malware

New Android malware type gets root-level access, almost impossible to remove

New Android malware type gets root-level access, almost impossible to remove

If you thought the Android platform was on the verge of getting more secure following this summer's Stagefright exploit, you thought wrong. The security researchers at Lookout have identified a new type of Android malware that, after disguising itself as a popular app, gains root access to a device and works itself so deep into the operating system that it's nearly impossible to remove. Users might need to have manufacturers reflash the OS, or just flat-out replace the device, as a factory reset won't be enough.

Continue Reading

Hacker alleges Fitbit smartband could be a malware carrier [UPDATE: Fitbit responds]

Hacker alleges Fitbit smartband could be a malware carrier [UPDATE: Fitbit responds]

PCs, smartphones, and tablets are fair game to hackers these days. And we've also started to see cars with sophisticated infotainment systems and controls also getting hacked. But how about the innocent little whose sole purpose is to keep your body healthy? Well, now they're getting hacked as well. And worse, they might be used to make other computers unhealthy. Fortinet researcher Axelle Apvrille reveals that the Fitbit is one such wearable that easily succumbs to a hack in just 10 seconds and can then spread the malware to computers it syncs with.

Continue Reading

Kemoge adware infects Android phones by rooting them

Kemoge adware infects Android phones by rooting them

Adware, or malicious programs designed to serve ads and gain user information, aren't exactly new, especially on Android. Most are a nuisance at best, but some do make a lot of damage. Security firm FireEye has stumbled on yet another one of the latter class. Dubbed Kemoge, from the command and control or CnC server that it communicates with, this particular malware has one rather frightening ability beyond incessantly flooding you with ads. It can actually root vulnerable devices, which practically gives hackers a direct open door into the device.

Continue Reading

Yispecter iOS malware infects devices that aren’t jailbroken

Yispecter iOS malware infects devices that aren’t jailbroken

iOS malware is nothing new, but for the most part, if your device wasn't jailbroken you really didn’t have to worry about malware much. That has now changed with a new malware called Yispecter that has been discovered that attacks non-jailbroken iOS devices. The malware is the first seen that abuses private APIs in iOS to implement its malicious functionality.

Continue Reading

The fright ain’t over yet: Stagefright 2.0 goes for MP3s

The fright ain’t over yet: Stagefright 2.0 goes for MP3s

The nightmare might be over, but the scare continues ever so slightly. Security outfit Zimperium labs, who broke the news about the first Stagefright, are now back with some bad news. There is a Stagefright version 2.0. This time, the vulnerability comes from two vectors, one of them the same libstagefright responsible for the first security hole. And this time, it rides on MP3 audio as well as MP4 videos. Fortunately, thanks to the first Stagefright, implementing an exploit requires a bit more work but still possible.

Continue Reading

Apple advises users, developers on XcodeGhost scare

Apple advises users, developers on XcodeGhost scare

Sometimes it's Android and sometimes it's iOS, but both platforms has had their share of highly publicized security nightmares. This time, it's Apple's turn to take the heat, though partly through no fault of its own. The recent XcodeGhost malware that has affected dozens, possibly even hundreds, of iOS apps, mostly from China, has definitely worried not a few users. Now Cupertino is setting the record straight for users and guiding developers on how to make sure they won't become unwilling carriers of this security vulnerability.

Continue Reading

iPhone app malware attack: details you need to know

iPhone app malware attack: details you need to know

This morning Apple released a statement on a large-scale attack on their iOS App Store. Apple is in the process of cleaning up after the attack, having found a malicious program by the name of XcodeGhost earlier today. This is the first reported case of malware making its way into Apple's App Stores in any sort of large-scale manner. According to cyber security firm Palo Alto Networks, just five malicious software-containing apps had ever been found on the iOS App Store before.

Continue Reading

XcodeGhost malware gets past Apple App Store scrutiny [UPDATE]

XcodeGhost malware gets past Apple App Store scrutiny [UPDATE]

Apple's stringent and sometimes even heavy handed review rules for iOS apps have both been hailed and criticized alike, but its core benefit remains the same, very few malicious apps gets past quality control. However, it's not infallible, as five past iOS malware can attest to. Now a sixth joins that list, but with more far-reaching consequences. Dozens, if not hundreds, of App Store apps, specifically in China, might be infected by the XcodeGhost malware, and this time, the apps are otherwise legitimate ones and their developers unwitting accomplices. All thanks to an unofficial Xcode installer going around the Internet.

Continue Reading

PIN-changing Android ransomware spreading in the US

PIN-changing Android ransomware spreading in the US

Before you get all riled up, this isn't yet another Android vulnerability like Stagefright. This is your run of the mill malware installed through social engineering or carelessness, but one that has far graver ramifications than other ransomware. Discovered by researchers from security company ESET, the Android/Lockerpin.A ransomware goes the extra mile to actually change your device's PIN code in such a way that trying to reset the PIN will lock the user, and ironically the attacker too, from the device completely, with no recourse other than a factory reset.

Continue Reading

Stagefright exploit code now available to the public

Stagefright exploit code now available to the public

If you thought that the Stagefright nightmware was over, or at least on its way out, you might want to think again. More than two months since it went public with the severe Android vulnerability, mobile security outfit Zimperium is now also making public actual working code that exploits this security hole. This while Google, device manufacturers, and carriers are still scrambling to roll out patches to devices, some of which still remain exposed to this outbreak. Now they have more pressure to pick up the pace.

Continue Reading

“KeyRaider” iOS malware has stolen 225,00 Apple accounts

“KeyRaider” iOS malware has stolen 225,00 Apple accounts

It's not everyday that you hear about malware on iOS, so when the news does hit, it hits hard. And while there are mitigating factors that prevent this malware from being spread too far, it's effects could actually affect even innocent iPhone and iPad users. Nicknamed "KeyRaider", this new family of iOS malware has been able to harvest more than 200,000 valid Apple accounts. Their purpose? To be able to install apps from the App Store without paying a dime. Of course at the expense of those whose accounts have been compromised.

Continue Reading

Kaspersky tipped to be sabotaging rival anti-virus software

Kaspersky tipped to be sabotaging rival anti-virus software

Russian security company Kaspersky is one of the most trusted names when it comes to software protection but, while a recent hacking incident may have portrayed it as a victim, it might not actually be that innocent after all. Two former employees, who of course desires to remain anonymous, reveals that Kaspersky has been covertly working to undermine rival anti-virus software by flagging innocent and important system files as malware, causing these other AV programs to delete those files, turning unsuspecting users into collateral damage in their wake.

Continue Reading

Prev 1 2 3 4 5 6 7 8 Next