By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

Despite Google's defenses for protecting Android's official marketplace, cybercriminals still manage to sneak in a banking Trojan, or two, or three, security researchers have discovered. Recently, security researchers from different security companies based in Europe disclosed on Twitter that they found several banking Trojans in Google Play. Lukas Stefanko of ESET antivirus vendor found three such malicious apps posing as astrology software that offered the horoscope. What they really divined, though, was theft of SMS and call logs, sending text messages in the victim’s name, downloading and installing apps without user approval, and stealing banking credentials. Before tweeting his findings, Stefanko reported the offensive entries to Google, who booted them from the store; but by the time of the removal, one of them had been downloaded more than 1,000 times, and over 500 users had added the other two to their Android devices. One of the malicious apps, which Stefanko noticed in its code that had been named Herobot, displayed a fake warning saying that it was incompatible and has been removed as a result. The malware remained on the device and acted in the background, requesting banking targets based on the apps present on the device. The malware researcher said that the command and control (C2) server was still alive when he tweeted about it. An important aspect is that all three Trojans discovered by Stefanko enjoyed a low detection rate. At the time of writing, the malware piece with the highest detection rate on VirusTotal was recognized by 12 out of 60 antivirus products; for the least detected one, only six saw its true colors. Complete details can be found on OUR FORUM.

Fraudulent tech-support services that buy online advertising space have grown in sophistication to a level that Google cannot distinguish them from legitimate providers. Operators of tech-support scams often operate just like a legitimate business to avoid detection and to ensure their success for a longer time. Sometimes even employees are unaware of the illegal activity. Over the past few years, scammers have begun to promote their activity through search ads, claiming to be an authorized service center for products from popular companies such as Apple, Microsoft or Dell. Playing on the user's trust in the results and ads provided by Google, most of the times the scammers just have to wait for the victim to call. The tactic is powerful because the potential victims are the ones placing the call, so they have already shown some trust in the service. Tech-support scammers have become more proficient at what they do. Apart from creating websites that instill trust, they also try to obtain as much information as possible about the victim or their machine, to help them make the deceit more difficult to spot. Symantec published at the beginning of August a report on how fraudulent tech-support activity has started to integrate call optimization, a service that allows them to dynamically insert phone numbers in web pages. There is more to this post on OUR FORUM.

Windows 7 has had a pretty good run and like all good things, Windows 7’s time in the spotlight must come to an end. Microsoft is supposed to end support for the old operating system in less than 500 days. Starting mid-January 2020, Microsoft will no longer offer any additional updates or support for the old platform. “Support for Windows 7 will end on January 14, 2020. Microsoft will no longer provide security updates or technical support for devices running Windows 7 operating systems,” Microsoft writes in a page that recommends Windows 10. As Windows 10 is getting better with every update, more and more users are finally upgrading to this version of Microsoft’s desktop operating system. It remains to be seen whether the Windows 7 would be a distant memory or not. According to Microsoft, Windows 7 PCs will stop receiving security updates after January 14, 2020, and you would need to upgrade to Windows 10 to keep your data safe. It’s worth noting that you can continue to use Windows 7 even beyond the end of support date but without any support from Microsoft, your PC will become more vulnerable to security risks. We'll keep this thread updated when updates become available on OUR FORUM.

For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for. But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement. Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others. But the deal, which has not been previously reported, could raise broader privacy concerns about how much consumer data technology companies like Google quietly absorb. "People don’t expect what they buy physically in a store to be linked to what they are buying online,” said Christine Bannan, counsel with the advocacy group Electronic Privacy Information Center (EPIC). "There’s just far too much burden that companies place on consumers and not enough responsibility being taken by companies to inform users what they’re doing and what rights they have.” Extensive details are posted at W10NI FORUM.

Microsoft has finally announced the official title of windows 10 Redstone 5, which will be known as the Windows 10 October 2018 Update. The firm, which had previously indulged in themed updates like the Anniversary Update, Creators Update and Fall Creators Update has now stuck to a more sensible name schema since April of this year which simply identifies the months and year the update is being released. This is also in line with how Windows versions are identified, give or take a month. “I’m pleased to announce that our next feature update to Windows will be called the Windows 10 October 2018 Update”, said Microsoft’s CVP Roanne Sones, “With this update, we’ll be bringing new features and enhancements to the nearly 700 million devices running Windows 10 that help people make the most of their time. We’ll share more details about the update over the coming weeks.” Microsoft’s Windows 10 October 2018 Update is being released sometime in October with the firm expected to conclude testing via Insiderbuilds sometime in September. The update focuses mostly on bug fixes and refinement to Windows and the implementation of the Your Phone feature which syncs mobile devices to the desktop. Follow this upcoming release on OUR Forum.

Internal system broadcasts happening inside the Android OS expose sensitive user and device details that apps installed on the phone can access without the user's knowledge or permission. The leaked data includes details such as the WiFi network name, WiFi network BSSID, local IP addresses, DNS server information, and the device's MAC address. This type of data might look innocuous, but it can be used to track users online and determine a user's real-world location. The leak happens because of an internal feature of the Android OS named "intents." Intents allow an app or the OS itself to send an internal system-wide message that can be read by all apps and OS functions running on an Android device. Mobile security researchers from Nightwatch Cybersecurity have discovered that the Android OS broadcasts information about the WiFi connection and the WiFi network interface via two separate intents —WifiManager's NETWORK_STATE_CHANGED_ACTION and WifiP2pManager's WIFI_P2P_THIS_DEVICE_CHANGED_ACTION. Apps installed on an Android —including their advertising components— can set up listening posts for these two intents and capture WiFi-related information even if they don't have the permission to access a phone's WiFi feature (granted by the user to apps at install time). This leak completely undermines the Android permission system, as it allows applications access to highly sensitive information without prompting the user for action. For example, an advertiser or a malicious threat actor who have tricked a user into installing a benign-looking app can harvest WiFi info from system-wide intents and use this data to query public databases of known BSSID identifiers —such as WiGLE or SkyHook— and track down a user's real-world location. In this scenario, the app doesn't need to ask for the WiFi Access permission, and indirectly through the harvested data, the Location Access permission as well. Find your way to OUR FORUM for more details.