’ contact information and bank IDs. Due to the fact that fraudulent apps from the Google Play Store were in use to spread the infection. Hundreds of thousands of smartphones were affected.

Hackers are able to control your smartphone from a distance

solarmarker malware

The way the hackers choose to use this new malware makes it unique. It offers all the features of its predecessors, on which it is built. And would be offered for rent for slightly more than $5,000 per month.

Its primary capability, though, is the capacity to seize control of victims’ devices. Additionally, it expands its abilities with Remote Access capabilities, joining Octo and Hydra that can perform full device takeover (DTO) and finish a full fraud chain, from PII exfiltration to transaction, with all the steps in between, without the need for additional channels, according to Dutch cybersecurity firm ThreatFabric.

A “File Manager” command converts the virus into a file manager. Enabling hackers to download particular files of their choice and acquire a list of all things stored on the device. Another command for the popular instant messaging program WhatsApp allows Hook to preserve all chats. And even permits hackers to send messages using the victim’s account.

This malware is available on the global market, unlike other malware. In the US, Australia, Poland, Canada, Turkey, UK, Spain, France, Italy, and Portugal, Hook is focusing on banking apps.

Delete these 34 dangerous malware apps from your mobile

Malware

The Google Play Store has been the target of fresh malware. The official Android and Chrome OS app stores’ security measures do not appear to have been able to stop a total of 34 apps, all of which appeared to be…

Source…

Azov Ransomware can modify its own code to delete every single file on a machine with a single click

/in


A ransomware attack that is successful may be very detrimental to a company. In the event that an organization is caught unprepared, they may be forced to choose between paying a ransom demand or erasing all of the data that was taken. The WannaCry attack, which occurred more than 5 years ago, fundamentally altered cybersecurity. It was the first global-scaled, multi-vectored cyberattack in the form of an attack encrypting for and foremost, a compromised machine’s files, rendering it unusable, though reversible. Its outsized influence on the cyber threat landscape was outstanding, and it was an attack that encrypted for and foremost, a compromised machine’s files.

Since then, ransomware attacks have increased in number, form, and forms, and have evolved to use a variety of strategies and approaches.

The information security industry first became aware of Azov when it was discovered as a payload of the SmokeLoader botnet. This botnet is often located at fraudulent sites that provide unlicensed software and cracks.

The fact that Azov modifies some 64-bit executables in order to run its own code is one of the things that distinguishes it unique from the many other ransomware attacks that have been seen in recent years. The change of executables is accomplished via the use of polymorphic code in order to avoid the possibility of being blocked or discovered by static signatures. In addition, the modification is performed to 64-bit executables, which the typical malware programmer would not have bothered with.

According to the researchers at the Checkpoint “Because of this aggressive polymorphic infection of victim executables, there has been an increase in the number of Azov-infected files that are accessible to the public. VirusTotal receives hundreds of new Azov-related samples on a daily basis, and as of November 2022, the total number of these samples has already surpassed 17,000.”

Malware like Azov is one of a kind since it has the ability to develop its own code, making it simple for it to share personal information with other pieces of malware.

In addition to being able to write code, it also has the power of producing code, which allows it to…

Source…

Check your Android phone immediately and delete these popular apps now

/in


Android phone users have been hit by yet another worrying warning that could leave personal details in the hands of hackers. Security experts at Synopsys Cybersecurity Research Center (CyRC) have discovered three popular applications that appear to have a serious flaw which could allow online crooks to gain full access to vital data such as user names and passwords.

The apps, which are all available via the Google Play Store, have been downloaded over two million times which is why this latest news is so serious.

All of the software included in the warning offers the ability to transform Android phones into remote keyboards or a mouse for PCs. It’s that handy functionally which is why the applications have proven to be so popular.

However, CyRC says its research has uncovered weak or missing authentication mechanisms and insecure communication vulnerabilities in all three of the apps. This means they could be easy to exploit with hackers then able to use the apps to eavesdrop on keystrokes and see exactly what people are inputting, such as passwords, on their PCs.

It’s a pretty scary flaw and here is the full list of apps affected

• Telepad versions 1.0.7 and prior

• PC Keyboard versions 30 and prior

• Lazy Mouse versions 2.0.1 and prior

READ MORE: Google bans another popular Android app and all UK phone owners must delete it now

Although the developers don’t appear to have meant to have released anything malicious the applications remain vulnerable even though they have been warned about the problems.

CyRC has confirmed that it has reached out to the creators of the apps multiple times but has not received a response.

It appears that all three of the applications remain widely used but they are neither maintained nor supported, and evidently, security was not a factor when these applications were developed.

If you think you have them on your Android phone and are worried but the lack of security, CyRC is recommending you remove them immediately.

Speaking about the threat, Synopsys Cybersecurity Research Center (CyRC) said: “We have exposed multiple vulnerabilities in three applications that enable an Android device to be used as a remote keyboard and mouse for their computers.

“Lazy…

Source…