Tag

android

Browsing

Since mobile phone are far more pervasive than traditional computers, and because they are often times more complex while providing less information to users, mobile phones have been come the target-of-choice for criminal hackers:

Mobile phones have become the new prey of choice for hackers.

There are many simple ways to make yourself a harder target for hackers, including: using strong, unique passwords; installing system and app updates as soon as they’re available; using a dedicated email address for “Forgot my password” emails; installing apps only from trusted sources; not keeping personal information on your phone for too long; and installing privacy screens on your devices.

Mobile phones have become the new prey of choice for hackers and other nefarious individuals.

Hackers can take control of your phone number and transfer it to a new phone – one that they control.

These are just two ways that hackers can wreak havoc through your phone.

Learn how to protect yourself and your phone from attackers.

It seems like as the sun rises each morning, we have new news about capabilities Hacking Team was leveraging in their exploit and vulnerability arsenal. Today we learn the Hacking Team has likely created the most sophisticated piece of Android malware ever exposed:

After having revealed one of the ways that the company used to deliver its spyware on Android devices (fake app hosted on Google Play), Trend Micro researchers have analyzed the code of the actual spyware: RCS Android (Remote Control System Android).

Unsurprisingly, it can do so many things and spy on so many levels that they consider it the most sophisticated Android malware ever exposed.

The spyware is delivered either via the aforementioned app, or via an SMS or email that contain a specially crafted URL that will trigger exploits for several vulnerabilities in the default browsers of Android versions 4.0 Ice Cream Sandwich to 4.3 Jelly Bean.

This will allow the attacker to gain root privilege, and allow the installation of a shell backdoor and RCS Android.

The RCS Android has two core modules: the Evidence Collector and the Event Action Trigger.

The former is responsible for the spying routines: gathering device information, capturing screenshots and photos, recording speech by using the devices’ microphone, capturing voice calls, recording location, capturing Wi-Fi and online account passwords, collecting contacts and decoding messages from IM accounts, as well as collecting SMS, MMS, and Gmail messages.

The latter is in charge of triggering malicious actions based on certain events (e.g. screen turning on, or SMS received with keywords). It can sync configuration data, upgrade modules, and download new payloads; upload the above mentioned collected data to the C&C server, and purge it from the device; execute shell commands; disable the network, root access; reset the device’s locking password; uninstall the bot.

“To avoid detection and removal of the agent app in the device memory, the RCSAndroid suite also detects emulators or sandboxes, obfuscates code using DexGuard, uses ELF string obfuscator, and adjusts the OOM (out-of-memory) value,” the researchers shared.

“Interestingly, one unused feature of the app is its ability to manipulate data in the Android package manager to add and remove permissions and components as well as hide the app icon.”

After learning the Hacking Team is not the most sophisticated group around even though they have some very advanced tools in their arsenal, imagine all the malware out there in the wild we do not yet know about and how complex it may be.

You don’t know what you don’t know seems somehow apropos.

Commodore, the outstanding computer manufacturer I grew up with, is back and this time with a smartphone using their iconic name – PET:

For those of you too young to remember, Commodore was a hot company in the mid-1980s. It was a leader in personal computers, shipping thousands of Commodore 64 desktops daily. Guinness has named it the single biggest-selling computer ever—the company sold as many as 17 million of them—and the brand name is still widely remembered. Still, the company went bankrupt in 1994, and the brand saw several fuzzy changes of trademark ownership over the years.

Now it’s appearing on a smartphone created by a pair of Italian entrepreneurs. It’s called the PET—sharing its name with Commodore’s other iconic PC—and its custom Android build includes two emulators so owners can enjoy old C64 and Amiga games.

Rumors have swirled around the phone for months, driven in part by design renders published online. With its release imminent, I met with the guys behind it and tried out a prototype. Perhaps the biggest question: how a company that folded two decades ago can release a new product.

That’s a long, strange tale.

Even though its running Android, for the mere fact its Commodore hardware I will have to check it out.

Iain Thomson of The Register on the latest from the Snowden treasure trove. This time the report is about surreptitious malware implants by the NSA in Android app stores:

According to a presentation released from the Snowden archive to The Intercept the so-called “5 Eyes” nation’s intelligence agencies – from the US, UK, Canada, Australia, and New Zealand – spent 2011 and 2012 working out ways to subvert connections to popular app stores, such as those run by Google and Samsung, in a project dubbed IRRITANT HORN.

That the intelligence services are working on software that can subvert iOS, Android and other smartphone operating systems isn’t new. But the presentation details how operatives could intercept communications between app servers and customers to install code that could harvest personal information and even display disinformation on handsets.

The spur for this effort was the Arab Spring uprisings in the Middle East and Africa. The intelligence agencies reasoned that in such a situation then it needed to be able to put out software that could influence actions on the ground.

Just another day at Ft. Meade, MD.