Chinese Mobile Antivirus App Caught Siphoning User Data
Google removed — and then reinstated — one of the most popular mobile antivirus apps on the Play Store after security firm Check Point discovered that the app was secretly collecting device data from users’ smartphones. The app in question is named DU Antivirus Security and was created by the DU Group, a company part […]
Researchers Discover New Android Banking Trojan
Security researchers have detected a new Android banking trojan by the name of Red Alert 2.0 that was developed during the past few months and has been recently rolled out into distribution. According to a report shared with Bleeping Computer before publication, security researchers from SfyLabs first saw ads for this trojan on a hacking […]
Intra-Library Collusion Attacks Open the Door for a Whole New Kind of Android Malware
A team of Oxford and Cambridge researchers is the latest to join a chorus of voices sounding the alarm on a new attack vector named Intra-Library Collusion (ILC) that could make identifying Android malware much harder in the upcoming future. The research team has described the ILC attack vector in a research paper released last […]
Android Oreo Bug Bypasses WiFi to Use Mobile Data and Incur Extra Costs
A bug discovered in the recently launched Android 8.0 Oreo spends users’ mobile data allowance, even when the phone’s mobile WiFi connection is enabled. Smartphones can connect to the Internet in two ways. Via a local access point or router (WiFi connection) or by using the mobile carrier’s network (mobile data connection). Most users enable […]
TrustZone Downgrade Attack Opens Android Devices to Old Vulnerabilities
An attacker can downgrade components of the Android TrustZone technology to older versions that feature known vulnerabilities and use older exploits against smartphones running an up-to-date operating system. According to a team of four computer scientists from the Florida State University and Baidu X-Lab, the problem lies in the design of the ARM TrustZone technology, […]
Vulnerabilities Discovered in Mobile Bootloaders of Major Vendors
Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks. The vulnerabilities came to light during research carried out by a team of nine computer scientists from the University of California, Santa Barbara. Researchers developed BootStomp to analyze […]
Researchers Can’t Explain Why WAP-Billing Trojans Are Making a Comeback
After years of silence, WAP-billing trojans are making a comeback, with four new strains becoming active in the second quarter of 2017, targeting Russia and India primarily. The four wave of trojans — Ubsod, Xafekopy, Autosus, and Podec — were discovered by Kaspersky Lab mobile security expert Roman Unuchek while gathering information for the company’s […]