Tag: ios | Page 21

Lookout Exposes New Spyware Used by Sextortionists to Blackmail iOS and Android Users

December 16, 2020/in Mobile Security

SAN FRANCISCO, Dec. 16, 2020 /PRNewswire/ — Lookout, Inc., the leader in mobile security, today announced the discovery of Goontact, a new spyware targeting iOS and Android users in multiple Asian countries. Uncovered by the Lookout Threat Intelligence team, Goontact targets users of illicit sites and steals personal information stored on their mobile devices. Evidence shows these sextortion scams are affecting Chinese-, Japanese- and Korean-speaking people. Goontact may also be operating in Thailand and Vietnam. Lookout discovered evidence the campaign may have been active since 2018 and is still active today.

The goal of adversaries is likely extortion or blackmail, based on the information gathered and the quality of the sites that distribute these malicious apps. The bounty of information Goontact can exfiltrate includes device identifiers and phone numbers, contact information, SMS messages, photos on external storage and even location information. The culprits spearheading Goontact are still unknown but based on the Lookout research, it is highly probable that Goontact is the newest addition to a crime affiliate’s arsenal, rather than nation-state actors.

The private data individuals keep on mobile devices both makes it easier for cybercriminals to socially engineer successful attacks and, in the case of Goontact, run successful extortion campaigns. Acting on human impulse, this scam begins when potential targets are lured into initiating a conversation on websites offering escort services. In reality the targets communicate with Goontact operators who later convince them to install mobile applications meant to enhance the user experience. The mobile applications in question appear to have no real user functionality, except to steal the victim’s personal data, which is then used by the attacker ultimately to extort money from the target.

“It’s no secret that mobile devices are a treasure trove for cybercriminals,” said Phil Hochmuth, Program Vice President of Enterprise Mobility at IDC. “As the use of mobile devices continues to increase, so does the maturity of iOS and Android cybercrime. Now more than ever, consumers must be proactive in avoiding compromise with…

Source…

The Ultimate Protection for All Your Devices – McAfee Mobile Security

November 21, 2020/in Video

10 Steps To Avoid Getting Hacked On Your Smartphone

November 14, 2020/in Video

Tianfu Cup Hackers Exploit Microsoft Windows, Google Chrome, and iOS in Minutes

November 10, 2020/in Internet Security

How easy is it hack some of the world’s most popular software, such as Microsoft’s Windows 10 and Google’s Chrome? Well, quite easy it seems, at least for some of the world’s best hackers. That’s what happened at this year’s Tianfu Cup in China, where brand new exploits were used against leading services.

If you are unfamiliar with the Tianfu Cup, it is one of the biggest hacking competitions in the world and the largest in China. Held in central China city Chengdu each year, the competition has become a proving ground for security researchers.

It is also a place where the best tech software can test their mettle against zero-day exploits. Over the two-day event, security researchers test how popular software can handle zero-day vulnerability threats.

Hackers at the Tianfu Cup are looking to exploit apps and programs with never-seen-before attacks. If they succeed a point is earned, and the researchers with the most points win prizes. Last year, Microsoft Edge was successfully breached, and it seems Windows 10 was this year.

Many mature and hard targets have been pwned on this year’s contest. 11 out of 16 targets cracked with 23 successful demos:
Chrome, Safari, FireFox
Adobe PDF Reader
Docker-CE, VMware EXSi, Qemu, CentOS 8
iPhone 11 Pro+iOS 14, GalaxyS20
Windows 10 2004
TP-Link, ASUS Router
👍

— TianfuCup (@TianfuCup) November 8, 2020

While that’s not good news for Microsoft, the company is certainly not alone. In fact, many leading platforms and services were compromised during the event. It is worth noting companies welcome these hackathons for exposing issues in software that can be fixed before an in-the-wild exploit is made.

“Many mature and hard targets have been pwned on this year’s contest,” organizers said today. The following services were successfully breached:

iOS 14 running on an iPhone 11 Pro
Samsung Galaxy S20
Windows 10 v2004 (April 2020 edition)
Ubuntu
Chrome
Safari
Firefox
Adobe PDF Reader
Docker (Community Edition)
VMWare EXSi (hypervisor)
QEMU (emulator & virtualizer)
TP-Link and ASUS router firmware

Fifteen Chinese hacking groups took part in the Tianfu Cup this year. Each hacker gets three five-minute windows to attempt to…

Source…

Tag Archive for: ios