Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

Apple Store

Apple to send research phones to trusted hackers

Apple on Wednesday officially launched its iOS Security Research Device (SRD) program — a significant milestone for the white-hat hacker community, which has made significant strides in recent years gaining the trust of software developers, tech manufacturers and website operators that previously were reluctant to work with outsiders on security issues. Under the terms of…

Huawei ban driven by security, trade considerations

The recent U.K. ban on the use of Huawei technology in its 5G wireless network is likely as much about salvaging the deteriorating U.S.-U.K. Sino relationship and restoring trade normalcy as it is about security. “There are clearly legitimate security concerns around Huawei, particularly given that as a result of the trade ban, equipment will…

Is TikTok out of time? Experts mull implications of ban

Edicts by Wells Fargo, India and the U.S. military forbidding use of popular Chinese video-sharing app TikTok, may portend a national ban and raise questions if such a prohibition would be practical and enforceable, and what the greater implications would be. Owned by Beijing-based internet technology company ByteDance, TikTok has been downloaded more than 2…

Report accuses China of extensive mobile spyware use to track ethnic minority group

A new blog post and research report from the Lookout Threat Intelligence Team has exposed the lengths to which a reputed Chinese government-sponsored APT operation has allegedly gone to track the country’s Uyghur minority population, including the trojanization of mobile apps with surveillanceware. Lookout details four spyware families — SilkBean, DoubleAgent, CarbonSteal and GoldenEagle —…

Glupteba malware leverages blockchain as a communications channel

Glupteba malware does something novel: It uses the bitcoin blockchain as a communications channel to receive updated configuration information. That’s important because malware always needs a way to go back to its home base, preferably without being detected, according to a paper released this week by Sophos Labs researchers. The new form of malware sprinkles…

Mobile ransomware disguised as upcoming Canadian Covid-19 contact tracing app

Capitalizing on a Canadian government announcement pertaining to the development of a nationwide, voluntary Covid-19 contact tracing app, malicious actors this month created a fake version of such an app that in reality infects Android users with mobile ransomware. According to a new blog post from ESET, the ransomware, dubbed CryCryptor, was found being distributed…

Amnesty Int’l: Norway, Bahrain & Kuwait Covid-19 apps threaten privacy

An Amnesty International study of 11 Covid-19 contact tracing apps from Europe, the Middle East and North Africa found identified apps from Bahrain, Kuwait and Norway as the most dangerous to users’ privacy. In a news release published on Tuesday, the human rights organization’s Security Lab said Bahrain’s ‘BeAware Bahrain’, Kuwait’s ‘Shlonik’ and Norway’s ‘Smittestopp’…

Malware found in popular barcode apps produces ads that instantly vanish

A pair of Android barcode reader apps that were downloaded more than 1 million times were found to contain ad fraud malware that tries to stay hidden by generating advertisements that instantly disappear from view. The malware, detected as AndroidOS_HiddenAd.HRXJA, can operate in the background even when infected devices aren’t actively being used, and it…

StrandHogg 2.0 bug enables Android app hijacking, poses patching challenge

A critical elevation-of-privilege vulnerability found in Android devices could potentially be exploited, without root access or user permission, to hijack virtually all mobile apps in order to spy on individuals or steal their login credentials. Google has developed a security patch for Android versions 8, 8.1 and 9 — alerting its partners of the update…

Next post in Vulnerabilities