android smartphones | Breaking Cybersecurity News | The Hacker News

Malicious Android application stealing banking credentials A new form of smart Android malware can not only steal your online banking information, but update itself in the future and secretly send contact information stored on your device off to the Bad Guys. Security researchers at McAfee have discovered a malicious Android application capable of grabbing banking passwords from a mobile device without infecting the user's computer. From a McAfee blog post on the subject, penned by Malware Researcher Carlos Castillo: " To get the fake token, the user must enter the first factor of authentication (used to obtain initial access to the banking account). If this action is not performed, the application shows an error. When the user clicks "Generar" (Generate), the malware shows the fake token (which is in fact a random number) and sends the password to a specific cell phone number along with the device identifiers (IMEI and IMSI). The same information is also sent to one of the co

The Killswitch : They can remotely modify your Window 8 Last year,a Finnish software developer, was cruising Google's Android Market for smartphone apps last year when he noticed something strange. Dozens of best-selling applications suddenly listed the same wrong publisher. Google uses a little known kill switch, to forcibly removing the malicious code from more than 250,000 infected Android smartphones. It's a powerful way to stop threats that spread quickly, but it's also a privacy and security land mine. With the rollout of the Windows 8 operating system expected later this year, millions of desktop and laptop PCs will get kill switches for the first time. Microsoft has confirmed that they have remote kill switch installed in to Windows 8 apps. using this access, they can disable and even remove an app entirely from a user's device. This piece of information was released along with other details of the upcoming Windows Store for Windows 8. Anyone worried about Microsoft having

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

Ascend D quad : World's fastest Android by Huawei Huawei has introduced what it calls the world's fastest quad-core smartphone, the Huawei Ascend D quad. Powered by Huawei's K3V2 quad-core 1.2GHz/1.5GHz processor the beast comes with Android 4.0. In an aggressive presentation at the Mobile World Congress Show in Barcelona, Huawei repeatedly compared its new product to Samsung's Galaxy Nexus and Apple's latest iPhone. Huawei also unveiled the Ascend D quad XL and Ascend D1. Both devices include 32-bit true color graphic processors, an 8-megapixel rear-facing camera with 1080p full HD video capture and a 1.3-megapixel front-facing camera with 720p video capture. The phone also has Dolby 5.1 Surround Sound and Audience earSmart voice technology and an 8-megapixel BSI rear-facing camera, 1.3 megapixel front-facing camera, and 1080p full HD video-capture and playback capabilities. Ascend D Quad is much faster, too- 20 percent to 30 percent faster, in fact, than one running

Facebook app spreading Android Malwares Even though Google recently introduced a malware-blocking system called Bouncer to keep the Android Market safe from malicious software, crafty spammers and fraudsters are still managing to find ways around the restrictions to get their software onto users' phones. Security firm, Sophos have reported that there is malware going around via the Facebook application. The malicious software disguises itself as an Android app named "any_name.apk" or "allnew.apk" and is sent to Android phones via Facebook's mobile app.  An Android user may receive a Facebook friend request and if the user goes to the requester's profile to check them out, they could be diverted to another web page instead, where the malicious app will be automatically downloaded. Although Android doesn't by default allow apps to be automatically downloaded, some users choose to turn off this protection in order to have access to apps distributed outside of the Android Market. This

Zero-day Smartphone Vulnerability exposes location and User Data Smartphones are increasingly becoming the preferred device for both personal and professional computing, which has also attracted hackers to increase their focus on creating malware and other security vulnerabilities for these devices. A former McAfee researcher " Dmitri Alperovitch " has used a previously unknown hole in smartphone browsers to plant China-based malware that can record calls, pinpoint locations and access user texts and emails. He conducted the experiment on a phone running Android operating system, although he saysApple Inc.'s iPhones are equally vulnerable. Android is particularly vulnerable because it has become the main operating system for mobile devices. Today most smartphones are android-based therefore there is a huge dividend for hackers to write Android-targeted malware compared to other operating systems. Alperovitch, who has consulted with the U.S. intelligence community, is

Dropper Malware comes with DLL Hijacking Feature Trojans, Viruses, Worms have become the scare of the year, and with good reason. Many of the recent files are malicious in nature, causing the infected user at the very worst, to lose everything on their computer. There are few specially coded malware, which are not only developed to ensure that they cause maximum damage and steal all the sensitive information they can find on the infected devices. According to Bitdefender experts, In a blog post they mention about such a malware called "Dropper" or Trojan.Dropper.UAJ. But the brand new in terms of approach that dropper hijacks a library file called comres.dll, altering it to ensure that each time it's being used, the malware steps into play. The smartness of this malware can be judge from here that, it makes a copy of the genuine comres.dll file, patches it and then saves it in the Windows directory folder, where the operating system normally looks for a DLL to load when

Anonymous Hackers Develop WebLOIC DDOS Tool for Android Mobiles These Days Anonymous Hacker Group using a new tool WebLOIC . This tool is even easier to use than LOIC DDOS tool, requiring no download, it sends requests using Javascript in the user's browser. Just like LOIC, it is a quick path to prison, sending thousands of requests from your IP address to the target, accompanied by a slogan. Recently Hackers Release and New Interface of WebLOIC, ie. for Android Mobile in the form of an Application named " LOIC para Android by Alfred ". They Spread this tool via Anonymous social network accounts to execute the new attack in Various Anonymous operations against Argentinian government - such as #opargentina #iberoamerica. When Attacker will click " Fire ", a JavaScript will sends 1,000 HTTP requests with the message " We are LEGION! " that perform DoS attacks of Given Target URL. This Application is Available to Download here .

Android.Bmaster Exploits root access to connect to Botnet A new piece of Android malware named Android.Bmaster , first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog . This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread.  RootSmart is designed to escape detection by being named " com.google.android.smart, " which the same name as a settings app included by default with Android operating systems. Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated." The malware posts some user and phone-specific data to t

Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, the computer developers/engineers just 10 years back did not have any clue as to how this industry is going to be, the way this industry we have today. The Computers and its applications nowadays are more powerful and much smarter than ever before. Computer applications are used in every industry like engineering, designing, music programming, web development etc which enables their users to come up with amazing products every day. So far so good the story of the computer development sounds amazing but there is a problem with its development. When computer applications are developed, they are not particularly a complete perfect solution. They contain some flaws or bugs which can be exploi

Wifi Protector - Protect Your Android From Wi-Fi Sniffing Attacks The only app that is able to countermeasure " Man In The Middle " attacks on Android platform - Wifi Protector . No other app provides this type of high network security. Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via "Man In The Middle" through ARP spoofing / ARP poisoning. WifiKill can't take you offline with this app installed. The "Immunity" feature is the only one that requires root, all other features work without root access. Features - Uses very few resources - Uses no resources if Wi-Fi is disabled - Nearly zero battery consumption - Requires very few permissions. Requests only absolutely necessary permissions - Undetectable by the bad guy - 100% silent and passive inside the network. Generates no noise - Highly customizable notifications - Plays ringtone on atta

Another Malware from Android Market infect Millions of Users Malware might have infected more than 5 million Android mobile devices via deliberately corrupted apps sold in the Android Marketplace, according to security firm Symantec . They reckoned Android.Counterclank, a slight variant of Android.Tonclank . Symantec explains that the malicious code appears in a package called " apperhand ", and a service under the same name can been seen running on the infected device when it's executed. According to Symantec, the Trojan has been identified in 13 different apps in the Android Marketplace. Symantec's Security Response Team Director, Kevin Haley said:" They don't appear to be real publishers. There aren't rebundled apps, as we've seen so many times before. " Symantec also noted that this slimy piece of malware has the highest distribution of any malware identified so far this year and may actually be the largest malware infection seen by Android users in the operating systems short