Tag Archive for: DOWNLOADED

Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store


Android Malware

A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users’ contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge.

The latest Joker malware was found in a messaging-focused app named Color Message (“com.guo.smscolor.amessage”), which has since been removed from the official app marketplace. In addition, it has been observed simulating clicks in order to generate revenue from malicious ads and connecting to servers located in Russia.

Automatic GitHub Backups

Color Message “accesses users’ contact list and exfiltrates it over the network [and] automatically subscribes to unwanted paid services,” mobile security firm Pradeo noted. “To make it difficult to be removed, the application has the capability to hides it icon once installed.”

Android Malware

“We is [sic] committed to ensuring that the app is as useful and efficient as possible,” the developers behind Color Message state in their terms and conditions. “For that reason, we reserve the right to make changes to the app or to charge for its services, at any time and for any reason. We will never charge you for the app or its services without making it very clear to you exactly what you’re paying for.”

Prevent Data Breaches

Joker, since its discovery in 2017, has been a notorious fleeceware infamous for carrying out an array of malicious activities, including billing fraud and intercepting SMS messages, contact details, and device information unbeknownst to users.

The rogue apps have continued to skirt Google Play protections using a barrage of evasion tactics to the point that Android’s Security and Privacy Team said the malware authors “have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected.”

Source…


[the_ad_group id="27628"]

Christchurch shooting video still being downloaded by far-right extremists


The Australian Federal Police analysis of Australians downloading Christchurch terrorism propaganda in the last quarter of 2020 highlighted the appeal of the New Zealand terror attacks to budding extremists. Sources aware of the findings outlined them to The Age and The Sydney Morning Herald.

Laws passed by the federal government after the Christchurch attack, carried out by Australian Brenton Tarrant, aimed to decrease the sharing of extremist material by making it an offence for online platforms and internet service providers to fail to remove or report such material.

In a recent submission to a federal parliamentary inquiry into extremism, the chief executive of the Cyber Security Cooperative Research Centre, Rachael Falk, said the laws were “pioneering and pivotal” and noted that the apparent failure to charge any company under them “may serve to demonstrate the act’s deterrent effect”.

ASIO director-general Mike Burgess.

ASIO director-general Mike Burgess.Credit:Nine

However, the federal police analysis of peer-to-peer extremist content downloaded by Australians suggests the deterrence may be limited and that extremist material is being distributed by companies outside the police’s jurisdictional reach.

An analyst with the Australian Strategic Policy Institute, Ariel Bogle, will release a report on Thursday examining extremist fundraising online. She said her investigations had uncovered members of the Australian far-right using internet platforms to solicit funds.

Loading

Ms Bogle said this included the use of live-streaming platforms that included a payment function, micro-donation websites and internet wallet addresses for cryptocurrencies such as monero that are designed to avoid detection.

A Telegram channel associated with National Socialist Network leader Tom Sewell has recently encouraged followers to donate through largely untraceable online cryptocurrency platforms to support his legal case.

On a live Telegram chat on August 7, Jacob Hersant, the second in charge of the network, boasted about reading the Christchurch terrorist’s manifesto.

Ms Bogle said Telegram – along with platforms like Gab, VK and Element – was facilitating funding requests by extremists, and some online financial…

Source…

Bypasses malicious app security system and was downloaded more than 10,000 times


Malware on Google Play: Bypasses malicious app security system and was downloaded more than 10,000 times

The application under consideration is a device for photographing food and creating an alarm. An alert was issued by Predo, a company specializing in mobile security, and the app was removed from the Google Play store on 18 January.

According to Predio, the application managed to bypass the Play Protect scanning engine by hiding malicious code inside an encrypted file in a folder named 0OO00l111l1l. To gauge the sophistication of the system, the application was able to know if it was running on an emulator, so it would not run the code inside that folder, so it would not be easily searchable.

In addition, the application is related to Joker, a malware found in over 1700 applications on Google Play, which has also been removed.

The Daily Food Diary sought some very peculiar permission when it started, running in the background and started when the cell phone was on, so that its data collection operations were never interrupted. The application continuously asked to access the contacts available on the device and even manage the call, rejecting any incoming calls so as not to interrupt their operation.

If you have a daily food diary installed on your phone, it is highly recommended that you remove it immediately.

Source…

Millions downloaded dozens of Android apps from Google Play that were infected with adware – TechCrunch

  1. Millions downloaded dozens of Android apps from Google Play that were infected with adware  TechCrunch
  2. New Google Android Malware Warning Issued To 8 Million Play Store Users  Forbes
  3. Tracking down the developer of Android adware affecting millions of users  We Live Security
  4. Malicious Android Apps Hide Ads From Google Employees  BleepingComputer
  5. Vietnamese student behind Android adware strain that infected millions  ZDNet
  6. View full coverage on read more

“android security news” – read more