Android | Breaking Cybersecurity News | The Hacker News

A critical code-execution vulnerability almost affecting everyone those are not running the most updated version of Google Android , i.e. Android version 4.4 also known as KitKat. After nine months of vulnerability disclosure to the Android security team, researchers of the Application Security team at IBM have finally revealed all the possible details of a serious code-execution vulnerability that still affects the Android devices running versions 4.3 and earlier, which could allow attackers to exfiltrate sensitive information from the vulnerable devices. " Considering Android's fragmented nature and the fact that this was a code-execution vulnerability, we decided to wait a bit with the public disclosure ," said Roee Hay, a security research group leader at IBM. The researchers found the stack buffer overflow vulnerability that resides in the Android's KeyStore storage service, which according to the Android developers' website is the service code running in Androi...

Purchasing malware to victimize people is illegal by laws but if the same thing any government official do, then its not!! Yes, the police forces around the World are following the footsteps of U.S. National Security Agency ( NSA ) and FBI. Researchers from the Citizen Lab at the Munk School of Global Affairs at the University of Toronto and computer security firm Kaspersky Lab have unearthed a broad network of controversial spyware which is specially designed to give law enforcement agencies complete access to a suspect's phone for the purpose of surveillance. MALWARE FOR DESKTOPS AND ALL MOBILE DEVICES The malware , dubbed as Remote Control System (RCS) , also known as Da Vinci and Galileo, is developed by an Italian company known as Hacking Team, available for desktop computers, laptops, and mobile devices. The latest version of the malware works for all phone including Android, iOS, Windows Mobile, Symbian and BlackBerry devices, but best on Android devices , and can also b...

The open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data, came to everybody's attention following the Heartbleed vulnerability , a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server's memory, potentially revealing users data, that the server did not intend to reveal. Now, the biggest Internet giant Google is launching a new fork of OpenSSL, which they dubbed as BoringSSL, developed by its own independent work with the code. " We have used a number of patches on top of OpenSSL for many years, " Adam Langley, a cryptography engineer and Google employee, wrote in a blog post introducing BoringSSL. " Some of them have been accepted into the main OpenSSL repository, but many of them don't mesh with OpenSSL's guarantee of API and ABI ...

Google's Android Mobile operating system for smartphones and tablets have Google's own Play Store that provides its Android users the most visible way to access the world of millions of apps. App developers produce more than thousands of applications each year, but majority of newbie and unprofessional developers use unsafe, unreliable, and insecure coding practices, as many developers store secret keys in their apps that could potentially allow cybercriminals to steal users' sensitive data. A team of researchers from the computer science department of the Columbia University have discovered a critical security problem in the Google's official Android app store from where millions of Android users download various apps. Researchers have found that most of the Android application developers often store their secret keys in their app's code, similar to usernames/passwords information, which could be then used by any bad actor to maliciously steal users' information or r...

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot (aka George Hotz) - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on Sunday night that will let most Android smartphones users to root their Android device with one click only, as long as it has an unpatched version of the Linux kernel. EXPLOITS LINUX KERNEL VULNERABILITY  Towelroot application exploits the same vulnerability (CVE-2014-3153) which was recently disclosed by the hacker Pinkie Pie in the Linux kernel version 3.14.5 and most versions of other Android devices, which could be leveraged by hackers to potentially acquire root access on affected devices. Having root access of your device simply means you make System-level changes to your device such as accessing and modifying any file or program using any mode (single- or mu...

In a previous story, I reported about a new ransomware threat known as Simplocker discovered by researchers at the security firm ESET, targeting Android users in the UK, Switzerland, Germany, India and Russia, for ransom. Simplocker (Android/Simplocker.A) is the latest Android ransomware that has ability to encrypt the files using Advanced Encryption Standard (AES) on the Android device SD cards demanding users pay a ransom of 260 UAH ( Ukrainian hryvnias ), which is roughly equal to $21 US, for those files to be decrypted. To hide their track, the malware author is using the Command-and-Control server hosted on TOR .onion domain, which makes it difficult to trace the server's physical location or determine who is operating it. The malware collects information about the users' phone such as IMEI number, Operating System, phone model and manufacturer to send it all to Command-and-Control server. STUDENT CRACKS SIMPLOCKER RANSOMWARE Now, an undergraduate stu...

If US has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology due to suspected backdoors, then they are not wrong at all. A popular Chinese Android Smartphone comes pre-installed with a Trojan that could allow manufacturer to spy onto their users' comprising their personal data and conversations without any restrictions and users knowledge. GOOGLE PLAY STORE OR A SPYING APP? According to the researchers at the German security firm G Data , the Star N9500 smartphone, a popular and cheap handset device in China, comes pre-installed with Uupay.D Trojan horse, disguising as a version of the Google Play Store. The trojan camouflage as the Google Play Store , so it enables Chinese Company to secretly install malicious apps, which creates the whole spectrum of abuse. STEALING WITHOUT RESTRICTIONS The nasty Spyware runs in the background and has capability to steal ...

A vulnerability has been identified in Wiko Mobiles that could allow anyone to remotely  force it to shut down abruptly with a text message only. Wiko is  a two-year-old French Mobile manufacturing company known for its cheapest mobiles and smartphones. French  blogger Korben reported that just by sending a  Short Message Service (SMS) with text  "="  (without the quotes) to Wiko mobiles could force them to restart and  knock them off a cellular network. He demonstrated the flaw in a video as shown below: He successfully tested Wiko Mobile flaw with official Android operating system and also reproduced it with custom Android ROM i.e. CyanogenMod, which concludes that the flaw could be in Wiko Mobile Hardware, rather than software. The Flaw was accidentally discovered by a reader, so currently we have no technical explanation that why Wiko mobiles can't behave equal as other smartphones do after receiving 'equ...

Google just made a huge change to the way application permissions work on Android devices which has left a potential door open to malicious app developers and hackers. Google narrows down Android's 145 permissions into 13 broad categories and groups app permissions into ' groups of related permissions ', likely for Android users to have an easier time dealing with app permissions. Unfortunately, the new update has introduced a few potential security and privacy issues, as listed below: hiding permissions behind the group names auto-updating app with no warning for new permissions According to new update, once a user approves an app's permissions, he actually approves the whole respective permission groups. For example, if an app want to read your incoming SMS messages, then it requires the " Read SMS messages " permission. But now installing an app, you are actually giving it access to all SMS-related permissions. The app developer can then include...

We have seen cybercriminals targeting PCs with Ransomware malware that encrypts your files or lock down your computer and ask for a ransom amount to be paid in a specified duration of time to unlock it. To deliver the Ransomware malwares to the mobile devices, cyber criminals have already started creating malicious software programs for android devices. Last month, we reported about a new Police Ransomware malware that locks up the devices until the victims pay a ransom to get the keys to unlock the phone. But, the malware just lock the mobile screen and a loophole in the its implementation allowed users to recover their device and data stored on SDcard. Now, in an effort to overcome this, threat actors have adopted encryption in the development of mobile Ransomware malwares. Recently, the security firm ESET has discovered a new Android ransomware, dubbed as Android/Simplocker.A , that has ability to encrypt the files on the device SD card and then demand a ransom from the victim ...

The development of self own languages has become emblematic of the hot new trend in business as every big Internet service provider is now developing their own and unique programming languages. Two months ago, Facebook released its modern programming language called ' HACK ', which is specially designed to make the process of writing and testing code of complex websites and other software faster, and the company already drives almost all of the its social networking site to HACK over the last year. This Monday, Apple surprises the gathering of people who build software applications for Apple hardware devices at its World Wide Developers Conference (WWDC) by introducing its whole new programming language called Swift , which probably replace Apple's main programming language - Objective-C that is being loved by the developers who build software applications for Apple hardware devices, from iPhone, iPad to Macintosh. The first app built on Swift is the WWDC ap...

Today, the popular Music streaming service Spotify said the company has suffered a Data breach and warned users of its Android app to upgrade it in the wake of a potential data breach in their servers. Spotify is a commercial music streaming service launched in October 2008 by Swedish start-up Spotify AB and is freely available for Android and iOS devices as well as for desktop computers with more than 40 million active users, out of which about 10 million users are its paid subscribers. It offers offline listening and ad-free playback are also available for Premium subscribers of the service. The company announced that a hacker had allegedly broken into its systems and gained unauthorized access to the internal company data. So far only one of its users' accounts has been accessed in the data breach, but the company believes that there is no harm to the financial information, payment details or password of the affected user. " Our evidence shows that only one Spot...

It has been months ago since the release of Samsung's latest Smartphone, Galaxy S5 and we have seen a portion of International units receive root, but a couple of the carrier variants including the developer edition of Samsung Galaxy S5 for Verizon and At&T hasn't been in the list, sadly. The Interesting part is that till now no hacker has found a way out to gain the root-rights of the Verizon as well as AT&T version of the Samsung Galaxy S5. Now, the Verizon and AT&T users who own Samsung Galaxy S5 are reportedly itching to get Android rooting technique for their devices, so that they can do tons of things such as customizations, patching apps, installing third-party ROMs etc. This situation is something unacceptable to the developers and Galaxy S5 users, and finally the senior members of XDA developers in collaboration with the group of Verizon and AT&T customers have started a Crowd funded Bounty program for achieving the root on Verizon and AT&...

If you have an account with Microsoft's popular free email service Outlook.com, and using Outlook app for Android, then there is a bad news for you. Microsoft's Android app for Outlook.com,  provides users to access their Outlook emails on their Android devices, fails to provide security and encryption. LOOPHOLES DISCOVERED Researchers from ' Include Security ' firm claims to have found multiple vulnerabilities in Microsoft's Outlook app for Android, that leaves users' email data vulnerable to hackers and other malicious third party apps. By default, Email attachments are stored into easily accessible folders on the Android filesystem Email Database ( Body, Subject ) is stored locally in an unencrypted manner App's 'Pin Code' feature doesn't protect or encrypt email data. EMAIL ATTACHMENTS ARE ACCESSIBLE TO ANY OTHER APPS Today almost every applications available at Google Play Store generally ask for  READ_EXTERNAL_STORA...

We are quite aware of the Android malware scanner Google's Bouncer that tests the apps by running them in a virtualized environment i.e. a simulated phone created in software which automatically scans the apps to watch its real behaviour on users' devices, before approving them to the Play Store market. To protect its users and their devices from harm, Google launched this apps scanning software tool, two year ago. Bouncer is a security feature for the Android Play store Market that is designed to protect the Android users to not to be a victim of any malicious Android malware app. But does the security tool go far enough? Despite having protective shield factor, we have seen Google play store market is surrounded by many malicious apps which easily by-passes the Bouncer scan test and targets Android users. Security Research from Columbia University have exploited weaknesses in Google's Bouncer service to sneak malicious apps on to the Android market. They publish...

About a week back we reported about a popular paid Antivirus application on the Google Play Store which was actually a scam, dubbed as ' Virus Shield '. This First paid fake app managed to become one of the most popular anti-virus app in less than a week, and apparently more than 10,000 Smartphones users purchased it in $3.99 from Google Play Store and hence scammed more than $40,000. The Virus Shield Android App claimed to protect users' personal information from harmful viruses, malware and spyware, but in actual app doesn't scan anything and was removed from the store once the fraud had been uncovered. If you were one that had downloaded the Virus Shield Antivirus app , then don't worry, just check your email inbox, because Google cares about you and reaching out all those affected android users who purchased the app, in order to refund their money in full. REFUND WITH $5 BONUS CREDIT According to Android Police , Google has decided to refund $3.99 back to u...