Tag Archive for: Hidden

Measuring your Android device’s hidden hack hazards: The vital diagnostic check to keep devices secure

/in


With the Optus hack attack sparking fresh data security concerns across the country, Android users again have been urged to run security checks on their devices given the popular operating system’s ongoing susceptibility to hackers and malware.

For example, there’s Android malware like Ads Blocker, which as CNET points out, promises to prevent pop-ups, but instead simply serve up more ads which the app’s developers are paid to flood your screen with.

WATCH THE VIDEO ABOVE: Optus facing serious bill over massive data breach.

Watch the latest News on Channel 7 or stream for free on 7plus >>

Then there’s the more serious Man In The Middle (MITM) attacks, in which a hacker can set up a fraudulent WiFi network disguised as an innocuous public network like those usually made available to patrons in a cafe or shopping centre.

However, once the Android user joins it, the hacker then has complete access to the device and can either log keystrokes or install more Android malware.

Malware found in multiple Android apps. Credit: Dr. Web/Google Play Store

So why are Android users at more risk? It comes down to the fact that the operating system is Linux-based and partly open-source, which means it can be modified by anyone.

In contrast Apple’s iOS system is closed source. That same point of difference is what makes Android currently the world’s most popular system with 2.5 billion active users on devices made by a number of different companies, such as Samsung, Oppo and Motorola. Meanwhile Apple’s iOS is totally confined to Apple devices.

But there’s an easy diagnostic check Android users can run on their device to highlight how much hacking danger they are in.

Simply head to your device’s settings section and click on the Security tab.

On the top of the page a small chart will outline the security status of the device, with the following classifications:

  • No problems found: No security issues are present on your device or Google Account (usually with a tick inside a green circle)
  • Security can be improved: You have security recommendations (usually with a tick inside a green circle)
  • Security may be at risk: Please review the security recommendations and take action to secure your account…

Source…

Hidden Weakness: Cyberwarfare Can Bring Down Xi Jinping

/in


Domestic resistance to Chinese president Xi Jinping is currently manifesting in a wave of sensitive data leaks from within China. This is decisive for two reasons. First, it reveals a sharp value divergence between the policies and practices of the Communist Chinese regime and the rapidly changing political culture of the Chinese people. If this critical vulnerability is escalated by agents within or outside of China, it could lead to a crisis of legitimacy in Beijing. Second, these data leaks reveal China’s asymmetric susceptibility to cyber warfare. Beijing’s hyper-sensitivity to attacks on its legitimacy, both historically and with the current government, provide a powerful retaliatory instrument against hybrid Chinese aggression, as well as China’s cyber espionage and public diplomacy campaigns.

A recent spate of classified file leaks from China is a strong indicator that there is a factional struggle in the lead-up to the crucial 20th National Congress of the Chinese Communist Party (CCP) that will determine whether President Xi Jinping will secure an indefinite appointment as General Secretary. Xi Jinping, whose support base is narrow within the party but benefits from strong popular support, faces those targeted by his successive anti-corruption campaigns, including the business-oriented Shanghai Gang of Jiang Zemin. For example, Jiang Zemin’s grandson, Jiang Zhicheng (Alvin Jiang), and Jack Ma’s relationship can be traced back to 2012 given Alibaba’s close affiliation with the Jiang faction. In April 2022, a book entitled China Duel, authored by a princeling with the pseudonym Yang Xiang, revealed extensive details on the Jiang faction’s attempt to have Xi demoted and dismissed at the end of Hu Jintao’s tenure in 2012.

In early 2022, well-connected British journalist John Sudworth, who has nearly ten years of experience reporting from mainland China, obtained highly classified documents known as the Xinjiang Police Files from a database containing more than five thousand photographs of Uighur detainees from between January and July 2018. Although some allege the files were hacked by an external actor, the prevailing evidence suggests that it was released…

Source…

In-app mobile browsers pose hidden privacy risks

/in


The browsers built into popular apps like Facebook and Twitter provide convenience for users looking to read a page — but also open them to broad privacy and security risks, as recent reports have highlighted.

The big picture: In-app browsers allow mobile users to follow links and read web pages without having to switch out of the app they’re using. But it’s difficult to audit who ends up with the data trails this browser activity creates — and that personal information could end up in the hands of the app maker.

How it works: Both Apple (iOS) and Google (Android) say they apply the same rules to in-app browsers that they apply to any other part of an app that they distribute in their app stores: Both companies require app makers to disclose all information they collect as part of their privacy policies.

  • Google also says it looks for data collected via in-app browser as part of its automated scans of apps submitted to the Google Play store.
  • Apple’s policies also prohibit particularly egregious abuses, such as surreptitiously discovering passwords or other private data.

Driving the news: Security researcher Felix Krause published a series of findings recently — including a report on TikTok last week and an earlier look at Instagram and Facebook — suggesting that many in-app browsers contain code that gives the app owners the ability to monitor what users tap, click or type.

Between the lines: App developers have the potential to collect more user information when they make use of an in-app browser to open links — and that could lead to more hidden data collection and heightened security risks, experts tell Axios.

  • Simple modifications to in-app browsers could easily allow platforms to track when someone types, clicks on a link or taps the screen, said Nick Doty, a senior fellow focused on internet architecture at the Center for Democracy and Technology.
  • This is true of all browsers, but with in-app browsers, users typically don’t realize that they’ve shifted into a different environment that might have different data collection practices — they might just think they’re using their default mobile browser, like Safari or Chrome, Doty told Axios.

Yes, but: It’s hard to say…

Source…

The danger of counterfeit mobile phones, with hidden Trojans and malware

/in


The question is clear, why having completely solvent mid-range and entry-level mobiles, would we want to get hold of a fake. Well, the reality is that in developing countries these types of mobiles are still seen, which usually copy the external appearance of the most desired high-end mobiles.

New examples of its dangerousness

Today we are talking about this type of device again precisely because a good number of terminals have been discovered that would be infected with malicious software no less than in the system partition, come on, you are infected with malware in a severe way. It is a series of mobile phones that are mere counterfeits of other better-known models, and from the names you can get an idea of ​​what we are talking about.

These models are known as P48pro, radmi note 8, Note30u and Mate40, which are named in this way precisely to generate confusion in the consumers themselves, who, between the similar design and the similar name, end up achieving their objective of deceiving the victims. These versions of popular smartphones are called counterfeitand this example revealed by Doctor Web is one of the best exponents of what we are telling you.

Malicious and outdated software

Hackers are so obsessed with creating devices designed to infect victims that the software they carry is not old, but directly antediluvian. Because these mobiles that have found Trojans and malware inside their system partition, precisely have a version of Android with more than a decade behind them, as it is Android 4.4.2.

iphone speaker

Specifically, these phones have been detected with a clear manipulation in their operating system, specifically two files, the “/system/lib/libcutils.so” and “/system/lib/libmtd.so” that have been modified so that when any app uses one of these libraries, the Trojanization process of the mobile phone is triggered, in such a way that the indiscriminate download of malicious software to the smartphone begins, which is the objective with which this type is created of mobiles.

additional rear door

These researchers have also been able to discover that when WhatsApp or WhatsApp Business is executed, a new vulnerability, which is capable of opening a third…

Source…