Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

iPhone jailbreakers lured to click fraud site

A cybergang has created a malicious website that dangles the reward of being able to jailbreak an iPhone, but instead injects the device with click fraud malware. The threat actors use the legitimate Checkm8 vulnerability, which does allow some legacy iOS devices to be jailbroken, as the basis for their program, reported Cisco Talos researchers…

mobile security

Kernel privilege escalation bug actively exploited in Android devices

Researchers have discovered a zero-day kernel privilege escalation bug that can result in the full compromise of certain Android devices and is apparently being exploited in the wild. Devices known to be affected by the high-level, use-after-free vulnerability include the Pixel 1, 1X:, 2 and 2 XL; the Huawei P20; the Xiaomi Redmi 5A; the…

Criminals’ security lapses enable discovery of Geost mobile banking trojan

Thanks in no small part to the perpetrators’ own sloppy operational security, researchers have uncovered a large Android banking trojan scheme that may have impacted hundreds of millions of Russians. Dubbed Geost, the malware is distributed via a malicious cybercriminal botnet operation consisting of 13 command-and-control servers and more than 140 malicious domains, according to…

New checkm8 exploit can jailbreak millions of iOS devices

An independent researcher who goes by the Twitter handle axi0mX has discovered and published an iOS jailbreak exploit that applies to hundreds of millions of devices and cannot be patched. Named checkm8, the exploit leverages a race condition vulnerability found in the bootrom, a read-only memory chip that contains the first code that initially loads…

Apple updates software, fixes flaw affecting third-party keyboard apps

Apple last week released a series of software updates that repaired vulnerabilities in iOS, iPadOS, macOS Mojave, macOS High Sierra, macOS Sierra, watchOS, tvOS, Apple TV Software and Safari. This included a fix for an iOS/iPadOS flaw that, due to improper sandbox restrictions, can grant third-party keyboard extensions full access to iPhone, iPad and iPod…

Miscreants infected a poker player's laptop malware that monitored his every online gambling move.

Illegal gambling apps snuck into Apple and Google stores

Google and Apple recently removed hundreds of apps from their respective app stores after being informed they were actually fronts for gambling operations. While it’s not unusual to find malicious apps, this operation was different in that many of the apps passed through Google and Apple’s vetting process, Trend Micro reported. This was accomplished by…

Magecart card-skimming group targets L7 routers used by high-traffic locales

A prominent Magecart cybercriminal group appears to be testing card-skimming code capable of compromising commercial-grade layer 7 (L7) routers used by airports, casinos, hotels and resorts, researchers are reporting. The threat actor, deemed Magecart Group 5 or MG5, has seemingly also experimented with injecting code into a popular open-source mobile app code. Such an attack…

Android apps with scores of downloads serve up annoying ads, unwanted subscriptions

Hundreds of millions of Android devices have potentially been compromised by malicious adware and ad fraud apps that on the surface appear to offer harmless services such as selfie filters, weather forecasts or VPN security, according to a trio of recently released research reports. Late last week, researchers at mobile security company Wandera reported finding…

Tricks of the trade: Mac malware impersonates trading app

Researchers have uncovered two variants of information-stealing Mac malware that impersonates a legitimate stocks and cryptocurrency trading application. The two variants, identified by Trend Micro as Trojan.MacOS.GMERA.A and Trojan.MacOS.GMERA.B, both include a copy of Stockfolio version 1.4.13, along with the malware author’s digital certificate and various malicious components. The first variant’s components include a Mach-O…

Next post in Cybercrime