Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

Spyware disguised as COVID-19 tracker app actually keeps track of users

Another malicious actor has weaponized an otherwise legitimate, interactive coronavirus tracking map created by Johns Hopkins University — this time to deliver Android spyware as part of a campaign that originates out of Libya and seemingly targets individuals within that country. The surveillanceware, known as SpyMax, comes packaged in a trojanized application named “corona live…

Password found to rescue victims of malicious COVID-19 tracker app

Members of the IT and cybersecurity communities have successfully obtained a password key for victims of CovidLock Android ransomware, which comes disguised as an app that supposedly helps track cases of the coronavirus, but actually locks users’ phones and demands a ransom in order to restore access. The unlock token has been verified as 4865083501.…

Coronavirus tracking app locks up Android phones for ransom

A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom in order to restore access. (Note: a password key has since been published. See follow-up story here.) Dubbed CovidLock, the newly discovered ransomware performs a screen-lock attack by forcing a change in the password required…

Cookie-stealing Android trojan likely used for spam distribution campaign

Who stole the cookie from the cookie jar? It’s Cookiethief, a newly discovered Android trojan that gains root access to devices and exfiltrates browser and Facebook app cookies to a malicious server. Attackers typically use stolen cookies to impersonate victims and access their online accounts in unauthorized fashion. In this instance, researchers believe the culprits…

T-Mobile CEO John Legere

T-Mobile email vendor breach exposes info on customers, employees

A “sophisticated attack” at against T-Mobile’s email vendor gave an unauthorized third party access to some of the mobile provider’s employee email accounts that contained account information for T-Mobile customers and employees. The information may have included customer names and addresses, phone numbers, account numbers, rate plans and features, and billing information, the T-Mobile said in a…

Walgreens mobile app leaked PII, PHI on ‘small percentage’ of customers

A leak in the Walgreens mobile app’s messaging service exposed personal information – including what the company said was “limited health-related data” – on a “small percentage” of customers who used the app between Jan. 9-15. “Fortunately for consumers, the short exposure window of the vulnerability and the specific conditions required should keep the impact…

Huawei responds to allegations of NSA hacking

Justice Dept. expands Huawei indictment, charging 5G espionage

The U.S. government expanded its year-old lawsuit against Chinese tech firm Huawei, alleging the company conducted cyber espionage on six American competitors in an attempt to steal trade secrets to gain an unfair advantage. Filed in the federal court’s Southern District in Brooklyn, the indictment charges that Huawei’s activities violated racketeering laws by illegally gaining…

vote network security

Voatz mobile voting app vulnerable, MIT researchers say

On the heels of the voting app debacle during the Iowa Democratic caucuses, researchers at MIT have found multiple security- and privacy-related vulnerabilities in an online voting app, Voatz, used in West Virginia during the 2018 midterm elections and on track to be used again for the 2020 contests, according to a security audit released…

Malicious apps now post their own positive reviews on Google Play

The assault on Google’s Play Store continues with 30 malicious apps being revealed that have been downloaded hundreds of millions of times and having capabilities that have caused security firms suggesting end users take extraordinary steps to vet software prior to downloading. VPNpro and Trend Micro made public 24 and four apps, respectively, that are…

Next post in APTs/cyberespionage