Search results for hacking android apps | Breaking Cybersecurity News | The Hacker News

As digging deeper and deeper into the huge Hacking Team data dump , security researchers are finding more and more source code, including an advanced Android Hacking Tool. Yes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to infect millions of Android devices even when users are running latest versions of the android mobile operating system. Trend Micro researchers found that the Italian spyware company was selling RCSAndroid (Remote Control System Android) , which they says, is one of the "most professionally developed and sophisticated" pieces of Android malware a.k.a Android hacking tool they have ever seen. RCSAndroid is a sophisticated, real-world surveillance and hacking tool that provides even unskilled hackers to deploy one of the world's more advanced surveillance suites for Google's mobile operating system Android. List of Creepy Features of Android Hacking Tool ...

A large number of third-party Android apps have reportedly been discovered grabbing copies of all text messages received or sent to infected devices and sending them to the attackers' server. More than 63,000 Android applications use Taomike SDK – one of the biggest mobile advertisement solutions in China – to help developers display ads in their mobile apps and generate revenue. However, around 18,000 of these Android apps contains a malicious code that spy on users text messages, according to researchers at Palo Alto Networks, who made the discovery . Taomike provides a Software Development Toolkit (SDK) and services to the Android app developers using which they can: Displaying advertisements to users Offer in-app purchases (IAPs) Android Apps Stealing SMS Messages Focussing on distributing the app and techniques for building revenue, "Not all apps that use the Taomike library steal SMS messages," security researchers said. The security...

Are you sure the WhatsApp app you are using on your Android device is legitimate, even if it's working perfectly as intended? ...Or the JioTV, AppLock, HotStar, Flipkart, Opera Mini or Truecaller app—if you have installed any of these? I'm asking this because cybersecurity researchers just yesterday revealed eye-opening details about a widespread Android malware campaign wherein attackers silently replaced installed legitimate apps with their malicious versions on nearly 25 million mobile phones. Now the important question here is how they're doing it and why? According to researchers at Check Point, attackers are distributing a new kind of Android malware that disguises itself as innocent-looking photo editing, adult entertainment, or gaming apps and available through widely used third-party app stores. Dubbed Agent Smith , the malware takes advantage of multiple Android vulnerabilities, such as the  Janus flaw and the Man-in-the-Disk flaw , and injects malic...

Google's Android Mobile operating system for smartphones and tablets have Google's own Play Store that provides its Android users the most visible way to access the world of millions of apps. App developers produce more than thousands of applications each year, but majority of newbie and unprofessional developers use unsafe, unreliable, and insecure coding practices, as many developers store secret keys in their apps that could potentially allow cybercriminals to steal users' sensitive data. A team of researchers from the computer science department of the Columbia University have discovered a critical security problem in the Google's official Android app store from where millions of Android users download various apps. Researchers have found that most of the Android application developers often store their secret keys in their app's code, similar to usernames/passwords information, which could be then used by any bad actor to maliciously steal users' information or r...

We know that Hackers hack for a variety of reasons: ...some hack to test their skills, …some hack to gain recognition, ...some hack to make money, ...some hack to support their Nation-State strategy, ...and, some hack alone, and some hack in Groups. And Chinese Hackers are the ones who are infamous for their dedication towards Hacking. Chinese hacking groups are better known for attacking and stealing information, organized cyber crimes, theft of intellectual property and state-sponsored cyber espionage attacks. But it seems that several Chinese hacker groups have now shifted their motive of hacking towards ' making money '. How much Money Hackers Actually Make? It is a known fact that hacking makes money, but how much? Answer: At least $4,500,000/year   from one malware campaign. How? We often observe mobile and desktop applications bundled with Ad-displaying programs, called Adware, to generate revenue. Just last week we repo...

It's not at all surprising that the Google Play Store is surrounded by a large number of malicious apps that has the ability to gain users' attention into falling victim for one, but this time, it is even worse than most people realize. Researchers at Trend Micro have detected a family of malicious apps, dubbed ' Godless ,' that has the capability of secretly rooting almost 90 percent of all Android phones. Well, that's slightly terrifying. The malicious apps are distributed via different methods and variety of app stores, including Google Play Store, which is usually considered as a safe option for downloading apps. Also Read:   Crazy hacker implants NFC Chip in his hand to hack Android phones . The malicious apps packed with Godless contain a collection of open-source or leaked Android rooting exploits that works on any device running Android 5.1 Lollipop or earlier. 90% Android Devices are Vulnerable to Godless Rooting Malware Since Android eco...

Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as  DoNot Team , which is also tracked as APT-C-35 and Viceroy Tiger. The espionage activity involves duping Android smartphone owners into downloading a program that's used to extract contact and location data from unwitting victims. "The motive behind the attack is to gather information via the stager payload and use the gathered information for the second-stage attack, using malware with more destructive features," the company  said . DoNot Team  is a suspected India-nexus threat actor that has a reputation for carrying out attacks against various countries in South Asia. It has been active since at least 2016. While an October 2021 report from Amnesty International linked the group's attack infrastructure to ...

Millions of Android devices are at serious risk of a newly disclosed critical vulnerability that allows attackers to secretly overwrite legitimate applications installed on your smartphone with their malicious versions. Dubbed Janus , the vulnerability allows attackers to modify the code of Android apps without affecting their signature verification certificates, eventually allowing them to distribute malicious update for the legitimate apps, which looks and works same as the original apps. The vulnerability ( CVE-2017-13156 ) was discovered and reported to Google by security researchers from mobile security firm GuardSquare this summer and has been patched by Google, among four dozen vulnerabilities, as part of its December Android Security Bulletin . However, the worrisome part is that majority of Android users would not receive these patches for next few month, until their device manufacturers (OEMs) release custom updates for them, apparently leaving a large number of sma...

Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of service attacks. Dubbed Man-in-the-Disk , the attack takes advantage of the way Android apps utilize 'External Storage' system to store app-related data, which if tampered could result in code injection in the privileged context of the targeted application. It should be noted that apps on the Android operating system can store its resources on the device in two locations—internal storage and external storage. Google itself offers guidelines to Android application developers urging them to use internal storage, which is an isolated space allocated to each application protected using Android's built-in sandbox, to store their sensitive files or data. However, researchers found that many popular apps—including Google Translate ...

Own an Android smartphone? Hackers can secretly install malicious apps, games, and pop-up adverts on your smartphone remotely in order to make large sums of money. Security researchers at Cheetah Mobile have uncovered one of the world's largest and most prolific Trojan families, infecting millions of Android devices around the world. Dubbed Hummer , the notorious mobile trojan stealthily installs malicious apps, games, or even porn apps onto victim's phones and yields its creators more than $500,000 (£375,252) on a daily basis. First discovered in 2014 by Cheetah Mobile, Hummer gained traction in early 2016 when the Trojan family was infecting "nearly 1.4 Million devices daily at its peak" with 63,000 infections occurring daily in China, according to researchers at Cheetah Mobile Security Research Lab. "This Trojan continually pops up ads on victims' phones, which is extremely annoying," researchers wrote in a blog post. "It also pushe...

Just because an app is available on Google Play Store doesn't mean that it is a legitimate app. Despite so many efforts by Google, some fake and malicious apps do sneak in and land millions of unaware users on the hunting ground of scammers and hackers. Cybersecurity firm Trend Micro uncovered at least 29 devious photo apps that managed to make its way onto Google Play Store and have been downloaded more than 4 million times before Google removed them from its app store. The mobile apps in question disguised as photo editing and beauty apps purporting to use your mobile phone's camera to take better pictures or beautify the snaps you shoot, but were found including code that performs malicious activities on their users' smartphone. Three of the rogue apps—Pro Camera Beauty, Cartoon Art Photo and Emoji Camera—have been downloaded more than a million times each, with Artistic Effect Filter being installed over 500,000 times and another seven apps in the list over 100...

Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store⁠—you have been hacked and being tracked. These newly detected malicious Android apps are Camero , FileCrypt , and callCam that are believed to be linked to Sidewinder APT, a sophisticated hacking group specialized in cyber espionage attacks. According to cybersecurity researchers at Trend Micro, these apps were exploiting a critical use-after-free vulnerability in Android at least since March last year⁠—that's 7 months before the same flaw was first discovered as zero-day when Google researcher analysed a separate attack developed by Israeli surveillance vendor NSO Group. "We speculate that these apps have been active since March 2019 based on the certificate information on one of the apps," the researchers said . Tracked as CVE-2019-2215 , the vulnerability is a local privilege escalation...

A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware. "Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging apps, call recording and screen recording, and new stealth features, such as dismissing notifications from built-in Android security apps," cybersecurity firm ESET  said  in a Wednesday analysis. First detailed by Qihoo 360 in 2017 under the moniker  Two-tailed Scorpion (aka APT-C-23 or Desert Falcon), the mobile malware has been deemed "surveillanceware" for its abilities to spy on the devices of targeted individuals, exfiltrating call logs, contacts, location, messages, photos, and other sensitive documents in the process. In 2018, Symantec discovered a  newer variant  of t...

An alarming security vulnerability has been discovered in several models of Android smartphones manufactured by Google, Samsung, and others that could allow malicious apps to secretly take pictures and record videos — even when they don't have specific device permissions to do so. You must already know that the security model of the Android mobile operating system is primarily based on device permissions where each app needs to explicitly define which services, device capabilities, or user information it wants to access. However, researchers at Checkmarx discovered that a vulnerability, tracked as CVE-2019-2234 , in pre-installed camera apps on millions of devices could be leveraged by attackers to bypass such restrictions and access device camera and microphone without any permissions to do so. How Can Attackers Exploit the Camera App Vulnerability? The attack scenario involves a rogue app that only needs access to device storage (i.e., SD card), which is one of the mo...

A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Many popular apps, including Grindr, Bumble, OkCupid, Cisco Teams, Moovit, Yango Pro, Microsoft Edge, Xrecorder, and PowerDirector, are still vulnerable and can be hijacked to steal sensitive data, such as passwords, financial details, and e-mails. The bug, tracked as  CVE-2020-8913 , is rated 8.8 out of 10.0 for severity and impacts Android's Play Core Library versions prior to  1.7.2 . Although Google addressed the vulnerability in March,  new findings  from Check Point Research show that many third-party app developers are yet to integrate the new Play Core library into their apps to mitigate the threat fully. "Unlike server-side vulnerabilities, where the vulnerability is patched completely once the patch is applied to the server, for ...