Android hacking tool | Breaking Cybersecurity News | The Hacker News

Your device's lock screen PIN is believed to keep your phone's contents safe from others, but sadly not from a new piece of ransomware that is capable of hijacking safety of your Android devices . A group of security researchers has uncovered what is believed to be the first real example of malware that is capable to reset the PIN code on a device and permanently lock the owner out of their own smartphone or tablet. This Android PIN-locking ransomware, identified as Android/Lockerpin.A , changes the infected device's lock screen PIN code and leaves victims with a locked mobile screen, demanding for a $500 (€450) ransom . Here's the Kicker: Since the lock screen PIN is reset randomly, so even paying the ransom amount won't give you back your device access, because even the attackers don't know the changed PIN code of your device , security researchers at Bratislava-based antivirus firm ESET warn . LockerPIN , as dubbed by the researchers,

Zimperium Mobile Security Labs (zLabs) have been working hard to make Android operating system more safe and secure to use. Zimperium team has publicly released the CVE-2015-1538 Stagefright Exploit , demonstrating the process of Remote Code Execution (RCE) by an attacker. The released exploit is a python code creating an MP4 exploiting the 'stsc' vulnerability dubbed Stagefright. The purpose behind the release is to put penetration testers and security researchers to test and check the vulnerability of the code and analyze the results. Considered as the most critical flaw among all the existing vulnerabilities; the Stagefright flaw is capable of revealing user's information remotely by injecting malicious code, even without any involvements of the user. Two months ago, Zimperium Labs uncovered multiple vulnerabilities in 'libstagefright,' a service attached with the software-based codecs natively in Android smartphones for media playback. The vulnera

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Wanna hack someone's Android smartphone by sending just an MMS message? Yes, you can, because Google's patch for the Stagefright vulnerability in hundreds of Millions of Android devices is BUGGY. Last week, Google issued an official patch for Stagefright vulnerability that affects 95 percent of Android devices running version 2.2 to version 5.1 of the operating system, an estimated 950 Million Android devices in use worldwide. But, the patch is so flawed that hackers can still exploit the Stagefright vulnerability (CVE-2015-3824) anyways. "The [original] patch is four lines of code and was (presumably) reviewed by Google engineers prior to shipping," researchers at Exodus Intelligence wrote in a blog post published Thursday. "The public at large believes the current patch protects them when it, in fact, does not." Buggy Patch Issued by Google The patch doesn't fix the vulnerability, allowing booby-trapped MP4 videos that supplied

Android users are busy fighting with Stagefright vulnerability while the popular mobile operating system faces another critical security vulnerability, dubbed as " Certifi-Gate ". Millions of Android devices could be hacked exploiting a plugin that comes pre-installed on your Android devices by the manufacturers. Most of the Android device manufacturers pre-install ' Remote Support Tool (mRST) ' plugin onto their phones that are intended to help users, such as RSupport or TeamViewer . But, a critical Certifi-Gate security vulnerability in this mRTS plugin allows malicious applications to gain illegitimate privileged access rights, even if your device is not rooted. "Certifi-Gate" Android security vulnerability According to Israeli researchers at Check Point, Ohad Bobrov and Avi Bashan, Certifi-Gate Android vulnerability lies in the way Google's partners (manufacturers) use certificates to sign remote support tools. Remote support tools often hav

Over a year ago I wrote an article on The Hacker News that warned of serious security concerns created by the iPhone and Android's Fingerprint authentication . Till now hackers were impersonated simply by lifting prints off the side of a phone and gaining unauthorized access to user's phone and thus data. However, security researchers have now discovered four new ways to attack Android devices to extract user fingerprints remotely without letting the user know about it. The attack, which the researchers dubbed the " Fingerprint Sensor Spying attack ," could be used by hackers to " remotely harvest fingerprints in a large scale, " Yulong Zhang, one of the researchers told ZDNet. Remotely Hacking Android Fingerprints FireEye researchers Tao Wei and Yulong Zhang presented their research in a talk titled, Fingerprints on Mobile Devices: Abusing and Leaking , at the Black Hat conference in Las Vegas on Wednesday, where they outlined new wa

Poor Android users are facing a terrible, horrible, and awful week. Few days ago, Trend Micro security researchers uncovered a Android crashing vulnerability in the widely used mobile operating system, impacting the majority of Android devices in use. The report follows another significant Stagefright vulnerability that was revealed by separate researchers, who warned that nearly 950 Million Android phones can be hijacked by sending a simple text message or via malicious Android app or specially crafted web pages. EXPLOIT TO TRAP ANDROID DEVICES IN ENDLESS REBOOTS Now, the security researchers have discovered a dangerous security bug in the Android operating system that they claim can "brick" your phone, making it unresponsive and completely useless. The new vulnerability, CVE-2015-3823 , can be exploited by potential hackers to cause your Android device to endless Reboot, and is similar to the Stagefright bug in that the flaw exists in the 'media

As digging deeper and deeper into the huge Hacking Team data dump , security researchers are finding more and more source code, including an advanced Android Hacking Tool. Yes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to infect millions of Android devices even when users are running latest versions of the android mobile operating system. Trend Micro researchers found that the Italian spyware company was selling RCSAndroid (Remote Control System Android) , which they says, is one of the "most professionally developed and sophisticated" pieces of Android malware a.k.a Android hacking tool they have ever seen. RCSAndroid is a sophisticated, real-world surveillance and hacking tool that provides even unskilled hackers to deploy one of the world's more advanced surveillance suites for Google's mobile operating system Android. List of Creepy Features of Android Hacking Tool