‘AVPass’ Sneaks Malware Past Android Antivirus Apps
Researchers at Black Hat USA will release a toolset that studies and then cheats specific Android AV apps. A team of researchers from Georgia Tech built an Android hacking tool that snuck past nearly all of 58 Android AV antivirus programs in tests conducted via VirusTotal. Their AVPass toolkit includes a query function that vets…
Google Patches Critical Vulnerabilities in Android
Google on Wednesday announced that a total of 138 vulnerabilities were addressed in the Android platform with the release of this month’s set of security patches. The July 2017 Android Security Bulletin was split in two partial security patch level strings: the 2017-07-01 security patch level that addresses issues in the platform itself, and the 2017-07-05 security patch…
Google’s whack-a-mole with Android adware continues
Why can’t Google put a stop to adware on their official Android app marketplace? The analysis by Trend Micro researchers of a Trojan Android ad library dubbed Xavier tells the story. The Xavier ad library is third stage of evolution of the AdDown family, which was initially able to install apps behind the user’s back,…
New class of attacks affects all Android versions
Researchers have demonstrated how a malicious app with two specific permission can stealthily compromise users’ Android devices. “The possible attacks include advanced clickjacking, unconstrained keystroke recording, stealthy phishing, the silent installation of a God-mode app (with all permissions enabled), and silent phone unlocking + arbitrary actions (while keeping the screen off),” the researchers, from Georgia…
Google Play faces cat and mouse game with sneaky Android malware
What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store — where software is vetted – is perhaps the best advice. But that doesn’t mean Google Play is perfect. Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up…
Trojan Downloader Masquerades as Defunct Flash Player for Android
A recently observed malware downloader targeting Android users is masquerading as an update for Adobe Flash Player, ESET researchers warn. Although the Flash Player for Android was discontinued nearly half a decade ago, cybercriminals are still abusing it to trick unsuspecting users into downloading and installing their malicious programs. As always, the attackers rely on…
Android for cars: Secure connection?
Fast-forward 17 years and there are apps for everything — even your car. Chances are, if an app might make part of your life easier, someone will develop it and plenty of people will use it. Over the past few years, the concept of the connected car has continued to evolve — and become reality….
Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes
In recent months, the X-Force Application Security Research Team has discovered several previously undisclosed Android vulnerabilities. The November 2016 and January 2017 Android Security Bulletins included patches to one high-severity vulnerability, CVE-2016-8467, in Nexus 6 and 6P. Our new paper, “Attacking Nexus 6 & 6P Custom Bootmodes,” discusses this vulnerability as well as CVE-2016-6678.
Avoiding the Technology Upgrade? Don’t Dodge Security
Consumers love new technology. New iterations of iPhones or brand-specific Androids are embraced by devotees looking to analyze the latest features, dissect any potential flaws and conduct entirely biased comparisons to determine which device is best. Beyond the high-profile advertising that accompanies emerging tech, however, is the underlying software update that typically addresses issues such…
Android Trojan targets customers of 94 banks in US, Europe
If you/ve recently installed a Flash Player Android app and now almost every app you open asks you for your payment card details, you’ve been infected with a banking Trojan. It is unclear where the fake, malicious Flash Player can be downloaded from, but it’s likely one or more third-party apps stores popular around the…