#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

android smartphones | Breaking Cybersecurity News | The Hacker News

Category — android smartphones
FBI Warning : New Malware attacking Android smartphones

FBI Warning : New Malware attacking Android smartphones

Oct 13, 2012
Users should be aware that Cyber criminals are finding new ways to install malicious software on devices. The latest threat to Android phone users, according to the FBI , is a "work-at-home opportunity that promises a profitable payday just for sending out email." The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher .  Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user's address book and the infected device's phone number . FinFisher is a spyware capable of taking over the components of a mobile device. Whe...
Security flaw in 3G could allow anyone to track your smartphone

Security flaw in 3G could allow anyone to track your smartphone

Oct 09, 2012
New privacy threats have been uncovered by security researchers that could allow every device operating on 3G networks to be tracked, according to research from the University of Birmingham with collaboration from the Technical University of Berlin. Researchers said that standard off-the-shelf equipment, such as femtocells, could be used to exploit the flaw, allowing the physical location of devices to be revealed. The 3G standard was designed to protect a user's identity when on a given network. A device's permanent identity, known as International Mobile Subscriber Identity (IMSI) is protected on a network by being assigned a temporary identity called a Temporary Mobile Subscriber Identity TMSI. The TMSI is updated regularly while the 3G networks are supposed to make it impossible for someone to track a device even if they are eavesdropping on the radio link. Researchers have discovered that these methods can easily be sidestepped by spoofing an IMSI paging reques...
How AI Is Transforming IAM and Identity Security

How AI Is Transforming IAM and Identity Security

Nov 15, 2024Machine Learning / Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human identities — now, autonomous systems, APIs, and connected devices also fall within the realm of AI-driven IAM, creating a dynamic security ecosystem that adapts and evolves in response to sophisticated cyber threats. The Role of AI and Machine Learning in IAM AI and machine learning (ML) are creating a more robust, proactive IAM system that continuously learns from the environment to enhance security. Let's explore how AI impacts key IAM components: Intelligent Monitoring and Anomaly Detection AI enables continuous monitoring of both human and non-human identities , including APIs, service acc...
Android Malware can now steal 3D Model Of Your Location

Android Malware can now steal 3D Model Of Your Location

Sep 30, 2012
It's a fact that as smartphones get more capable, the possibilities for their misuse also increase. They're already exploited by crooks to swipe personal information, but a new Android app created by the U.S. Navy is on another level entirely. It's a scary piece of malware called " PlaceRaider " that was developed by the US Naval Surface Warfare center and for now it is being viewed as just a proof of concept. According to the MIT Technology Review, researchers at Indiana University and the Naval Surface Warfare Center have developed a new form of malware designed to record and reconstruct a victim's environment. They has just worked out how to infect a mobile phone with a Trojan that can take photos without you knowing anything about it and send sensor data back to a server. The data are used to construct a 3D model which can be used not only to perform the reconnaissance necessary to break in, but also to steal confidential information such as bank details. O...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
New Android Exploit Could Force Factory Reset remotely

New Android Exploit Could Force Factory Reset remotely

Sep 25, 2012
Clicking one wrong link can cause malicious code to execute, which could do anything from infecting your computer with malware to, apparently, wiping your phone data completely. At the Ekoparty security conference, researcher Ravi Borganokar demonstrated at the Ekoparty security conference in Argentina last week, that how a single line of HTML code could be used to run a factory reset or even clear the SIM card on certain Samsung phones. Malicious hackers can hide a code in a web page that will trigger a full factory reset of Samsung's best-selling Galaxy S3 smartphone, deleting contacts, photographs, music, apps and other valuable data. The devastating flaw lies in Samsung's dialling software, triggered by the tel protocol in a URL. It isn't applicable to all the company's Android handsets, but those that are vulnerable can have their PIN changed or be wiped completely just by visiting a web page or snapping a bad QR code, or even bonking up against the wrong wireless N...
The FixMeStick : My Parents Need This

The FixMeStick : My Parents Need This

Sep 20, 2012
The founders over at FixMeStick sent us a pair of their latest devices to check out. The FixMeStick is, in short, a malware removal device for dummies . The FixMeStick is a bootable USB device running Lubuntu and integrates three separate anti-virus scanners from Kaspersky Labs, Sophos, and GFI. While our readers will probably never need it for themselves, we may all wish we had something like this for our non-technical friends and family, or the 9 million PCs infected with ZeroAccess botnet . The FixMeStick does a lot of things that nobody else does on a bootable USB, and let's be real, removing rootkits is never pleasant or easy. Why I Want it For My Parents Linux: the FixMeStick is a Linux-based device that runs before Windows boots enabling it to remove infections without the infection getting stealthy or playing war with my parent's anti-virus software. N-Scanner architecture: contains an integrated multi-scanner composed of three engines: Kaspersky Labs, Sophos, and GFI's VI...
Android 4.0.4 multiple Zero-Day Vulnerabilities

Android 4.0.4 multiple Zero-Day Vulnerabilities

Sep 19, 2012
The Samsung Galaxy S3 can be hacked via NFC, allowing attackers to download all data from the Android smartphone, security researchers demonstrated during the Mobile Pwn2Own contest in Amsterdam. Using a pair of zero day vulnerabilities, a team of security researchers from U.K.-based MWR Labs hacked into a Samsung Galaxy S3 phone running Android 4.0.4 by beaming an exploit via NFC (Near Field Communications). NFC is a technology that allows data to be sent over very short distances. For mobile devices, the protocol allows digital wallet applications to transfer money to pay at the register. While the technology has been slow to take off, despite the adoption by Google for its Wallet payment application, a number of recent high-profile announcements have boosted its adoption. " Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability...
Eject any WiFi device from network using Android

Eject any WiFi device from network using Android

Sep 13, 2012
If you want to disable any ip address which use same router to connect internet. Now you can used your android application, WifiKill use as can disable internet connection for a device on the same network. May be you ever use " NetCut " tool in your windows to eject any WiFi device from network with one click. NetCut have ability to scan the network for all connect devices with their MAC address and then with one click you can disconnect anyone from Network using ARP SPOOF attacks. This application mostly used by students to save bandwidth in colleges or in any network where they want to disconnect all other users and use complete bandwidth for better speed or by some Network admins. But NETCUT comes for Windows only. A Android application released called " WiFiKill  v1.7 " , this is alternate version of NETCUT for Android. Simply allows you to scan your wifi network for devices, see their vendor and cut network connection for specified devices. This way you can g...
WhatsApp vulnerability can be misused for Spreading Malware

WhatsApp vulnerability can be misused for Spreading Malware

Sep 13, 2012
A Cross site scripting (XSS) vulnerability in WhatsApp website reported to The Hacker News by Edgard Chammas. WhatsApp is one of the most famous cross-platform mobile messaging app for iPhone, BlackBerry, Android, Windows Phone and Nokia used to send text, video, images, audio b/w Whatsapp users. Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users. Reported vulnerability exist on payment procedure page as shown in above picture. The Sample code given below to demonstrate the vulnerability. Recently, there has been an increase in web malware and spam activities and such vulnerabilities can be misused by attackers to spread Malwares and rogue applications. Edgard also demonstrate that How this can be used to trick users to download a fake application (Malware...
Hijacking Virtual Machines with Crisis malware

Hijacking Virtual Machines with Crisis malware

Aug 22, 2012
The Windows version of Crisis , a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices and removable USB drives, according to researchers from antivirus vendor Symantec.The installer was actually a Java archive (JAR) file which had been digitally signed by VeriSign. Crisis is distributed via social engineering attacks that trick users into running a malicious Java applet. The applet identifies the user's OS, Windows or Mac OS X and executes the corresponding installer. " The threat uses three methods to spread itself: one is to copy itself and an autorun.inf file to a removable disk drive, another is to sneak onto a VMware virtual machine, and the final method is to drop modules onto a Windows Mobile device ," Symantec explained in a blog post . Malware authors are putting significant efforts into making sure that new variants of their Trojan programs are not detected by antivirus products when they are released. Also...
Half Million Chinese Android Devices got infected with SMSZombie

Half Million Chinese Android Devices got infected with SMSZombie

Aug 21, 2012
The amount of malware crafted and aimed at Android devices is ever-increasing. With Android being the most popular platform for smartphones and tablets around the world, Android users have become the low-hanging fruit when it comes to writing malware by the nefarious users. A new Android threat has affected 500,000 devices in China so far. Analysts at TrustGo Security Labs have discovered the Trojan!SMSZombie.A. It is a complex and sophisticated malware that exploits a vulnerability in the China Mobile SMS Payment System to fund unauthorised payments, steal bank card numbers and receipt information regarding money transfers. The trojan is difficult to detect, and even more difficult to remove.  SMSZombieA was first discovered on August 8, and the malware is embedded in several wallpaper apps. The wallpaper apps are noted to use provocative titles and nude images to encourage users to download. The trojan installs itself on a device after its user has downloaded and installed the...
MatrixDAR - First Military Grade Encryption for Android

MatrixDAR - First Military Grade Encryption for Android

Aug 21, 2012
AuthenTec, a leading provider of mobile and network security, today introduced a new security offering that provides military-grade encryption to data stored on today's Android smartphones and tablets without sacrificing device performance. AuthenTec's MatrixDAR(TM) for Android meets the stringent requirements of FIPS 140 certification.  MatrixDAR allows for full disk encryption in both the device and its storage media and incorporates AuthenTec's SafeZone software. This expands the company's security services for data-in-transit over SSL and IPSec connections and data-as-rest stored on a mobile device. It prevents unauthorized access and renders the smartphone or tablet useless if lost or stolen. AuthenTec offers the product for OEMs to directly install on devices, allowing IT departments to avoid installation of separate encryption software. " Our new MatrixDAR offering gives smartphone and tablet OEMs the ability to easily integrate military-grade FIPS 140-cert...
Zeus malware targeting BlackBerry and Android devices

Zeus malware targeting BlackBerry and Android devices

Aug 09, 2012
Security researchers at Kaspersky Lab have discovered five new samples of the ZeuS-in-the-Mobile (ZitMo) malware package, targeting Android and BlackBerry devices. Zitmo (Zeus in the mobile) is the name given to the mobile versions of Zeus, and it's been around for a couple of years already, mostly infecting Android phones. The Zitmo variant has reportedly been operating for at least two years targeting Android phones by masquerading as banking security application or security add-on. ZitMo gets hold of banking information by intercepting all text messages and passing them on to attackers' own devices. It gets onto devices inside malicious applications, which users are duped into downloading. In this case, the malicious app was posing as security software called 'Zertifikat'. Once installed, the packages forward all incoming SMS messages to one of two command and control numbers located in Sweden, with the aim of snaring secure codes and other data. Kaspersky found mobile users ...
Malicious Olympic 2012 Android Apps & Domains

Malicious Olympic 2012 Android Apps & Domains

Aug 07, 2012
Whenever an important event takes place, new opportunities for cyber criminals, especially for those who develop attacks based on social engineering, arise. Currently, the whole world has its eyes glued to TV screens watching the London 2012 Olympic Games. Anti-malware and anti-virus solutions provider Webroot has issued a warning that an app app called " London Olympics Widget ," which is described as an app that displays aggregated Olympic news coverage. In fact, it's really just harvesting the user's contact list and device ID while reading up on SMS messages too. The package name is 'com.games.London.Olympics.widget'. This app has a digital certificate claiming it was developed in New Delhi, India. For this scam, cybercriminals create websites that are very appealing; some even look very professional that they make it seem that you are close to having access to live programming. Researchers explain that the crooks rely on black hat SEO techniques to make sure t...
Android Hackers will demonstrate Fully loaded Spying Applications & Mobile Botnet

Android Hackers will demonstrate Fully loaded Spying Applications & Mobile Botnet

Jul 25, 2012
This Sunday, The Capital , New Delhi plays host to an International The Hackers Conference where blackhat hackers will discuss the challenges of cyber safety with security agencies. Your Smartphone is an always-on and always-connected digital extension of your life which will be used by attackers to covertly steal your sensitive data and spy on you. Mahesh , An Independent Security Researcher and Android Developer/Hacker will demonstrate " Android Spy Agent ". This application allows us to remotely access the entire victim's personal information and even though the confidential data available in the android cell phone. The type of personal information includes the victim's contacts, call logs, messages, browser's history, GPS location and much more information directly available on the victim's cell phone.  Many-a-times we think that is there any way by which we can read the private sms of anyone. So here is the solution Mr. Mahesh will present in...
CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

CVE-2012-2808 : Android 4.0.4 DNS poisoning vulnerability Exposed

Jul 24, 2012
Android's DNS resolver is vulnerable to DNS poisoning due to weak randomness in its implementation. Researchers Roee Hay & Roi Saltzman from IBM Application Security Research Group demonstrate that how an attacker can successfully guess the nonce of the DNS request with a probability thatis su cient for a feasible attack. Android version 4.0.4 and below are Vulnerable to this bug. Weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible. DNS poisoning attacks may endanger the integrity and con dentiality of the attacked system. For example, in Android, the Browser app can be attacked in order to steal the victim's cookies of a domain of the attacker's choice. If the attacker manages to lure the victim to browse to a web page controlled by him/her, the attacker can use JavaScript, to start resolving non-existing sub-domains. Upon success, a sub-domain points to the attacker's IP, which enables the latter to steal wild card...
8 million passwords dumped from gaming website Gamigo

8 million passwords dumped from gaming website Gamigo

Jul 23, 2012
Four months after the gaming site Gamigo warned users about a hacker intrusion that accessed some portions of its users' credentials, more than 8 million usernames, emails and and encrypted passwords from the site have been published on the Web, according to the data breach alert service PwnedList. The list of passwords, which were scrambled using a one-way cryptographic hash algorithm, were published earlier this month to a forum on the password-cracking website Inside Pro . According to forbe," The list also contained 8.2 million unique e-mail addresses, including 3 million American accounts from the US, 2.4 million accounts from Germany, and 1.3 million accounts from France ." Gamigo warned users in early March that an attack on the Gamigo database had exposed hashed passwords and usernames and possibly other, unspecified additional personal data. The site required users to change their account passwords. PwnedList founder Steve Thomas said, " It's the largest leak I'v...
17 years old hacker will demonstrate Linux ELF Virus at 'The Hackers Conference 2012'

17 years old hacker will demonstrate Linux ELF Virus at 'The Hackers Conference 2012'

Jul 22, 2012
The Biggest Hacking Mania has arrived - ' The Hackers Conference 2012 '.  In this first of its kind conference in India, Blackhat hackers drawn from around the world will demonstrate how they access a victim's personal information, and even confidential data available on the Android cell phone. The conference will be held on July 29 at the India Habitat Centre in New Delhi. The use of Linux as an operating system is increasing rapidly, thanks partly topopular distributions such as 'RedHat' and 'Suse'. So far, there are very few Linuxfile infectors and they do not pose a big threat yet. However, with more desktopsrunning Linux, and probably more Linux viruses, the Linux virus situation couldbecome a bigger problem. 17 years old hacker, Aneesh Dogra will talk on " How to make a Linux ELF Virus (That works on your latest linux distribution) " at ' The Hackers Conference 2012 ' . Linux or Unix has the reputation of being "not so buggy", and of be...
Kevin Mitnick joins the Zimperium team

Kevin Mitnick joins the Zimperium team

Jul 19, 2012
Security firm Zimperium developer of Android app zANTI (Android application Toolkit) now have World Best Hacker " Kevin Mitnick " in their Team. In a Press Release , Itzhak "Zuk" Avraham said " Zimperium is honored and excited to announce our newest member of the advisory board, world renowned hacker Kevin Mitnick.We are thrilled to have Kevin on board and feel that his leadership and consultancy will help Zimperium to get to the next level,through corporate efficiency, brand recognition and better quality solutions for our clients! " Zimperium Ltd. is a privately owned start-up located in Tel Aviv, Israel; whichdesigns and develops cutting edge Intellectual Property in the field ofinformation security and mobile technology. The company was founded in 2010. " Mobile devices are the new target-rich environment. Based on lessons learned in the early days of the personal computer,businesses should adopt a proactive approach to mobile security so they don'...
FACT : One in five Microsoft logins controlled by hackers

FACT : One in five Microsoft logins controlled by hackers

Jul 17, 2012
About 20 percent of Microsoft Account logins are found on lists of compromised credentials in the wake of hack attacks on other service providers, Eric Doerr, Group Program Manager for Microsoft's Account system said . A significant proportion of compromised credentials Microsoft sees from other services have the same username and password on the Microsoft account system (formerly Windows Live ID) logins, which cover services such as Hotmail, Messenger and SkyDrive. These logins have not been compromised from the Microsoft server, but are instead based on login information leaked from other sites. " These attacks shine a spotlight on the core issue people reuse passwords between different websites ," he said. Microsoft regularly gets lists of compromised third-party login details from ISPs, law enforcement and vendors, as well as from lists published on the internet by hackers, according to Doerr. This information is checked against Microsoft login details using an auto...
Android Security shielded with full ASLR implementation

Android Security shielded with full ASLR implementation

Jul 17, 2012
The latest release of Google's Android mobile operating system has finally been properly fortified with an industry-standard defense. It's designed to protect end users against hack attacks that install malware on handsets. Android 4.1 Jelly Bean includes several new exploit mitigations and a more extensive implementation of ASLR to help defeat many kinds of exploits. ASLR is an exploit mitigation method that randomizes the positions of key data areas such as libraries, heap, stack, and the base of the executable, in a process's address space, and that makes it near impossible for malware authors and hackers to predict where their malicious payloads will be loaded. " As we mentioned in our previous post on Android ASLR, the executable mapping in the process address space was not randomized in Ice Cream Sandwich, making ROP-style attacks possible using the whole executable as a source of gadgets. In Jelly Bean, most binaries are now compiled/linked with the PIE fla...
Expert Insights / Articles Videos
Cybersecurity Resources