Mobile Security | SC Media

Mobile Security

Holy cybercrime, Batman! Joker malware commits ad fraud, data theft

Two dozen apps that collectively generated over 472,000 downloads from the Google Play store were found to be infected with a new Android malware called Joker, which delivers a payload that perpetrates both ad fraud and data theft, a research firm has reported. Joker’s second-stage malware is a .dex (Dalvik Executable) file capable of stealing…

Brazil

BRATA malware targeting Brazilian Android devices

First there was Brangelina, TomKat and Bennifer and now Kaspersky has presented the world with BRATA, or Brazilian RAT Android. BRATA is not a power celebrity couple, but is a relatively new Android remote access tool family that, at least so far, has exclusively targeted Brazilians using Android 5.0 or higher, according to Kaspersky’s GReAT…

Reports say China devised iPhone malware campaign to track Muslims; Android and Windows devices also targeted

A recently exposed malware campaign that used watering-hole attacks to target iPhone users for more than two years was reportedly part of an effort to track Uyghur Muslims based in China’s Xinjiang state. The campaign was actually broader than originally thought, and attempted to infect Android and Microsoft Windows devices as well, reports are also…

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Watering-hole attack campaign designed to infect iOS users via exploit chains

Researchers at Google’s Project Zero yesterday lifted the curtain on a long-running mobile malware operation that for years attempted to infect iOS device users with a malware implant, using exploits delivered via a small number of compromised websites. In an online blog post report, Google researcher Ian Beer did not reveal the specific websites that…

applePatch

Apple issues supplemental security updates

Apple has released updates for four of its operating systems including iOS and tvOS. The patch for iOS 12.4.1 iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and fixes a vulnerability, CVE-2019-8605, where a malicious application may be able to execute arbitrary code with system privileges. The update for macOS…

AppleMalware2

iOS 12.4 update reintroduced old bug, enabling jailbreak for current devices

Apple’s latest iOS update reportedly undid a patch that was introduced in the previous release, a mistake that allowed a security researcher to publish a jailbreak for the most up-to-date version of the operating system. The unpatched vulnerability is CVE-2019-8605, an arbitrary code execution bug caused by a use-after-free condition. Working in tandem with Google…

trojanhorse_1032765

Trojanized apps containing ad fraud malware downloaded 102M times

Two related ad fraud malware programs, recently discovered in 34 trojanized Android applications, have already been downloaded roughly 102 million times from the Google Play store, researchers reported. Dubbed Android.Click.312.origin and Android.Click.313.origin, the malicious clicker trojans appear to be designed primarily to sign users up for paid premium services without their consent, according to a…

Apple to expand bug bounty program, offer researchers access to iOS, iPhones

Apple is drastically overhauling its bug bounty program, eliminating its invitation-only status, increasing its rewards, expanding it to include MacOS and other operating systems, and even agreeing to supply qualified researchers with special iPhones that are easier to probe for vulnerabilities. Apple’s head of security engineering Ivan Krstic announced these changes last week at the…

AppleMalware2

Apple halts contractors listening to Siri recordings, will offer opt-out

Apple will temporarily suspend its practice of allowing human contractors to grade snippets recordings of Siri conversations for accuracy. The move follows a Guardian report in which a former worker claimed contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex” as part of their job.  While Apple says user requests…

Sophisticated Android spyware toolset ‘Monokle’ linked to sanctioned Russian defense contractor

A company that was sanctioned by the U.S. government for allegedly helping Russia interfere with the 2016 elections has developed an advanced set of offensive spyware tools with functionality that researchers claim they have never before witnessed in real-life attack campaigns. Dubbed Monokle, the spyware toolset was actually developed as far back as 2015, according…

Next post in APTs/cyberespionage