malware | Prepys' Homepage

Over 900 million Android phones affected by QuadRooter flaw

August 9, 2016August 9, 2016 Kevin Bruce Francisco

A new flaw called QuadRooter has been identified by researchers at security firm Check Point revealing a set of four vulnerabilities on Qualcomm-powered handsets. It’s been reported that over 900 million Android phones are affected including BlackBerry’s DTEK50 which claimed to be the most secure Android smartphone.

hacking-passwords

Apart from DTEK50, Google’s Nexus 5X, Nexus 6, and Nexus 6P are also affected as well as the Samsung Galaxy S7 and S7 Edge — even my personal LG V10 is also at risk.

Once exploited, this flaw grants attackers full access to the phone (or tablet) including the camera and microphone and could get expose private information. Google has released a QuadRooter Scanner app to know if these vulnerabilities exist on your device but it doesn’t really do anything to prevent it.

However, all is not lost when you find out that your device is affected by this flaw. For attackers to fully take control of your handset, they must still trick you, the user, to install a malicious app that wouldn’t require any special permissions.

This means that you have to be careful with the apps that you install and give permission to access your phone.

So far, a fix is available by updating your system software from manufacturers since Qualcomm has already issued patches for the three out of four flaws — with the last one coming this September.

The bottom line is that we have to stay vigilant and keep an eye out for suspicious programs asking for permission to gain access to the contents of our devices.

{Source}

The post Over 900 million Android phones affected by QuadRooter flaw appeared first on YugaTech | Philippines Tech News & Reviews.

Kaspersky Lab warns PH Steam gamers of account stealers

March 22, 2016March 22, 2016 Kevin Bruce Francisco

A new breed of malware known as Steam Stealer is the prime suspect in stealing numerous user accounts from Valve’s flagship platform, Steam. Kaspersky Lab warns us, Filipinos, to be careful enough to secure our gaming identities.

steam-stealers

Having over 100 million registered users, Steam is one of the most popular entertainment multi-OS distribution platforms. Going by recent reports, 77,000 Steam accounts are hijacked and pillaged every month.

Dubbed as the Steam Stealer, the goal of this malware is to steal online gaming items and user account credentials, and then resell them on the black market.

According to Kaspersky Lab, it works with a malware-as-a-service business model that steals the entire set of Steam configuration files. Once this is done it locates the specific Steam KeyValue file that contains user credentials, as well as the information that maintains a user’s session. When cybercriminals have obtained this information, they can control the user’s account.

This type of business model isn’t new, and the accounts are commonly sold to black market for about $500. But in the case of the Steam Stealers, they sell the accounts for no more than $30. This makes the malware highly attractive for wannabe cybercriminals all around the world.

Kaspersky Lab researchers strongly believe that the malware was originally developed by Russian-speaking cybercriminals since they found a number of language traces in several underground malware forums.

Here in the Philippines, there are low incidents of recorded Steam Stealer infiltration, but gamers still need to stay vigilant and maintain their gaming identities private.

“The number of monitored Steam Stealer attacks against Filipino gamers are minimal compared to those recorded in Russia, US and Europe. But those few incidents can increase anytime. says Anthony Chua, Territory Channel Manager for the Philippines and Singapore at Kaspersky Lab Southeast Asia.

To do this, they provided three pillars of basic gaming security:

Beware of phishing campaigns and unfamiliar gamers. Double check the website you are redirected to via the link in the received email and the extension of a file you are going to open.
Use strong and unique passwords. Lots of accounts get hacked as a result of weak password management. Alternatively, you can also use a password manager.
Do not turn off your antivirus! If you don’t have one, install a good solution. And a special tip for all Kaspersky users: here you can find a detailed manual on how to turn on the Gaming Profile option. It will optimize settings of all antivirus components.

{Kaspersky Lab}

The post Kaspersky Lab warns PH Steam gamers of account stealers appeared first on YugaTech | Philippines News & Tech Reviews.

‘Clickjacking’ malware affects over 500M Android devices

March 6, 2016March 6, 2016 Carl Lamiel

Mobile security company Skycure has announced that there’s a new form of malware in Android that can affect over half a billion devices in the world.

android-malware

Called ‘Accessibility Clickjacking’, this new form of vulnerability that tricks a smartphone user by clicking on something that is not even seen on the screen. This is done by operating on a rather benign, invisible layer that would not be harmful at the first look, but in reality is an hidden accessibility activation. Once done, there will be a function to unknowingly record all your text information as you press them on your phone’s keyboard, and will be transmitted to the hacker as soon as you send them.

Here’s the scary part — the company has replicated this vulnerability among 65% of Android operating systems currently being used around the world, mostly on the KitKat platform.

vulnerability

Skycure says that this malware can be implemented on any device even without rooting, since it basically uses your phone’s accessibility options which has been present since Android 1.6. You can read more on the source for more information.

Source | Via

The post ‘Clickjacking’ malware affects over 500M Android devices appeared first on YugaTech | Philippines News & Tech Reviews.

Trend Micro warns users of malware-ridden Cat pictures

March 6, 2014March 6, 2014 Ronnie Bulaong Leave a comment

Attention cat-lovers out there, Trend Micro has reason to believe that hackers are using pictures of cute and furry feline to spread a type of ZBOT malware (TSPY_ZBOT.TFZAH) which has the ability to capture credentials and financial information.

According to the company, the aforementioned malware is embedded in to the picture using a method called Steganography. The malware cleverly waits, undetected by the security software, for the user to login to any of the listed sites and then it steals the user’s information.

CyberCat
[Image Source]

This kind of malware is nothing new said the Japan-based software company on their blog post. However, what makes it somewhat different from other ZBOT malwares is that it automatically downloads a companion virus called TROJ_FOIDAN.AX which “removes the X-Frames-Options HTTP header from sites the user visits, allowing websites to be displayed inside a frame.”

In addition to cats, Trend Micro also received reports that Sunset pictures are also used as a tool to spread the said malware. So just to be on the safe side, try not to succumb to the temptation of opening an email from an unknown sender containing a picture of a cat (or any picture for that matter) regardless of how cute it may be.

{Source}

The post Trend Micro warns users of malware-ridden Cat pictures appeared first on YugaTech | Philippines, Tech News & Reviews.