Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

Mobile Flaws

44M leaked Pakistani mobile user records apparently belong to Jazz

A month after hacker peddled 115 million records of Pakistani mobile users, information on 44 million of them have been leaked online. The data leaked include PII and other information such as mobile and landline numbers, names, addresses, subscriptions and national identification numbers, according to ZDNet, which, after comparing the 44 million records to 55…

‘About Coronavirus’ app locks Android screens with repackaged malware

An existing version of the Android device screen-locking malware SLocker has apparently been copied and repackaged in the form of a mobile coronavirus app, in hopes of drawing in victims and encouraging downloads from third-party marketplace sites. Researchers at Bitdefender found the malicious app, which has been targeting users in Ukraine, Russia, Kazakhstan, Turkmenistan and…

Banking trojan attack exposes dangers of not securing MDM solutions

A global conglomerate had 75 percent of its mobile devices infected by a variant of the Cerberus Android banking trojan after an attack compromised the company’s mobile device management (MDM) server and used it to spread the malware. In a company blog post report, Check Point Software Technologies identifies MDM as a fairly novel malware…

PluginPhantom

PhantomLance campaign slipped trojanized apps into marketplaces for years

A long-running malware campaign whose activity dates back to 2016 has been using a sophisticated playbook of tricks to sneak trojanized Android apps into the Google Play Store as well as third-party marketplaces. Researchers from Kaspersky have dubbed the campaign PhantomLance and, based on certain calling cards, have attributed it with medium confidence to the…

20M Aptoide accounts exposed by leak on hacker forum

More than 20 million accounts registered with the software marketplace application Aptoide have been reportedly exposed after a unknown actor posted stolen user data on a hacking forum. Researchers with Under the Breach discovered the data dump and disclosed the incident via Twitter. ZDNet reported additional details the same day. Aptoide is a blockchain-based decentralized…

Security in 2015: Biometrics

Researchers fool devices’ biometric scanners with replicated fingerprints

Researchers at Cisco Talos said they were able to fool biometrics-based user authentication technology on eight mobile devices by using 3D-printed molds to create replicates of users’ fingerprints. The process Talos researchers developed to fabricate a user’s biometric signature required a painstaking effort, and in real life would require either direct or indirect access to…

Spyware disguised as COVID-19 tracker app actually keeps track of users

Another malicious actor has weaponized an otherwise legitimate, interactive coronavirus tracking map created by Johns Hopkins University — this time to deliver Android spyware as part of a campaign that originates out of Libya and seemingly targets individuals within that country. The surveillanceware, known as SpyMax, comes packaged in a trojanized application named “corona live…

Password found to rescue victims of malicious COVID-19 tracker app

Members of the IT and cybersecurity communities have successfully obtained a password key for victims of CovidLock Android ransomware, which comes disguised as an app that supposedly helps track cases of the coronavirus, but actually locks users’ phones and demands a ransom in order to restore access. The unlock token has been verified as 4865083501.…

Coronavirus tracking app locks up Android phones for ransom

A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom in order to restore access. (Note: a password key has since been published. See follow-up story here.) Dubbed CovidLock, the newly discovered ransomware performs a screen-lock attack by forcing a change in the password required…

Cookie-stealing Android trojan likely used for spam distribution campaign

Who stole the cookie from the cookie jar? It’s Cookiethief, a newly discovered Android trojan that gains root access to devices and exfiltrates browser and Facebook app cookies to a malicious server. Attackers typically use stolen cookies to impersonate victims and access their online accounts in unauthorized fashion. In this instance, researchers believe the culprits…

Next post in Malware