malicious apps | Breaking Cybersecurity News | The Hacker News

If you're one of the 400 million Android users out there who have installed Adobe Reader app that helps you to view PDF documents on mobile devices, then you should immediately update your app from Google Play Store. Adobe has released an updated Adobe Reader 11.2.0 version to addresses an important vulnerability that could be exploited to gain 'remote code execution' ability on the affected system. According to the Adobe  advisory , vulnerability ( CVE-2014-0514 ) resides in the implementation of JavaScript APIs on Adobe Reader 11.2 that could be exploited to execute arbitrary code within Adobe Reader. Adobe vulnerability discovered by security researcher  Yorick Koster of Securify BV , claimed that an attacker can create a specially crafted PDF file containing malicious JavaScript code that triggers when the victim will try to open it using affected Adobe Reader for Android Operating System. Multiple attack vectors are available to deploy a malicio

A new dangerous variant of ZeuS Banking Trojan has been identified by Comodo AV labs which is signed by stolen Digital Certificate which belongs to Microsoft Developer to avoid detection from Web browsers and anti-virus systems. Every Windows PC in the world is set to accept software " signed " with Microsoft's digital certificates of authenticity, an extremely sensitive cryptography seal. Cyber Criminals somehow managed to hack valid Microsoft digital certificate, used it to trick users and admins into trusting the file. Since the executable is digitally signed by the Microsoft developer no antivirus tool could find it as malicious. Digitally signed malware received a lot of media attention last year. Reportedly, more than 200,000 unique malware binaries were discovered in past two years signed with valid digital signatures. A Comodo User submitted a sample of the malicious software that attempts to trick user by masquerading itself as file of Intern

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Hardly two month ago we reported about the first widely spread Android Bootkit malware , dubbed as ' Oldboot.A ', which infected more than 500,000 Smartphone users worldwide with Android operating system in last eight months, especially in China. Oldboot is a piece of Android malware that's designed to re-infect Mobile devices even after a thorough cleanup. It resides in the memory of infected devices;  It modify the devices' boot partition and booting script file to launch system service and extract malicious application during the early stage of system's booting. Yet another alarming report about Oldboot malware has been released by the Chinese Security Researchers from ' 360 Mobile Security '. They have discovered a new variant of the Oldboot family, dubbed as ' Oldboot.B ', designed exactly as Oldboot.A, but new variant has advance stealth techniques. Especially, the defense against with antivirus software, malware analyzer, and automatic a

The Android operating system has hardened its security with application Sandboxing features to ensure that no application can access sensitive information held by another without proper privileges. Android applications communicate with each other through Intents and these intents can be abused by hackers to provide a channel for a malicious application to inject malicious data into a target, potentially vulnerable application. Security Researchers at IBM have discovered multiple vulnerabilities in Firefox for Android platform that allow a malicious application to leak the sensitive information related to the user's profile. Android's Firefox app stores the personal data at following location: / data /data/org . mozilla . firefox /files/mozilla/<RANDOM-STRING >. default . Where the random name for user's profile is used to prevent unwanted access to this directory in case of Firefox exploitation. Researchers developed an exploit to brute-force the &

Android -  a widely used Smartphone platform offered by Google is once again suspected to affect its users with malicious software that puts their android devices at risk. This time the vulnerabilities occur in the way Android handle the updates to add new flavors to your device. Researchers from Indiana University and Microsoft have discovered [ Paper PDF ] a new set of Android vulnerabilities that is capable to carry out privilege escalation attacks because of the weakness in its Package Management Service (PMS) that puts more than one billion Android devices at risk. The researchers dubbed the new set of security-critical vulnerabilities as Pileup flaws which is a short for privilege escalation through updating, that waylays inside the Android PMS and intensifies the permissions offered to malicious apps whenever an android update occurs, without informing users. The research was carried out by Indiana University Bloomington researchers, Luyi Xing, Xiaorui Pan, Ka

Pop Singer Justin Bieber's Twitter account hacked for around 15 minutes before it was corrected! The Twitter account with 50.2 Million Followers was compromised i.e. Twitter account with the second most Twitter followers. Spammers tweeted in Indonesian language from his hacked account with the links to a malicious twitter app named " ShootingStarPro ", and messages reading " Justin Bieber Cemberut? ", means - " Justin Bieber sullen? " It seems that the Justin's twitter account was hijacked by Indonesian hacker with a malicious twitter app, that further tweeted links to the a malicious website rumahfollowers[dot]tk   that hosted " ShootingStarPro " app, aimed to target his millions of followers in one shot. Justin's team quickly responded to the issue, deleted the bogus tweets and told fans " All good now. We handled it. ". He also warned his followers, " That link from earlier. Don't click it. Virus. Going to e

Android platform is becoming vulnerable day by day and hackers always try to manipulate android by applying novel techniques. In this regard, Symantec researchers have found a new android malware toolkit named " Dendroid ". Previously Symantec found an Android Remote admin tool named AndroRAT is believed to be the first malware APK binder. However, Dendroid runs on HTTP with many malicious features. Dendroid toolkit is able to generate a malicious apk file that offers amazing features like: Can delete call logs Open web pages Dial any number Record calls SMS intercepting Upload images, video Open an application Able to perform DoS attack Can change the command and control server The author of Dendroid also offers 24/7 customer support for this RAT and Android users can buy this toolkit at $300 by paying Bitcoin , Lifecoin. Experts at Symantec said that Dendroid has some connection with the previous AndroRAT toolkit . Dendroid being an HTTP RAT offers PHP

Downloading various apps blindly from Google play store may bring you at risk in terms of money.  PandaLabs , the Cloud Security Company, has identified malicious Android apps on Google Play that can sign up users for premium SMS subscription services without their permission and so far it has infected at least 300,000 Android users, although the number of malicious downloads could have reached 4 times higher i.e. 1,200,000 users. The four apps found free in the app store that came packaged with a premium SMS scam that dubbed as "Easy Hairdos", "Abs Diets", "Workout Routines" and "Cupcake Recipes" and are among the malicious apps available for free download on Google Play store . From the above app, say if 'Abs Diet' has been installed on your phone and once the user has accepted the terms and conditions of the service, the app displays a series of tips to reduce abdominal fat and then without the user's knowledge, the app l

Hey Android users! I am quite sure that you must be syncing your Smartphone with your PCs for transferring files and generating backup of your device.  If your system is running a windows operating system, then it's a bad news for you. Researchers have discovered a new piece of windows malware that attempts to install mobile banking malware on Android devices while syncing. Last year in the month of February, Kaspersky Lab revealed an Android malware that could infect your computer when connected to Smartphone or tablets.   Recently, Researchers at Symantec antivirus firm discovered another interesting windows malware called ' Trojan . Droidpak ', that drops a malicious DLL in the computer system and then downloads a configuration file from the following remote server: https://xia2.dy[REMOVED]s-web.com/iconfig.txt The Windows Trojan then parses this configuration file and download a malicious APK (an Android application) from the following location on the

Watch out, coffee drinkers. If you are one of those 10 million Starbucks customers, who purchases drinks and food directly from their Smartphones, this news is for you! If you use Starbucks' official iOS app, you should know that the company is not encrypting any of your information, including your password. The app allows the Starbucks customers to check their balance, transaction history, fund transfer, and store location, etc. A Security researcher Daniel E. Wood found a vulnerability (CVE-2014-0647) in STARTBUCKS v2.6.1. iOS mobile application, that stores your credential details and GPS locations in plain text format into the file system. To extract the information from the mobile, an attacker just needs to connect the device to a computer and accessing ' session . clslog ' file from the location given below: /Library/Caches/ com . crashlytics . data/ com . starbucks . mystarbucks /session . clslog The vulnerability , however, requires that the hacker has physical

Android platform is a primary target for malware attacks from few years and during 2013, more than 79% of mobile operating malware threats are taking place on Android OS. I have been working on Android Malware architectures since last two years and created 100's of sample of most sophisticated malware for demo purpose. Till now we have seen the majority of Android malware apps that earn money for their creators by sending SMS messages to premium rate numbers from infected devices. Security researchers at Lookout identified an interesting monetized Android Malware labeled as ' Mouabad ', that allow a remote attacker to make phone calls to premium-rate numbers without user interaction from C&C servers by sending commands to the malware. The technique is not new, but infection from such app notified first time in the wild. The variant dubbed MouaBad . p. , is particularly sneaky and to avoid detection it waits to make its calls until a period of time after the scree

Google has recently removed a Rogue Android gaming app called " Balloon Pop 2 " from its official Play store that was actually stealing user's private Whatsapp app conversations. Every day numerous friends ask me if it is possible to steal WhatsApp chat messages and how, of course a malware represents an excellent solution to the request. In the past I already posted an article on the implementation of encryption mechanisms for WhatsApp application explaining that improper design could allow attackers to snoop on the conversation. Spreading the malware through an official channel the attacker could improve the efficiency of the attack, and it is exactly what is happening, an Android game has been published on the official Google Play store to stealthy steal users' WhatsApp conversation databases and to resell the collection of messages on an internet website. The games titled " Balloon Pop 2 " has been fortunately identified and removed from the official Google Play

In September, Google added the remote Device locking Capability to its Android Device Manager , allowing users to lock their phone if it's stolen or lost. The mechanism allows user to override the existing device lock scheme and set password scheme for better security. But Recently, Curesec Research Team  from Germany has discovered an interesting vulnerability ( CVE-2013-6271 ) in   Android 4.3 that allows a rogue app to remove all existing device locks activated by a user. ' The bug exists on the "com.android.settings.ChooseLockGeneric class". This class is used to allow the user to modify the type of lock mechanism the device should have. ' CRT team says in a blog post Android OS has several device lock mechanisms like PIN, Password, Gesture and even faces recognition to lock and unlock a device. For modification in password settings, the device asks the user for confirmation of the previous lock. But if some malicious application is installed on the device, it coul

Today Malware is a very real threat, and if you're not careful about what you download and install, you could end up with a serious problem. But now Google will be trying their very best to block malware from installing itself on your computer on your behalf. Google has developed a security feature for Chrome that lets the browser detect and stop malware downloads. The feature has been added to Chrome Canary, the latest version of the browser which is available to download in beta form now. All you'll see is a notification like the one below, which you can then dismiss: " These malicious programs disguise themselves so you won't know they're there and they may change your homepage or inject ads into the sites you browse. Worse, they block your ability to change your settings back and make themselves hard to uninstall, keeping you trapped in an undesired state. " wrote Linus Upson, a Google vice president, in a blog post . Google is implementing

Earlier this year, in the month of July it was first discovered that 99% of Android devices are vulnerable to a flaw called " Android Master Key vulnerability " that allow hackers to modify any legitimate and digitally signed application in order to transform it into a Trojan program that can be used to steal data or take control of the device.  The vulnerability was also responsibly disclosed to Google back in February by Bluebox and but the company did not fix the issue even with Android 4.3 Jelly Bean. Later, Google has also modified its Play Store's app entry process so that apps that have been modified using such exploit are blocked and can no longer be distributed via Play. Then after a few days, in the last week of July this year,  Android Security Squad , the China -based group also uncovered a second Android master key vulnerability similar to the first one. Security researcher  Jay Freeman has  discovered  yet another Master Key vulnerability in A