Android | Breaking Cybersecurity News | The Hacker News

Security researchers from MetaIntell, the leader in intelligent led Mobile Risk Management (MRM), have discovered a major security vulnerability in the latest version of Facebook SDK that put millions of Facebook user's Authentication Tokens at risk. Facebook SDK for Android and iOS is the easiest way to integrate mobile apps with Facebook platform, which provides support for Login with Facebook authentication, reading and writing to Facebook APIs and many more. Facebook OAuth authentication or ' Login as Facebook ' mechanism is a personalized and secure way for users to sign into 3rd party apps without sharing their passwords. After the user approves the permissions as requested by the application, the Facebook SDK implements the OAuth 2.0 User-Agent flow to retrieve the secret user's access token required by the apps to call Facebook APIs to read, modify or write user's Facebook data on their behalf. ACCESSING UNENCRYPTED ACCESS TOKEN It is important that

Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malware . GOOGLE SERVICE FRAMEWORK - APPLICATION OR MALWARE? Security researchers at the security firm FireEye have came across a malicious Android application that binds together the latest and older hijacking techniques. The malicious Android app combines private data theft, banking credential theft and spoofing, and remote access into a single unit, where traditional malware has had only one such capability included in it. Researchers dubbed the malware as HijackRAT , a banking trojan that comes loaded with a malicious Android application which disguises itself as "Google Service Framework," first and the most advanced Android malware sample of its kind ever discovered, combining all the three malicious activities together. MALWARE FEATURES By giving the remote control of the infected device to hackers,

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

A 20 year old critical subtle integer overflow vulnerability has been discovered in Lempel-Ziv-Oberhumer (LZO), an extremely efficient data compression algorithm that focuses on decompression speed, which is almost five times faster than zlib and bzip compression algorithms. Lempel-Ziv-Oberhumer (LZO) was developed in 1994 by Markus Oberhumer and currently it is one of the most popular and widespread compression algorithm used in the Linux kernel , some Samsung Android mobile devices, other embedded devices and several open-source libraries including OpenVPN, MPlayer2, Libav, FFmpeg. 20 YEAR OLD VULNERABILITY IN LZO ALGORITHM Don A. Bailey, founder and CEO of Lab Mouse Security, who disclosed the technical details of the buffer overrun vulnerability in LZO/LZ4 algorithm, explains that if an attacker carefully craft a piece of compressed data that would run malicious code when the software attempted to decompress it. According to advisory, if buffers of 16MB or more

A critical code-execution vulnerability almost affecting everyone those are not running the most updated version of Google Android , i.e. Android version 4.4 also known as KitKat. After nine months of vulnerability disclosure to the Android security team, researchers of the Application Security team at IBM have finally revealed all the possible details of a serious code-execution vulnerability that still affects the Android devices running versions 4.3 and earlier, which could allow attackers to exfiltrate sensitive information from the vulnerable devices. " Considering Android's fragmented nature and the fact that this was a code-execution vulnerability, we decided to wait a bit with the public disclosure ," said Roee Hay, a security research group leader at IBM. The researchers found the stack buffer overflow vulnerability that resides in the Android's KeyStore storage service, which according to the Android developers' website is the service code running in Androi

Purchasing malware to victimize people is illegal by laws but if the same thing any government official do, then its not!! Yes, the police forces around the World are following the footsteps of U.S. National Security Agency ( NSA ) and FBI. Researchers from the Citizen Lab at the Munk School of Global Affairs at the University of Toronto and computer security firm Kaspersky Lab have unearthed a broad network of controversial spyware which is specially designed to give law enforcement agencies complete access to a suspect's phone for the purpose of surveillance. MALWARE FOR DESKTOPS AND ALL MOBILE DEVICES The malware , dubbed as Remote Control System (RCS) , also known as Da Vinci and Galileo, is developed by an Italian company known as Hacking Team, available for desktop computers, laptops, and mobile devices. The latest version of the malware works for all phone including Android, iOS, Windows Mobile, Symbian and BlackBerry devices, but best on Android devices , and can also b

The open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data, came to everybody's attention following the Heartbleed vulnerability , a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server's memory, potentially revealing users data, that the server did not intend to reveal. Now, the biggest Internet giant Google is launching a new fork of OpenSSL, which they dubbed as BoringSSL, developed by its own independent work with the code. " We have used a number of patches on top of OpenSSL for many years, " Adam Langley, a cryptography engineer and Google employee, wrote in a blog post introducing BoringSSL. " Some of them have been accepted into the main OpenSSL repository, but many of them don't mesh with OpenSSL's guarantee of API and ABI

Google's Android Mobile operating system for smartphones and tablets have Google's own Play Store that provides its Android users the most visible way to access the world of millions of apps. App developers produce more than thousands of applications each year, but majority of newbie and unprofessional developers use unsafe, unreliable, and insecure coding practices, as many developers store secret keys in their apps that could potentially allow cybercriminals to steal users' sensitive data. A team of researchers from the computer science department of the Columbia University have discovered a critical security problem in the Google's official Android app store from where millions of Android users download various apps. Researchers have found that most of the Android application developers often store their secret keys in their app's code, similar to usernames/passwords information, which could be then used by any bad actor to maliciously steal users' information or r

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot (aka George Hotz) - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on Sunday night that will let most Android smartphones users to root their Android device with one click only, as long as it has an unpatched version of the Linux kernel. EXPLOITS LINUX KERNEL VULNERABILITY  Towelroot application exploits the same vulnerability (CVE-2014-3153) which was recently disclosed by the hacker Pinkie Pie in the Linux kernel version 3.14.5 and most versions of other Android devices, which could be leveraged by hackers to potentially acquire root access on affected devices. Having root access of your device simply means you make System-level changes to your device such as accessing and modifying any file or program using any mode (single- or multi-

In a previous story, I reported about a new ransomware threat known as Simplocker discovered by researchers at the security firm ESET, targeting Android users in the UK, Switzerland, Germany, India and Russia, for ransom. Simplocker (Android/Simplocker.A) is the latest Android ransomware that has ability to encrypt the files using Advanced Encryption Standard (AES) on the Android device SD cards demanding users pay a ransom of 260 UAH ( Ukrainian hryvnias ), which is roughly equal to $21 US, for those files to be decrypted. To hide their track, the malware author is using the Command-and-Control server hosted on TOR .onion domain, which makes it difficult to trace the server's physical location or determine who is operating it. The malware collects information about the users' phone such as IMEI number, Operating System, phone model and manufacturer to send it all to Command-and-Control server. STUDENT CRACKS SIMPLOCKER RANSOMWARE Now, an undergraduate stu

If US has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology due to suspected backdoors, then they are not wrong at all. A popular Chinese Android Smartphone comes pre-installed with a Trojan that could allow manufacturer to spy onto their users' comprising their personal data and conversations without any restrictions and users knowledge. GOOGLE PLAY STORE OR A SPYING APP? According to the researchers at the German security firm G Data , the Star N9500 smartphone, a popular and cheap handset device in China, comes pre-installed with Uupay.D Trojan horse, disguising as a version of the Google Play Store. The trojan camouflage as the Google Play Store , so it enables Chinese Company to secretly install malicious apps, which creates the whole spectrum of abuse. STEALING WITHOUT RESTRICTIONS The nasty Spyware runs in the background and has capability to steal

A vulnerability has been identified in Wiko Mobiles that could allow anyone to remotely  force it to shut down abruptly with a text message only. Wiko is  a two-year-old French Mobile manufacturing company known for its cheapest mobiles and smartphones. French  blogger Korben reported that just by sending a  Short Message Service (SMS) with text  "="  (without the quotes) to Wiko mobiles could force them to restart and  knock them off a cellular network. He demonstrated the flaw in a video as shown below: He successfully tested Wiko Mobile flaw with official Android operating system and also reproduced it with custom Android ROM i.e. CyanogenMod, which concludes that the flaw could be in Wiko Mobile Hardware, rather than software. The Flaw was accidentally discovered by a reader, so currently we have no technical explanation that why Wiko mobiles can't behave equal as other smartphones do after receiving 'equal' symbol in SMS. If y

Google just made a huge change to the way application permissions work on Android devices which has left a potential door open to malicious app developers and hackers. Google narrows down Android's 145 permissions into 13 broad categories and groups app permissions into ' groups of related permissions ', likely for Android users to have an easier time dealing with app permissions. Unfortunately, the new update has introduced a few potential security and privacy issues, as listed below: hiding permissions behind the group names auto-updating app with no warning for new permissions According to new update, once a user approves an app's permissions, he actually approves the whole respective permission groups. For example, if an app want to read your incoming SMS messages, then it requires the " Read SMS messages " permission. But now installing an app, you are actually giving it access to all SMS-related permissions. The app developer can then include

We have seen cybercriminals targeting PCs with Ransomware malware that encrypts your files or lock down your computer and ask for a ransom amount to be paid in a specified duration of time to unlock it. To deliver the Ransomware malwares to the mobile devices, cyber criminals have already started creating malicious software programs for android devices. Last month, we reported about a new Police Ransomware malware that locks up the devices until the victims pay a ransom to get the keys to unlock the phone. But, the malware just lock the mobile screen and a loophole in the its implementation allowed users to recover their device and data stored on SDcard. Now, in an effort to overcome this, threat actors have adopted encryption in the development of mobile Ransomware malwares. Recently, the security firm ESET has discovered a new Android ransomware, dubbed as Android/Simplocker.A , that has ability to encrypt the files on the device SD card and then demand a ransom from the victim

The development of self own languages has become emblematic of the hot new trend in business as every big Internet service provider is now developing their own and unique programming languages. Two months ago, Facebook released its modern programming language called ' HACK ', which is specially designed to make the process of writing and testing code of complex websites and other software faster, and the company already drives almost all of the its social networking site to HACK over the last year. This Monday, Apple surprises the gathering of people who build software applications for Apple hardware devices at its World Wide Developers Conference (WWDC) by introducing its whole new programming language called Swift , which probably replace Apple's main programming language - Objective-C that is being loved by the developers who build software applications for Apple hardware devices, from iPhone, iPad to Macintosh. The first app built on Swift is the WWDC ap

Today, the popular Music streaming service Spotify said the company has suffered a Data breach and warned users of its Android app to upgrade it in the wake of a potential data breach in their servers. Spotify is a commercial music streaming service launched in October 2008 by Swedish start-up Spotify AB and is freely available for Android and iOS devices as well as for desktop computers with more than 40 million active users, out of which about 10 million users are its paid subscribers. It offers offline listening and ad-free playback are also available for Premium subscribers of the service. The company announced that a hacker had allegedly broken into its systems and gained unauthorized access to the internal company data. So far only one of its users' accounts has been accessed in the data breach, but the company believes that there is no harm to the financial information, payment details or password of the affected user. " Our evidence shows that only one Spot

It has been months ago since the release of Samsung's latest Smartphone, Galaxy S5 and we have seen a portion of International units receive root, but a couple of the carrier variants including the developer edition of Samsung Galaxy S5 for Verizon and At&T hasn't been in the list, sadly. The Interesting part is that till now no hacker has found a way out to gain the root-rights of the Verizon as well as AT&T version of the Samsung Galaxy S5. Now, the Verizon and AT&T users who own Samsung Galaxy S5 are reportedly itching to get Android rooting technique for their devices, so that they can do tons of things such as customizations, patching apps, installing third-party ROMs etc. This situation is something unacceptable to the developers and Galaxy S5 users, and finally the senior members of XDA developers in collaboration with the group of Verizon and AT&T customers have started a Crowd funded Bounty program for achieving the root on Verizon and AT&

If you have an account with Microsoft's popular free email service Outlook.com, and using Outlook app for Android, then there is a bad news for you. Microsoft's Android app for Outlook.com,  provides users to access their Outlook emails on their Android devices, fails to provide security and encryption. LOOPHOLES DISCOVERED Researchers from ' Include Security ' firm claims to have found multiple vulnerabilities in Microsoft's Outlook app for Android, that leaves users' email data vulnerable to hackers and other malicious third party apps. By default, Email attachments are stored into easily accessible folders on the Android filesystem Email Database ( Body, Subject ) is stored locally in an unencrypted manner App's 'Pin Code' feature doesn't protect or encrypt email data. EMAIL ATTACHMENTS ARE ACCESSIBLE TO ANY OTHER APPS Today almost every applications available at Google Play Store generally ask for  READ_EXTERNAL_STORA