Android hacking | Breaking Cybersecurity News | The Hacker News

So you love Minecraft ? You might want to be very careful before downloading the cheats for the popular Minecraft game from Google Play Store. Nearly 3 Million users have downloaded malicious Minecraft Android applications for their smartphone and tablets from the Google Play store, security researchers warned. The security researchers from IT security firm ESET have uncovered as many as 33 fake "scareware" applications that have been uploaded to the Google Play store in the course of the past 9 months, masquerading as Minecraft cheats and tip guides. These malicious applications have been downloaded between 660,000 and 2.8 million times. "All of the discovered apps were fake in that they did not contain any of the promised functionality and only displayed banners that tried to trick users into believing that their Android system is infected with a dangerous virus," ESET researcher Lukas Stefanko wrote in a blog post . Once downloaded, these mali

Security researchers have unearthed a new Android Trojan that tricks victims into believing they have switched their device off while it continues " spying " on the users' activities in the background. So, next time be very sure while you turn off your Android smartphones. The new Android malware threat, dubbed PowerOffHijack , has been spotted and analyzed by the researchers at the security firm AVG. PowerOffHijack because the nasty malware has a very unique feature - it hijacks the shutdown process of user's mobile phone. MALWARE WORKS AFTER SWITCHING OFF MOBILES When users presses the power button on their device, a fake dialog box is shown. The malware mimics the shutdown animation and the device appears to be off, but actually remains on, giving the malicious program freedom to move around on the device and steal data. "After pressing the power button, you will see the real shutdown animation, and the phone appears off. Although the screen is bl

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

We all have Internet-connected smartphones in our pockets, but it's very hard to find a place on Internet to feel secure and private. No doubt, there is data Encryption on cell phones, but what's the use if it is cracked by hackers or law enforcement? What if the encrypted files don't exist in the first place for law enforcement to decrypt it? That's the motive behind DroidStealth , a new Android encryption tool that not only protects sensitive data with obfuscation, but ​also hides its existence on your phone as if it has nothing to hide. DroidStealth Android app has been developed by security researchers from Delft University of Technology in the Netherlands and would come as a windfall to both the privacy lovers and the cyber criminals. STEALTH LOGIN MECHANISM DroidStealth Android encryption tool creates a hidden folder in your phone in which it stores your all encrypted files. The app itself can be opened by simply dialing a phone number of any length which is

Security researchers have warned of a pair of vulnerabilities in the Google Play Store that could allow cyber crooks to install and launch malicious applications remotely on Android devices. Tod Beardsley, technical lead for the Metasploit Framework at Rapid7 warns that an X-Frame-Options (XFO) vulnerability – when combined with a recent Android WebView (Jelly Bean) flaw – creates a way for hackers to quietly install any arbitrary app from the Play store onto victims' device even without the users consent. USERS AFFECTED The vulnerability affects users running Android version 4.3 Jelly Bean and earlier versions of Android that no longer receive official security updates from Android security team for WebView , a core component used to render web pages on an Android device . Also, users who have installed third party browsers are affected. According to the researcher, the web browser in Android 4.3 and prior that are vulnerable to a Universal Cross-Site Scripting (

A group of security researchers has successfully discovered a method to hack into six out of seven popular Smartphone apps, including Gmail across all the three platforms - Android , Windows, and iOS operating systems - with shockingly high success rate of up to 92 percent. Computer scientists the University of California Riverside Bourns College of Engineering and the University of Michigan have identified a new weakness they believe to exist in Android, Windows, and iOS platforms that could allow possibly be used by hackers to obtain users' personal information using malicious apps. The team of researchers - Zhiyun Qian , of the University of California, Riverside, and Z. Morley Mao and Qi Alfred Chen from the University of Michigan - will present its paper, " Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks " ( PDF ), at the USENIX Security Symposium in San Diego on August 23. The paper detailed a new type of

Researchers have warned users of Android devices to avoid app downloads from particularly unauthorized sources, since a new and sophisticated piece of malware is targeting Android users through phishing emails . The malware, dubbed SandroRAT , is currently being used by cybercriminals to target Android users in Poland via a widely spread email spam campaign that delivers a new variant of an Android remote access tool (RAT). The emails masquerade itself as a bank alert that warns users of the malware infection in their mobile device and offers a fake mobile security solution in order to get rid of the malware infection. The mobile security solution poses as a Kaspersky Mobile Security , but in real, it is a version of SandroRAT, a remote access tool devised for Android devices, whose source code has been put on sale on underground Hack Forums since December last year. A mobile malware researcher at McAfee, Carlos Castillo, detailed the new variant of Android remot

Many Smartphone applications support, installation or app data storage to an external SD Card, that can be helpful in saving space on the internal memory, but also vulnerable to hackers. Typically, an app that has permission to read and write data from an SD card has the permission to read all data on that card, including information written by other apps. This means that if you install a malicious application by mistake, it can easily steal any sensitive data from your Phone's SD Card. To prevent the data from being misused by any other app, the best implementation is to encrypt the data, but that will drop the performance of the device. On its 10th birthday, as a treat for mobile developers, Facebook has unveiled the source code of its Android security tool called ' Conceal ' cryptographic API Java library, that will allow app developers to encrypt data on disk in the most resource efficient way, with an easy-to-use programming interface. Smaller th

In September, Google added the remote Device locking Capability to its Android Device Manager , allowing users to lock their phone if it's stolen or lost. The mechanism allows user to override the existing device lock scheme and set password scheme for better security. But Recently, Curesec Research Team  from Germany has discovered an interesting vulnerability ( CVE-2013-6271 ) in   Android 4.3 that allows a rogue app to remove all existing device locks activated by a user. ' The bug exists on the "com.android.settings.ChooseLockGeneric class". This class is used to allow the user to modify the type of lock mechanism the device should have. ' CRT team says in a blog post Android OS has several device lock mechanisms like PIN, Password, Gesture and even faces recognition to lock and unlock a device. For modification in password settings, the device asks the user for confirmation of the previous lock. But if some malicious application is installed on the device, it coul

The most common approach to protect data during communication on the Android platform is to use the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols. Thousands of applications in the Google Play market that are using these implementations. A group of researchers including Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith from Distributed Computing & Security Group - Leibniz University of Hannover, Hannover, Germany and Lars Baumgärtner, Bernd Freisleben from Department of Math. & Computer Science - Philipps University of Marburg, Marburg, Germany, have presented a paper that  most of these applications contain serious mistakes in the way that SSL/TLS is implemented, that leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Tests performed on 100 selected apps confirmed that 41 of them were vulnerable to known attacks.  The

Android's App store is currently facing a new dilemma as its security has been compromised once again. Researchers from security firm TrustGo have recently spotted on Google Play a bogus app that supposedly automatizes the updating of a batch of other apps. The malicious code was hidden within an app named, "Updates" by developer Good Byte Labs (Package name: com.updateszxt) and was designed to look like an update to the Lookout™ mobile security application. The malware detected as Trojan!FakeLookout.A  is capable of stealing SMS and MMS messages and upload them to a remote server via FTP. This virus has the potential to steal all personal business sensitive data from the users' device. Though there are no reports of being infected by the users, it is believed that the infected users are not aware of it yet. " New approach being attempted by malware makers, " TrustGo said the site in question " contains a Trojan file that targets multiple platfo

A French hacker has been arrested for spreading a virus through fake smartphone applications. Prosecutors say he stole tiny sums from 17,000 people, amassing about 500,000 euros (£405,000) since 2011. Working from the basement of his parents' home in Amiens, France, he created malicious software that looked like normal smartphone apps, but these programs stole money through hidden transactions. He also used programs that sent him the usernames and passwords for gambling and gaming websites. The man admitted his crimes to police after he was arrested in the northern French city of Amiens. He told officials that he was motivated by a strong interest in computers and the desire to be a software developer.

Users should be aware that Cyber criminals are finding new ways to install malicious software on devices. The latest threat to Android phone users, according to the FBI , is a "work-at-home opportunity that promises a profitable payday just for sending out email." The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher .  Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user's address book and the infected device's phone number . FinFisher is a spyware capable of taking over the components of a mobile device. When in