Tag Archive for: Phones

Millions of Android phones come with pre-installed malware, and there’s no easy fix

/in


Why it matters: The Google Play Store is notorious for harboring apps that contain malware, adware, or some flavor of spyware or fleeceware. A little-known fact is that hackers are increasingly turning to pre-installed apps to do their misdeeds, but researchers are once again trying to raise attention to this growing trend. Millions of affordable Android phones come with a large number of pre-installed apps, and hackers only need to subvert one. Solving this problem, however, is a much more difficult task compared to dealing with rogue apps that make it into the Play Store.

Last month, we learned that malware had been discovered in 60 Android apps with over 100 million downloads – another black eye for the mobile operating system that has an estimated three billion active users worldwide. Malicious developers regularly exploit various loopholes in Google’s app vetting process to create apps that steal login credentials or fleeceware that squeeze as much as $400 million per year from users by tricking them into signing up for expensive in-app subscriptions.

However, researchers at Trend Micro are sounding the alarm about the growing trend of Android devices that come with malicious software pre-installed. While you can easily remove an app you’ve downloaded from the Play Store, dealing with malware baked into system apps or device firmware is a much more difficult task.

Android’s open nature allows manufacturers to create a wide range of phone models and target price-conscious consumers with more affordable options, but it also opens the door for hackers to sneak in malicious code before those devices even leave the factory floor. And this risk also applies to other Android devices – everything from smartwatches to tablets, set-top boxes, and smart TVs.

Senior Trend Micro researcher Fyodor Yarochkin says pre-installed malware has become a lot more common in recent years partly because of a race to the bottom among mobile firmware developers. Once it became unprofitable to sell firmware, many of them started offering it for free.

As you’d expect, there’s a catch to this new business model – many of the firmware images analyzed by Trend Micro contained bits…

Source…

A ‘hacking campaign’ against Android phones, explained

/in


Amnesty International revealed this week that its Security Lab has uncovered a “sophisticated hacking campaign by a mercenary spyware company.” They say it has been running “since at least 2020” and takes aim at Android smartphones with a number of “zero-day” security vulnerabilities. (A “zero day” vulnerability is an exploit that is previously undiscovered and unmitigated.) 

Amnesty International disclosed the details of the campaign to Google’s Threat Analysis Group, so it—as well as other affected companies, including Samsung—have since been able to release the necessary security patches for their devices. 

Amnesty International’s Security Lab is responsible for monitoring and investigating companies and governments that employ cyber-surveillance technologies to threaten human rights defenders, journalists, and civil society. It was instrumental in uncovering the extent to which NSO Group’s Pegasus Spyware was used by governments around the world

While the Security Lab continues to investigate this latest spyware campaign, Amnesty International is not revealing the company it has implicated (though Google suggests it’s Variston, a group it discovered in 2022). Either way, Amnesty International claims that the attack has “all the hallmarks of an advanced spyware campaign developed by a commercial cyber-surveillance company and sold to governments hackers to carry out targeted spyware attacks.”

As part of the spyware campaign, Google’s Threat Analysis Group discovered that Samsung users in the United Arab Emirates were being targeted with one-time links sent over SMS. If they opened the link in the default Samsung Internet Browser, a “fully featured Android spyware suite” that was capable of decrypting and capturing data from various chat services and browser applications would get installed on their phone. 

The exploit relied on a chain of multiple zero-day and discovered but unpatched vulnerabilities, which reflects badly on Samsung. A fix was released for one of the unpatched vulnerabilities in January 2022 and for the other in August 2022. Google contends that if Samsung had released the security updates,…

Source…

Do you have one of these Android phones at risk of no-click hacks?

/in


Researchers recently discovered that certain mobile phones suffer from a severe flaw where no user interaction is required to be hacked. These are called no-click hacks, and often the criminal only needs to know the target’s phone number.

Read on to see how these attacks work and what you can do to stay safe.

Android phones with dangerous zero-day flaws

Google’s Project Zero is an initiative from the tech giant to hunt down zero-day flaws in the Android operating system, Chrome and other apps. A zero-day vulnerability is one that’s previously unknown to security teams that work with the impacted software. 

Project Zero recently disclosed it found 18 zero-day vulnerabilities in Exynos Modems produced by Samsung. Of the lot, four vulnerabilities are rated severe and used for internet-to-baseband remote code execution.

Project Zero confirms that “those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker knows the victim’s phone number.”

Here are the mobile phones and other tech that potentially suffer from the flaw:

  • Samsung S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series.
  • Vivo S16, S15, S6, X70, X60 and X30 series.
  • Google Pixel 6 and Pixel 7 series.
  • Any wearables that use the Exynos W920 chipset.
  • Any vehicles that use the Exynos Auto T5123 chipset.

NOTE: Some phones on the list are sold in Europe with a Qualcomm chipset and modem rather than Exynos.

How to protect against this vulnerability

While there isn’t an official fix, there is a setting you can turn off that prevents the exploitation of the vulnerability. Project Zero suggests turning off Wi-Fi calling and Voice-over-LTE (VoLTE) to “remove the exploitation risk.”

However, if you own a Google Pixel phone, you must update it to the latest version, released earlier this month. The update includes a patch for this problem.

Here’s how to turn off Wi-Fi calling on your Android device:

  • Open the Settings app.
  • Tap Connections

Source…

Google releases security updates for Android owners with millions warned over ‘critical’ flaws putting phones at risk

/in


Millions of Android owners are being urged to update their devices to fix security flaws making their phones vulnerable to hackers.

Google this week released its March security updates, revealing 60 flaws including critical-level vulnerabilities that need to be addressed.

WATCH THE VIDEO ABOVE: Flip phones making a return with a modern twist.

Watch the latest News on Channel 7 or stream for free on 7plus >>

The flaws are fixed by two security patches, 2023-03-01 and 2023-03-05, that can be downloaded by updating the device.

The first patch fixes core Android components like framework, system and Google Play, while the second deals with fixes for third-party vendor components from MediaTek, Unisoc and Qualcomm.

“The most severe of these issues is a critical security vulnerability in the system component that could lead to remote code execution with no additional execution privileges needed,” Android says in its latest security bulletin.

“User interaction is not needed for exploitation.”

Google chooses to withhold additional information on the two critical-level security flaws affecting the Android system, tracked as CVE-2023-20951 and CVE-2023-20954, to prevent hackers from exploiting devices before the owners have the chance to apply the updates, Bleeping Computer reports.

Two other critical severity vulnerabilities, tracked as CVE-2022-33213 and CVE-2022-33256, have been identified on closed-source Qualcomm components, while all other flaws are high-severity vulnerabilities.

To update your device, head to settings and system update or select security and privacy and then choose security update.

“We encourage all users to update to the latest version of Android where possible,” Android said.

To learn if a device is updated to the necessary security patch level, visit here.

Aussie woman gets stuck in KFC drive through after alcohol interlock goes off.

Source…