Tag Archive for: Versions

CERT-In Issues High-Risk Security Alert On Certain Samsung Mobile Android Versions

/in


SUMMARY

The affected software includes Samsung mobile Android versions 11, 12, 13 and 14

Multiple vulnerabilities have been reported in Samsung products which could allow an attacker to bypass implemented security restrictions, access sensitive information and execute arbitrary code on the targeted system: CERT-In

Samsung is one of the leading smartphone manufacturers in India, along with companies including Xiaomi, OPPO, OnePlus and Apple

The Computer Emergency Response Team (CERT-In), the Centre’s nodal agency dealing with cyber security, has issued a high-risk security alert for four versions of Samsung phones, saying that multiple vulnerabilities have been reported in the products with certain software.

The affected software includes Samsung mobile Android versions 11, 12, 13 and 14.

“Multiple vulnerabilities have been reported in Samsung products which could allow an attacker to bypass implemented security restrictions, access sensitive information and execute arbitrary code on the targeted system,” said CERT-In in its vulnerability note.

These vulnerabilities exist due to issues such as improper access control in Knox features, issues in the facial recognition software, improper authorisation verification vulnerability in AR emoji, improper input validation vulnerability in Smart Clip, and others, said the advisory. 

“Successful exploitation of these vulnerabilities may allow an attacker to trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR emoji, bypass Knox guard lock via changing system time, access arbitrary files, gain access to sensitive information, execute arbitrary code and compromise the targeted system,” it added.

These vulnerabilities are likely to affect a range of Samsung devices, including the Galaxy S23 series, Galaxy Flip 5, and Galaxy Fold 5. 

Meanwhile, Samsung is one of the leading smartphone manufacturers in India, along with companies including Xiaomi, OPPO, OnePlus and Apple. The company has also been bolstering its position as one of the top smartphone manufacturers in the country.

As per a Canalys report, Samsung maintained its top position with…

Source…

Fake versions of popular apps spreading Monero miner malware for years: report

/in


Check Point Research (CPR), the research team of American-Israeli cybersecurity provider Check Point Software Technologies, has uncovered a Monero mining malware dubbed “Nitrokod” that has been sneakily infecting computers across 11 countries since 2019.

In a report, the research team stated the malware often masqueraded as desktop versions of popular applications such as Google Translate, YouTube Music, and Microsoft Translate. These spoof versions are available on dozens of free software download websites, including Softpedia and Uptodown.

In the case of the fake Google Translate desktop app, on which the team based their findings, the research notes that the Turkish-based entity that operates the digital asset mining malware campaign is counting on the lack of an official desktop app to attract users to the app.

“Most of the programs Nitrokod offers are popular software that do not have an official desktop version. For example, the most popular Nitrokod program is the Google Translate desktop application. Google has not released an official desktop version, making the attackers’ version very appealing,” the report said.

The study found that the malware campaign has remained undetected until now due to how it operates. The malware delays initiating the stealth digital asset mining operation for several weeks after the initial software download. It does this by using a scheduled task mechanism that triggers the malware installation over several days and steps while deleting traces of the installation.

Surprisingly, the hackers do not even have to build fake apps from scratch as they are easily created from the official web pages of the owners using a Chromium-based framework that allows them to spread functional programs.

Monero getting increasingly linked to cyber criminals

Check Point estimates that at least one hundred thousand victims across Israel, Germany, the United Kingdom, the United States, Sri Lanka, Cyprus, Australia, Greece, Turkey, Mongolia, and Poland have been inadvertently mining Monero (XMR) with their CPU.

Meanwhile, this is not the first time malwares that insidiously mine the privacy token have been found infecting machines. In an incident in…

Source…

Fake Versions Of Popular Apps Used To Spread Malware On Android

/in


According to Bitdefender, a cybersecurity company, fake versions of popular apps were used to spread malware on Android. Criminals actually spread most of their malware through sideloading.

As most of you know, Android allows you to sideload apps, you don’t have to install them via the Play Store. That is contrary to Apple, and one of Android’s biggest strengths, many would say. Well, it turns out that’s a weakness too, if you’re not careful.

Fake apps have been spreading malware, masking themselves as popular applications

The TeaBot and Flubot are the newest trojans, spotted early this year. Bitdefender spotted a batch of new malicious Android applications that impersonate real ones, and they’re usually doing that for rather popular apps.

The company found five such apps that were containing the TeaBot trojan, and at least one of them has been installed over 50 million times. Those apps use fake ad blocker apps to spread around malware.

Those apps will ask your permission to display over other apps, show notifications, and install apps outside of the Play Store. Once they do that, icons for such apps remain hidden from the app drawer.

TeaBot can do some serious damage, so be extra careful. It can “overlay attacks via Android Accessibility Services, intercept messages, perform various keylogging activities, steal Google Authentication codes, and even take full remote control of Android devices.”

On the flip side is Flubot. This malware is spread through SMS spam. Flubot steals banking, contact, SMS, and other types of private data from infected devices. It can send an SMS with content provided by the CnC.

Stick to the Google Play Store when installing apps, or be extra careful

Flubot usually imitates shipping apps like DHL Express Mobile, Fedex, and Correos. Bitdefender suggests that you stick to the Play Store when installing apps, in order to avoid such problems.

If you take a look at the image / table below, you’ll see a comparison between fake and real apps. Some of the examples include PlutoTV, Kaspersky Antivirus, and VLC.

TeaBot malware fake and real apps

Source…

Critical Android Data-Stealing Security Threat Confirmed For Almost All Android Versions – Forbes

/in

Critical Android Data-Stealing Security Threat Confirmed For Almost All Android Versions  Forbes
“android security news” – read more