Tag: store | Page 2

Cybercriminals reportedly hack Canadian woman’s online accounts through App Store game

November 3, 2023/in Internet Security

Scams where hackers pose as Apple employees and customer service agents with phishing emails and pop-ups are very prevalent. Just recently, in the summer of 2023, a Saskatoon woman, Jeannette Roy, fell victim to a fake Apple support call scheme and lost $10,000 in the process.

Now, a mother from Cochrane, Alberta, has been struggling to regain control of her online accounts after they were hacked by cybercriminals who infiltrated her devices through a gaming app.

Apps on Apple’s App Store are carefully vetted, and Apple ensures that the apps that make their way to the App Store are free of known malware and haven’t been tampered with. Apple says all of the App Store apps are ‘Sandboxed,’ which means they can only access certain resources and programs that are necessary for their functioning.

However, Wolf Online 2, an animal-themed game, reportedly bypassed Apple’s vetting system, and it is still up on the App Store.

Susanne Jarman downloaded the game for her nine-year-old daughter on her iPad. Jarman also installed the app on her own iPad to join her daughter in the game.

Soon after, Jarman encountered some suspicious players who tried to manipulate her and her daughter’s actions in the game. “There was a time where there was a screen sharing almost, my character dispersed and he was telling us ‘don’t move,’” Jarman told CTV News Calgary.

Jarman soon deleted the app but subsequently discovered a new shared folder in her notes app that contained all her financial files. The hackers had already accessed her iCloud account and changed her Apple ID username and password. They also breached every other account she had, including her banking, tax, and email accounts, and even stole her photos of her late husband, which she cherished dearly.

Jarman has been trying to recover her accounts for the last eight months but has been unsuccessful. She has resorted to living without the Internet until the situation can be resolved. “It is so hard to go back to the 1990s, people don’t want to do that. You go to a place and they ask for your email address and I don’t have one that’s secure,” she explained.

Apple says it is investigating the…

Source…

Steam Store Spreaded Malware After Hacker Hijacked Developer Accounts

October 12, 2023/in Computer Security

Valve’s Steam store was reportedly exploited to spread malware to a small number of users.

The incident occurred after a hacker breached several game developer accounts on Steam. The attacker then circulated malware over the platform through game updates to users.

The problem came to light after Valve was spotted sending out a message to affected users last month about the malware infections. “The Steam account for the developer of this game was recently compromised and the attackers uploaded a new build that contained malware,” the company wrote in the notice.

Simon Carless, founder of the Game Discover Co newsletter, then connected the message to an announcement Valve made this week, notifying game developers about a new security requirement for their accounts. “Looks like it’s related to hackers taking over Steam dev accounts and adding malware to game builds,” he wrote.

Valve has since told PCGamer that multiple game developer accounts were recently compromised. Fortunately, the intrusions only led to fewer than 100 Steam users receiving malware through the game updates. These users have since received warnings from Valve notifying them about the threat.

To prevent future hijackings, Valve is essentially requiring game developers on Steam to enroll in two-factor authentication. However, the company is demanding developers do so by registering their accounts with a phone number to receive the SMS-based two factor codes.

“This change will go live on October 24, 2023, so be sure to add a phone number to your account now. We also plan on adding this requirement for other Steamworks actions in the future,” Valve said in the announcement.

The problem is that SMS-based two factor authentication can be vulnerable to SIM swap attacks and other forms of phishing capable of stealing the access codes. As a result, some game developers have been complaining about the new requirement and instead urging Valve to ditch the SMS-based two factor authentication for more secure authenticator apps.

“Why does every company and their grandpa think they’re entitled to my PRIVATE phone number, that so far I’ve managed to keep reasonably spam free,” added one developer…

Source…

Flipper Zero portable hacking multitool now has an app store for free and open source apps

July 24, 2023/in Internet Security

The Flipper Zero is a pocket-sized tool designed for security researchers, software and hardware hackers, and other folks looking for a portable, versatile, and incredibly geeky toy. Designed to look more like a toy than a hacking tool, it can be used to interact with RFID, NFC, Bluetooth, or IR devices. And there are GPIO pins that let you connect other hardware to extend the capabilities.

When the Flipper Zero first launched through a Kickstarter campaign a few years ago, it shipped with software for basic functionality, but also allowed developers to write their own apps. Now the company behind the Flipper Zero has launched an app store that makes it easy for users to download around a 100 apps.

Store might not really be the best word for it, because all of the apps available are free (and open source). But we’ve gotten used to calling these sorts of software repositories app stores, so I guess it’s handy to have an easy-to-understand name for the place where you can install software for a not-that-easy-to-describe device.

The Flipper Zero app store is built into the official Android and iOS apps for the device, allowing you browse and install software without scouring a bunch of different sources on the internet.

Everything in the store has also been reviewed by the folks at Flipper Devices, so you can ensure they should be fairly safe to use.

The Flipper Zero features a 1.4 inch, 128 x 64 pixel monochrome, sunlight-readable LCD display, a 5-button direction pad for navigation plus a back button, a status LED, microSD card reader, IR transceiver, and sub-1 GHz transceiver with a range of up to 50 meters.

IR support lets you use it to as a TV remote, garage door opener, or controller for an air conditioner or other appliances. An integrated 125 kHz antenna allows you to use the Flipper Zero to read and even clone old-school RFID security badges.

There’s also a built-in 13.56 MHz NFC module and a 433 MHz antenna for communicating with other Flipper devices. You can also use the Flipper Zero as a multi-factor security authentication device.

The GPIO pins let you add a WiFi module or other hardware. And the device’s 2,000 mAh battery should last for 7 days to a month, depending…

Source…

Android users urged to delete these 19 Google Play Store apps infected with money-sucking malware

April 30, 2023/in Computer Security

Millions of Android users are being warned to check their phone for a string of apps which have been hijacked my malicious viruses.

There are three main viruses currently using 19 apps to steal sensitive information and secretly sign up users to premium services, monetising the infection.

One of the malware strains has already been downloaded more than three million times.

Watch the latest News on Channel 7 or stream for free on 7plus >>

Because Android is an open source operating system, it can run any third-party app, unlike iOS.

While this makes devices more customisable, it also leaves them open to harmful cyber attacks, with malware commonly hidden in the coding of seemingly harmless apps.

According to the experts at MalwareFox, cyber criminals download real apps from the Google Play Store, and inject malicious viruses into the backend coding of those programs, before re-uploading them to the store under a new name.

Malware is always adapting and finding new ways to invade devices, but cybersecurity experts are always on the hunt for them.

Here are the viruses currently doing the rounds, and the apps they are hiding in, according to MalwareFox.

Joker Spyware

This spyware gathers sensitive data like contact lists and SMS messages, and can register the device for premium services without consent.

It is hiding in the following apps:

Simple Note Scanner – com.wuwan.pdfscan
Universal PDF Scanner – com.unpdf.scan.read.docscanuniver
Private Messenger – com.recollect.linkus
Premium SMS – com.premium.put.trustsms
Blood Pressure Checker – com.bloodpressurechecker.tangjiang
Cool Keyboard – com.colate.gthemekeyboard
Paint Art
Color Message.

Harly Trojan

This Trojan uses China Telecom’s code — 46011, according to Malware experts at Kaspersky, which say it gives clues to suggest the malware developers are located in China.

It can also subscribe users to premium services in an invisible window to monetise the infection.

It is hiding in the following apps:

Fare Gamehub and Box
Hope Camera-Picture Record
Same Launcher and Live Wallpaper
Amazing Wallpaper
Cool Emoji Editor and Sticker

Autolycos Malware

This malware has already been downloaded more than three million times, according to PCrisk.

It also…

Source…

Tag Archive for: store