#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
AI Security

android smartphones | Breaking Cybersecurity News | The Hacker News

DKFBootKit - First Android BootKit Malware

DKFBootKit - First Android BootKit Malware

Mar 30, 2012
DKFBootKit - First Android BootKit Malware NQ Mobile Security Research Center has recently uncovered a new malware DKFBootKit. This malware is identified when monitoring and analyzing the evolution of earlier DroidKungFu variants. What sets DKFBootKit apart from malware like DroidDream, is that DKFBootKit replaces certain boot processes and can begin running even before the system is completely booted up. DKFBootKit repackages legitimate apps by enclosing its own malicious payloads in them. However, the victim apps it chooses to infect are utility apps which require the root privilege to work properly. NQ says the malicious code has already infected 1,657 Android devices in the past two weeks and has appeared on at least 50 different mobile apps. These apps seem to have legitimate reasons to request root privilege for their own functionality. It is also reasonable to believe that users will likely grant the root privilege to these apps. DKFBootKit makes use of the granted root p
Mercury v1.0 - Framework for bug hunters to find Android vulnerabilities

Mercury v1.0 - Framework for bug hunters to find Android vulnerabilities

Mar 20, 2012
Mercury v1.0  - Framework for bug hunters to find Android vulnerabilities A free framework for bug hunters to find vulnerabilities, write proof-of-concept exploits and play in Android. Use dynamic analysis on Android applications and devices for quicker security assessments. Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices. The easy extensions interface allows users to write custom modules and exploits for Mercury Replace custom applications and scripts that perform single tasks with a framework that provides many tools. Mercury allows you to: Interact with the 4 IPC endpoints - activities, broadcast receivers, content providers and services Use a proper shell that allows you to play with the underlying Linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see) Find information on installed packages with optional search filters to allow for better control Buil
10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit

10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit

Jul 15, 2024Cyber Crime / Data Protection
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn't it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that's basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. Over the last few years, the problem has grown bigger and bigger, and only now are we slowly learning its full destructive potential. In this article, we will describe how the entire cybercriminal ecosystem operates, the ways various threat actors exploit data originating from it, and most importantly, what you can do about it. Let's start with what infostealer malware actually is. As the name suggests, it's malware that... steals data. Depending on the specific type, the information it extracts might differ slightly, but most will try to extract the following: Cryptocurrency wallets Bank account information and saved credit card details Saved passwords from various apps Bro
Security holes in Android with apps Advertisements

Security holes in Android with apps Advertisements

Mar 19, 2012
Security holes in Android with apps Advertisements Researchers at North Carolina State University have found privacy and security holes in Android apps because of in-application advertisements. They study the popular Android platform and collect 100,000 apps from the official Android Market in March-May, 2011 and Then they identify the possible 52.1% apps using Advertisements and further developa system called AdRisk to systematically identify potentialrisks. They explain that most of the ad libraries collect private information, some ofthem may be used for legitimate targeting purposes (i.e., the user'slocation) while others are hard to justify by invasively collectingthe information such as the user's call logs, phone number, browserbookmarks, or even the list of installed apps on the phone. The researchers wrote in a paper to be presented at the 5th ACM Conference on Security and Privacy in Wireless and Mobile Networks in Tucson on April 17th, [ Read Here ] As one host app may
cyber security

Top 4 Security Risks of GenAI

websiteWizGenAI Security / Technology
Gain a competitive edge and unlock the top 4 major emerging risks within GenAI. This report from Gartner provides insights and recommended actions for security and product leaders.
Malicious Android application stealing banking credentials

Malicious Android application stealing banking credentials

Mar 15, 2012
Malicious Android application stealing banking credentials A new form of smart Android malware can not only steal your online banking information, but update itself in the future and secretly send contact information stored on your device off to the Bad Guys. Security researchers at McAfee have discovered a malicious Android application capable of grabbing banking passwords from a mobile device without infecting the user's computer. From a McAfee blog post on the subject, penned by Malware Researcher Carlos Castillo: " To get the fake token, the user must enter the first factor of authentication (used to obtain initial access to the banking account). If this action is not performed, the application shows an error. When the user clicks "Generar" (Generate), the malware shows the fake token (which is in fact a random number) and sends the password to a specific cell phone number along with the device identifiers (IMEI and IMSI). The same information is also sent to one of the co
The Killswitch : They can remotely modify your Window 8

The Killswitch : They can remotely modify your Window 8

Feb 29, 2012
The Killswitch : They can remotely modify your Window 8 Last year,a Finnish software developer, was cruising Google's Android Market for smartphone apps last year when he noticed something strange. Dozens of best-selling applications suddenly listed the same wrong publisher. Google uses a little known kill switch, to forcibly removing the malicious code from more than 250,000 infected Android smartphones. It's a powerful way to stop threats that spread quickly, but it's also a privacy and security land mine. With the rollout of the Windows 8 operating system expected later this year, millions of desktop and laptop PCs will get kill switches for the first time. Microsoft has confirmed that they have remote kill switch installed in to Windows 8 apps. using this access, they can disable and even remove an app entirely from a user's device. This piece of information was released along with other details of the upcoming Windows Store for Windows 8. Anyone worried about Microsoft having
Ascend D quad : World's fastest Android by Huawei

Ascend D quad : World's fastest Android by Huawei

Feb 27, 2012
Ascend D quad : World's fastest Android by Huawei Huawei has introduced what it calls the world's fastest quad-core smartphone, the Huawei Ascend D quad. Powered by Huawei's K3V2 quad-core 1.2GHz/1.5GHz processor the beast comes with Android 4.0. In an aggressive presentation at the Mobile World Congress Show in Barcelona, Huawei repeatedly compared its new product to Samsung's Galaxy Nexus and Apple's latest iPhone. Huawei also unveiled the Ascend D quad XL and Ascend D1. Both devices include 32-bit true color graphic processors, an 8-megapixel rear-facing camera with 1080p full HD video capture and a 1.3-megapixel front-facing camera with 720p video capture. The phone also has Dolby 5.1 Surround Sound and Audience earSmart voice technology and an 8-megapixel BSI rear-facing camera, 1.3 megapixel front-facing camera, and 1080p full HD video-capture and playback capabilities. Ascend D Quad is much faster, too- 20 percent to 30 percent faster, in fact, than one running
Facebook app spreading Android Malwares

Facebook app spreading Android Malwares

Feb 25, 2012
Facebook app spreading Android Malwares Even though Google recently introduced a malware-blocking system called Bouncer to keep the Android Market safe from malicious software, crafty spammers and fraudsters are still managing to find ways around the restrictions to get their software onto users' phones. Security firm, Sophos have reported that there is malware going around via the Facebook application. The malicious software disguises itself as an Android app named "any_name.apk" or "allnew.apk" and is sent to Android phones via Facebook's mobile app.  An Android user may receive a Facebook friend request and if the user goes to the requester's profile to check them out, they could be diverted to another web page instead, where the malicious app will be automatically downloaded. Although Android doesn't by default allow apps to be automatically downloaded, some users choose to turn off this protection in order to have access to apps distributed outside of the Android Market. This
Zero-day Smartphone Vulnerability exposes location and User Data

Zero-day Smartphone Vulnerability exposes location and User Data

Feb 24, 2012
Zero-day Smartphone Vulnerability exposes location and User Data Smartphones are increasingly becoming the preferred device for both personal and professional computing, which has also attracted hackers to increase their focus on creating malware and other security vulnerabilities for these devices. A former McAfee researcher " Dmitri Alperovitch " has used a previously unknown hole in smartphone browsers to plant China-based malware that can record calls, pinpoint locations and access user texts and emails. He conducted the experiment on a phone running Android operating system, although he saysApple Inc.'s iPhones are equally vulnerable. Android is particularly vulnerable because it has become the main operating system for mobile devices. Today most smartphones are android-based therefore there is a huge dividend for hackers to write Android-targeted malware compared to other operating systems. Alperovitch, who has consulted with the U.S. intelligence community, is
Dropper Malware comes with DLL Hijacking Feature

Dropper Malware comes with DLL Hijacking Feature

Feb 22, 2012
Dropper Malware comes with DLL Hijacking Feature Trojans, Viruses, Worms have become the scare of the year, and with good reason. Many of the recent files are malicious in nature, causing the infected user at the very worst, to lose everything on their computer. There are few specially coded malware, which are not only developed to ensure that they cause maximum damage and steal all the sensitive information they can find on the infected devices. According to Bitdefender experts, In a blog post they mention about such a malware called "Dropper" or Trojan.Dropper.UAJ. But the brand new in terms of approach that dropper hijacks a library file called comres.dll, altering it to ensure that each time it's being used, the malware steps into play. The smartness of this malware can be judge from here that, it makes a copy of the genuine comres.dll file, patches it and then saves it in the Windows directory folder, where the operating system normally looks for a DLL to load when
Anonymous Hackers Develop WebLOIC DDOS Tool for Android Mobiles

Anonymous Hackers Develop WebLOIC DDOS Tool for Android Mobiles

Feb 18, 2012
Anonymous Hackers Develop WebLOIC DDOS Tool for Android Mobiles These Days Anonymous Hacker Group using a new tool WebLOIC . This tool is even easier to use than LOIC DDOS tool, requiring no download, it sends requests using Javascript in the user's browser. Just like LOIC, it is a quick path to prison, sending thousands of requests from your IP address to the target, accompanied by a slogan. Recently Hackers Release and New Interface of WebLOIC, ie. for Android Mobile in the form of an Application named " LOIC para Android by Alfred ". They Spread this tool via Anonymous social network accounts to execute the new attack in Various Anonymous operations against Argentinian government - such as #opargentina #iberoamerica. When Attacker will click " Fire ", a JavaScript will sends 1,000 HTTP requests with the message " We are LEGION! " that perform DoS attacks of Given Target URL. This Application is Available to Download here .
Android.Bmaster Exploits root access to connect to Botnet

Android.Bmaster Exploits root access to connect to Botnet

Feb 10, 2012
Android.Bmaster Exploits root access to connect to Botnet A new piece of Android malware named Android.Bmaster , first highlighted by researcher Xuxian Jiang at North Carolina State University, was uncovered on a third-party marketplace and is bundled with a legitimate application for configuring phone settings, Symantec researcher Cathal Mullaney wrote in a blog . This Malware is estimated to affect between 10,000 and 30,000 phones on any given day. The malware, mostly found on Chinese phones, works by using GingerBreak, a tool that gives users root access to Android 2.3 Gingerbread.  RootSmart is designed to escape detection by being named " com.google.android.smart, " which the same name as a settings app included by default with Android operating systems. Mullaney explained that once the malware is installed on the Android phone, an outbound connection from the infected phone to a remote server is generated." The malware posts some user and phone-specific data to t
Mobile Based Wireless Network MiTM Attack Illustration

Mobile Based Wireless Network MiTM Attack Illustration

Feb 05, 2012
Mobile Based Wireless Network MiTM Attack Illustration Bilal Bokhari from zer0byte.com Illustrated perfect example of Mobile Based Wireless Network MiTM Attack on his blog. Bilal want to share this article with our Readers at THN, Have a look : If we look at the history of computer development, the computer developers/engineers just 10 years back did not have any clue as to how this industry is going to be, the way this industry we have today. The Computers and its applications nowadays are more powerful and much smarter than ever before. Computer applications are used in every industry like engineering, designing, music programming, web development etc which enables their users to come up with amazing products every day. So far so good the story of the computer development sounds amazing but there is a problem with its development. When computer applications are developed, they are not particularly a complete perfect solution. They contain some flaws or bugs which can be exploi
Wifi Protector - Protect Your Android From Wi-Fi Sniffing Attacks

Wifi Protector - Protect Your Android From Wi-Fi Sniffing Attacks

Feb 03, 2012
Wifi Protector - Protect Your Android From Wi-Fi Sniffing Attacks The only app that is able to countermeasure " Man In The Middle " attacks on Android platform - Wifi Protector . No other app provides this type of high network security. Protects your phone from tools like FaceNiff, Cain & Abel, ANTI, ettercap, DroidSheep, NetCut, and all others that try to hijack your session via "Man In The Middle" through ARP spoofing / ARP poisoning. WifiKill can't take you offline with this app installed. The "Immunity" feature is the only one that requires root, all other features work without root access. Features - Uses very few resources - Uses no resources if Wi-Fi is disabled - Nearly zero battery consumption - Requires very few permissions. Requests only absolutely necessary permissions - Undetectable by the bad guy - 100% silent and passive inside the network. Generates no noise - Highly customizable notifications - Plays ringtone on atta
Another Malware from Android Market infect Millions of Users

Another Malware from Android Market infect Millions of Users

Jan 28, 2012
Another Malware from Android Market infect Millions of Users Malware might have infected more than 5 million Android mobile devices via deliberately corrupted apps sold in the Android Marketplace, according to security firm Symantec . They reckoned Android.Counterclank, a slight variant of Android.Tonclank . Symantec explains that the malicious code appears in a package called " apperhand ", and a service under the same name can been seen running on the infected device when it's executed. According to Symantec, the Trojan has been identified in 13 different apps in the Android Marketplace. Symantec's Security Response Team Director, Kevin Haley said:" They don't appear to be real publishers. There aren't rebundled apps, as we've seen so many times before. " Symantec also noted that this slimy piece of malware has the highest distribution of any malware identified so far this year and may actually be the largest malware infection seen by Android users in the operating systems short
Cybersecurity
Expert Insights
Cybersecurity Resources