#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

android rooting | Breaking Cybersecurity News | The Hacker News

First Android-Rooting Trojan With Code Injection Ability Found On Google Play Store

First Android-Rooting Trojan With Code Injection Ability Found On Google Play Store

Jun 08, 2017
A new Android-rooting malware with an ability to disable device' security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store. What's interesting? The app was smart enough to fool Google security mechanism by first pretending itself to be a clean app and then temporarily replacing it with a malicious version. Security researchers at Kaspersky Lab discovered a new piece of Android rooting malware that was being distributed as gaming apps on the Google Play Store, hiding behind puzzle game " colourblock ," which was being downloaded at least 50,000 times prior to its removal. Dubbed Dvmap , the Android rooting malware disables device's security settings to install another malicious app from a third-party source and also injects malicious code into the device system runtime libraries to gain root access and stay persistent. "To bypass Google Play Store security checks, the malware creators used
Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware

Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware

Nov 30, 2016
If you own an Android smartphone, Beware! A new Android malware that has already breached more than 1 Million Google accounts is infecting around 13,000 devices every day. Dubbed Gooligan , the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them. With this information in hands, the attackers are able to hijack your Google account and access your sensitive information from Google apps including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite. Researchers found traces of Gooligan code in dozens of legitimate-looking Android apps on 3rd-party app stores, which if downloaded and installed by an Android user, malware starts sending your device's information and stolen data to its Command and Control (C&C) server. "Gooligan then downloads a rootkit from the C&C server that takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CV
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
New Drammer Android Hack lets Apps take Full control (root) of your Phone

New Drammer Android Hack lets Apps take Full control (root) of your Phone

Oct 24, 2016
Earlier last year, security researchers from Google's Project Zero outlined a way to hijack the computers running Linux by abusing a design flaw in the memory and gaining higher kernel privileges on the system. Now, the same previously found designing weakness has been exploited to gain unfettered "root" access to millions of Android smartphones, allowing potentially anyone to take control of affected devices. Researchers in the VUSec Lab at Vrije Universiteit Amsterdam have discovered a vulnerability that targets a device's dynamic random access memory (DRAM) using an attack called Rowhammer . Although we are already aware of the Rowhammer attack , this is the very first time when researchers have successfully used this attack to target mobile devices. What is DRAM Rowhammer Attack? The Rowhammer attack against mobile devices is equally dangerous because it potentially puts all critical data on millions of Android phones at risk, at least until a secu
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Chainfire's SuHide — Now You Can Hide Your Android Root Status On Per-App Basis

Chainfire's SuHide — Now You Can Hide Your Android Root Status On Per-App Basis

Aug 30, 2016
Famous Android developer Chainfire released an experimental hack with a new app, called " Suhide ," that allows users to hide the root status of their rooted Android devices on an app-by-app basis. Rooting your Android device can bring a lot of benefits by giving you access to a wide variety of apps and deeper access to the Android system...But at what cost? One of the major drawbacks of rooting your device is losing access to certain apps, which includes banking, payment and corporate security apps that work with financial and confidential data, such as your bank details. Such apps don't work on rooted devices. A great example for this is Google's Android Pay . Since its launch, developers has been working hard to get Android Pay working for rooted devices, but unfortunately, they have not gotten much success. But Why Rooted Devices? It's because Google cares about your security. SafetyNet — That's How Google Detects Tampered Devices Google
Warning! Over 900 Million Android Phones Vulnerable to New 'QuadRooter' Attack

Warning! Over 900 Million Android Phones Vulnerable to New 'QuadRooter' Attack

Aug 08, 2016
Android has Fallen! Yet another set of Android security vulnerabilities has been discovered in Qualcomm chipsets that affect more than 900 Million Android smartphones and tablets worldwide. What's even worse: Most of those affected Android devices will probably never be patched. Dubbed " Quadrooter ," the set of four vulnerabilities discovered in devices running Android Marshmallow and earlier that ship with Qualcomm chip could allow an attacker to gain root-level access to any Qualcomm device. The chip, according to the latest statistics, is found in more than 900 Million Android tablets and smartphones. That's a very big number. The vulnerabilities have been disclosed by a team of Check Point researchers at the DEF CON 24 security conference in Las Vegas. Critical Quadrooter Vulnerabilities: The four security vulnerabilities are: CVE-2016-2503 discovered in Qualcomm's GPU driver and fixed in Google's Android Security Bulletin for July
Dozens of Malicious Apps on Play Store can Root & Hack 90% of Android Devices

Dozens of Malicious Apps on Play Store can Root & Hack 90% of Android Devices

Jun 25, 2016
It's not at all surprising that the Google Play Store is surrounded by a large number of malicious apps that has the ability to gain users' attention into falling victim for one, but this time, it is even worse than most people realize. Researchers at Trend Micro have detected a family of malicious apps, dubbed ' Godless ,' that has the capability of secretly rooting almost 90 percent of all Android phones. Well, that's slightly terrifying. The malicious apps are distributed via different methods and variety of app stores, including Google Play Store, which is usually considered as a safe option for downloading apps. Also Read:   Crazy hacker implants NFC Chip in his hand to hack Android phones . The malicious apps packed with Godless contain a collection of open-source or leaked Android rooting exploits that works on any device running Android 5.1 Lollipop or earlier. 90% Android Devices are Vulnerable to Godless Rooting Malware Since Android eco
More than a Billion Snapdragon-based Android Phones Vulnerable to Hacking

More than a Billion Snapdragon-based Android Phones Vulnerable to Hacking

Mar 16, 2016
More than a Billion of Android devices are at risk of a severe vulnerability in Qualcomm Snapdragon chip that could be exploited by any malicious application to gain root access on the device. Security experts at Trend Micro are warning Android users of some severe programming blunders in Qualcomm's kernel-level Snapdragon code that if exploited, can be used by attackers for gaining root access and taking full control of your device. Gaining root access on a device is a matter of concern, as it grants attackers access to admin level capabilities, allowing them to turn your device against you to snap your pictures, and snoop on your personal data including accounts' passwords, emails, messages and photos. The company's own website notes that Qualcomm Snapdragon SoCs (systems on a chip) power more than a Billion smart devices, including many Internet of Things (IoTs) as of today. Thus, the issue puts many people at risk of being attacked. Although Google has pus
How Some Chinese Hackers Started Making Big Money

How Some Chinese Hackers Started Making Big Money

Oct 13, 2015
We know that Hackers hack for a variety of reasons: ...some hack to test their skills, …some hack to gain recognition, ...some hack to make money, ...some hack to support their Nation-State strategy, ...and, some hack alone, and some hack in Groups. And Chinese Hackers are the ones who are infamous for their dedication towards Hacking. Chinese hacking groups are better known for attacking and stealing information, organized cyber crimes, theft of intellectual property and state-sponsored cyber espionage attacks. But it seems that several Chinese hacker groups have now shifted their motive of hacking towards ' making money '. How much Money Hackers Actually Make? It is a known fact that hacking makes money, but how much? Answer: At least $4,500,000/year   from one malware campaign. How? We often observe mobile and desktop applications bundled with Ad-displaying programs, called Adware, to generate revenue. Just last week we reported abou
Kemoge: Latest Android Malware that Can Root Your Smartphone

Kemoge: Latest Android Malware that Can Root Your Smartphone

Oct 08, 2015
Google Android has been a primary concern of the attackers. Counting from a simple text message that could hack an Android phone remotely to the Stagefright bug making Billion users vulnerable. Now, the latest is the ' Kemoge Malware ' that has made its debut as an Adware on the Android mobile phones, allowing third-party app stores to fetch your device's information and take full control of it. Security researchers from FireEye Labs have discovered that Kemoge malicious adware family is spreading in 20 countries around the globe. Also, the origin of the Adware's attack is suspected from China. What is Kemoge? The name given to the malicious Adware family is because of its command and control (C2) domain: aps.kemoge.net. Kemoge is an Adware in the disguise of popular Apps; it has circulated in such numbers because it takes the name of popular apps and repackages them with the malicious code and make them available to the user. They even use
Cybersecurity Resources