Tag: devices | Page 6

How to Enable Private DNS on Android Devices

January 3, 2024/in Mobile Security

In today’s digital world, online privacy has become a crucial concern. While Android offers various security features, one often overlooked gem is the Private Domain Name System (DNS). This powerful tool encrypts your internet traffic, shielding your browsing activity from snooping eyes and boosting your overall online security.

Think of DNS as the internet’s phonebook, translating website names into computer-readable addresses. Traditionally, this process was unencrypted, leaving your browsing data exposed to your Internet Service Provider (ISP) or other third parties. Private DNS encrypts this communication, creating a secure tunnel for your internet requests, and adding a layer of privacy and protection.

Google has brought DNS over TLS support to Android by introducing the Private DNS feature. It’s available in Android 9 (Pie) and higher and encrypts all DNS traffic on the phone, including from apps.

The feature is enabled by default and uses a secure channel to connect to the DNS server if the server supports it. But if your ISP or cell service provider’s DNS doesn’t have encrypted DNS support, or you are simply not sure about it, you can use a third-party secure DNS server using the Private DNS feature.

The benefits of secure Private DNS include enhancement of privacy, improved security, and faster browsing. In this guide, we will show you how to activate this powerful feature on your Android device, step-by-step.

Email sent! Check your inbox to complete your signup.

…

Source…

New Android malware family has infected thousands of devices – here’s what we know

December 29, 2023/in Mobile Security

Cybersecurity researchers from McAfee hae uncovered over a dozen malicious apps lurking in the Google Play Store.

The researchers claim these apps were carrying a potent piece of malware, capable of stealing sensitive data from the infected Android devices and possibly even running ad fraud.

The apps were downloaded at least 330,000 times.

Accessibility Service

According to the researchers, the backdoor is called “Xamalicious”, and has so far been discovered in thee following apps:

– Essential Horoscope for Android – 100,000 installs

– 3D Skin Editor for PE Minecraft – 100,000 installs

– Logo Maker Pro – 100,000 installs

– Auto Click Repeater – 10,000 installs

– Count Easy Calorie Calculator – 10,000 installs

– Dots: One Line Connector – 10,000 installs

– Sound Volume Extender – 5,000 installs

After being labeled as malicious, Google removed these apps from its app repository.

While Google’s action is commendable, the move doesn’t protect users who already downloaded the apps in the past, with some reportedly having been available for download since mid-2020. They will have to remove those manually and use an anti-virus program or cleaner to remove up any loose ends.

The majority of the victims were found in the US, the UK, Germany, Spain, Australia, Brazil, Mexico, and Argentina.

To operate properly, the malware asks the victim to grant it Accessibility Service permissions, which is often a red flag and should help most people identify a malicious app from a legitimate one.

That being said, with Accessibility enabled, the malware is able to grab device and hardware information, including Android ID, brand, CPU, model, OS version, language, developer options status, SIM details, and firmware. Furthermore, it can identify the device’s physical location, ISP name, organization, and services. It also comes with a few features to help it determine if it’s installed on a genuine device or an emulator.

Finally, the malware can pull a second-stage payload from the C2 server.

Via BleepingComputer

More from TechRadar Pro

Source…

‘Xamalicious’ Android malware infects 338,000 devices: What you need to know

December 28, 2023/in Computer Security

In a new security discovery, McAfee revealed the existence of a sneaky Android backdoor named Xamalicious, which has infected around 338,000 devices through malicious apps available on Google Play.

The backdoor is hidden within apps built using the open-source Xamarin framework, making it challenging to detect and analyse.

According to McAfee’s telemetry data, the majority of infections were found on devices in the United States, Germany, Spain, the UK, Australia, Brazil, Mexico, and Argentina.

Android Apps Affected by Xamalicious

The 14 infected apps identified by McAfee include popular titles such as Essential Horoscope for Android, 3D Skin Editor for PE Minecraft, Logo Maker Pro, Auto Click Repeater, Count Easy Calorie Calculator, Dots: One Line Connector, Sound Volume Extender, and more.

Once installed, Xamalicious gains access to the device’s sensitive data and system functions through the Accessibility Service, allowing it to execute privileged operations like navigation gestures and hiding on-screen objects.

How Xamalicious Works

The backdoor also communicates with a Command and Control (C2) server to retrieve a second-stage DLL payload (“cache.bin”) if specific conditions related to geography, network, device configuration, and root status are met.

This discovery highlights the importance of staying vigilant while downloading apps, even from official app stores.

Users are advised to regularly check their devices for potential threats and take necessary measures to protect their data and system from malware infections.

Also watch: OxygenOS 14 rolls out in India for OnePlus 9, 9 Pro, 9RT & Nord 2T

Source…

New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices

December 27, 2023/in Computer Security

Dec 27, 2023NewsroomPrivacy / App Security

A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices.

Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it’s developed using an open-source mobile app framework called Xamarin and abuses the operating system’s accessibility permissions to fulfill its objectives.

It’s also capable of gathering metadata about the compromised device and contacting a command-and-control (C2) server to fetch a second-stage payload, but only after determining if it fits the bill.

The second stage is “dynamically injected as an assembly DLL at runtime level to take full control of the device and potentially perform fraudulent actions such as clicking on ads, installing apps, among other actions financially motivated without user consent,” security researcher Fernando Ruiz said.

The cybersecurity firm said it identified 25 apps that come with this active threat, some of which were distributed on the official Google Play Store since mid-2020. The apps are estimated to have been installed at least 327,000 times.

UPCOMING WEBINAR

From USER to ADMIN: Learn How Hackers Gain Full Control

Discover the secret tactics hackers use to become admins, how to detect and block it before it’s too late. Register for our webinar today.

Join Now

A majority of the infections have been reported in Brazil, Argentina, the U.K., Australia, the U.S., Mexico, and other parts of Europe and the Americas. Some of the apps are listed below –

Essential Horoscope for Android (com.anomenforyou.essentialhoroscope)
3D Skin Editor for PE Minecraft (com.littleray.skineditorforpeminecraft)
Logo Maker Pro (com.vyblystudio.dotslinkpuzzles)
Auto Click Repeater (com.autoclickrepeater.free)
Count Easy Calorie Calculator (com.lakhinstudio.counteasycaloriecalculator)
Sound Volume Extender (com.muranogames.easyworkoutsathome)
LetterLink (com.regaliusgames.llinkgame)
NUMEROLOGY: PERSONAL HOROSCOPE &NUMBER PREDICTIONS (com.Ushak.NPHOROSCOPENUMBER)
Step Keeper: Easy Pedometer (com.browgames.stepkeepereasymeter)
Track Your Sleep (com.shvetsStudio.trackYourSleep)
Sound Volume…

Source…

Tag Archive for: devices

Sign up for Techloy

Android Apps Affected by Xamalicious

How Xamalicious Works