malware

More than 60,000 Android apps contained a nasty piece of malware designed to steal banking information. The scam doesn't target the official Google Play store, but rather third-party sources. The rogue apps fall into two main categories. Some are ... designed to closely resemble real, popular apps. Others are promoted as "modded" versions of genuine apps that are supposedly identical but with an alteration that supposedly removes ads or a requirement to pay a subscription. In reality, the scammers have taken the genuine apps, copied them, and made one modification. Unfortunately that modification ... (view more)

A notorious botnet that spreads malware through fake emails is back in action. Emotet has returned with some new tactics to try to bypass security checks. Emotet had already gained a reputation for being (comparatively) successful at fooling humans ... and computers alike. Its most notable characteristic was that it not only used messages that appeared to come from a trusted contact, but that it addressed the recipient by name and even appeared to be a reply to a previous genuine message. Most commonly, Emotet sends malware through Microsoft Word documents with macros. These are now disabled by ... (view more)

Samsung's flagship phone is getting special protection against a particularly nasty form of mobile malware. It combats zero-click attacks, which can steal data or compromise a handset without needing any action by the user. The hacking technique ... hasn't been widely seen in real-world attacks on Android phones, though Samsung claims it has worked on Apple devices. Samsung clearly believes it's just a matter of time before attackers find a vulnerability that would make such an attack almost irresistible. The company explains that a zero-click attack would exploit such a vulnerability by sending ... (view more)

Two more applications have been removed from the Google Play Store after turning out to be a front for malware. As always in such cases, users who already have the apps installed need to uninstall them as this won't happen automatically. The apps in ... question are called Mister Phone Cleaner and Kylhavy Mobile Security. They had 50,000 and 10,000 downloads respectively before Google pulled the listings. The scam in these cases has a couple of key differences from the familiar story of scammers disguising malware as legitimate apps and finding a way to bypass Google's security checks. That ... (view more)

Some Google Play Store apps with more than a million downloads have turned out to house malware. It's a reminder that however good Google's security vetting process is, it's not perfectly reliable. Two security companies, ThreatLabZ and Evina, say ... they found a total of 60 apps that are or have been in the Play Store and house one of four "families" of malware. One type appears to be new and has been dubbed Autolycos by researcher Maxime Ingrao. Promoted via Facebook and Instagram ads, the apps use a common technique. They are listed as carrying out a specific feature, which they ... (view more)

A new variant of Android malware quite literally hides its activities. 'Octo' darkens the screen so that users can't see it stealing data. Researchers at Threat Fabric say the malware takes advantage of a built-in Android feature called ... "STREAM_SCREEN". It's not quite a live feed, but remotely transmits around one screenshot a second. (Source: threatfabric.com ) The scammers then misuse an accessibility feature in Android to remotely control the device. The stream screening lets them see what they are doing, despite not having physical access. Black Screen Disguise The sneakiest ... (view more)

Scammers who don't want to write their own malware can now pay just $20 to start a campaign of attacks. They can then customize their "bait" with Windows installations and non-fungible tokens (NFTs) among the ways to target users. The malware is ... available on dark web sites. These are sites that are part of the world wide web, but set up in a way that means they aren't indexed by search engines. That makes them suitable for people who don't want their activities easily traced. A piece of malware called BitRAT costs just $20 for lifetime access. The name derives from "remote ... (view more)

Microsoft is trying a new tool designed to block suspicious applications without frustrating users. Windows can decide itself whether running Smart App Control causes more trouble than its worth. The feature is being tested among users on the ... Windows 11 Dev Channel, meaning people who want the earliest possible access to potential new features, knowing there's a higher risk of bugs and problems. Smart App Control brings together several security tools already present in Windows Defender and turns them into an all-or-nothing measure. When Smart App Control blocks an application, it cannot run ... (view more)

Google has cracked down on a key method that scammers used to distribute Android malware through the Play app store. But like a game of whack-a-mole, the scammers are adjusting their tactics for greater success. The Google change is to the way it ... handles accessibility tools on Android devices. These include screen-readers, voice input systems and other modifications for users to interact with the device. Such tools often need access to key components such as the camera, microphone or speakers, access that can be abused by malware. Google relaxes the security and permissions system on such ... (view more)

Scammers have developed a new tactic to spread malware. It's a piece of evil genius with the emphasis strictly on the evil. The scam involves a piece of malware that targets Android phones. It's dubbed FluBot, though that appears to be more a ... reference to the way it's designed to quickly spread rather than having any connection to human illnesses. FluBot first appeared earlier this year in a fairly conventional form. It starts with unsolicited text messages claiming to be from a courier company that was unable to make a delivery. The culprits appear to have been taking advantage of people ... (view more)