Android – Page 11 – PossibleThreat Articles

WhatsApp warns users: Fake versions of WhatsApp are trying to steal your personal info

July 13, 2022 0 Comments Android, Cybercrime, download, fake, Google Play, malware, Mobile, store, whatsapp

Credit to Author: Christopher Boyd| Date: Wed, 13 Jul 2022 15:09:44 +0000

We take a look at warnings of malware-infested WhatsApp downloads offered outside of the Google Play store.

The post WhatsApp warns users: Fake versions of WhatsApp are trying to steal your personal info appeared first on Malwarebytes Labs.

ComputerWorld Independent

Drop, crack, d'oh! My broken Android phone epiphany

July 13, 2022 0 Comments Android, Data privacy, Privacy, Security, smartphones

Credit to Author: JR Raphael| Date: Wed, 13 Jul 2022 03:00:00 -0700

Man, I had one hell of a streak.

All these years — approximately 7,967 since I first started using and writing about Android — and somehow, rather miraculously, I’d never outright broken a phone.

Impressive, I know. But don’t let yourself get wrapped in awe yet, my fellow drop-dreading denizen: My streak of impeccable Android phone protection has officially come to a crashing halt.

Now, I didn’t technically drop my phone, mind you. And I didn’t technically break it myself, either. But it was definitely broken. And it happened on my watch.

To read this article in full, please click here

MalwareBytes Security

Amazon Photos vulnerability could have given attackers access to user files and data

June 30, 2022 0 Comments amazon, amazon drive, amazon photos app, amazon photos app for android, Android, checkmzrx, erez yalon, Exploits and vulnerabilities

Credit to Author: Jovi Umawing| Date: Thu, 30 Jun 2022 15:25:24 +0000

The retail giant patched a serious flaw in its Amazon Photos app that left user access token exposed to potential attackers.

The post Amazon Photos vulnerability could have given attackers access to user files and data appeared first on Malwarebytes Labs.

Microsoft Security

Toll fraud malware: How an Android application can drain your wallet

June 30, 2022 0 Comments Android, cybersecurity, Microsoft security intelligence, toll fraud malware

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 30 Jun 2022 14:00:00 +0000

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.

The post Toll fraud malware: How an Android application can drain your wallet appeared first on Microsoft Security Blog.

MalwareBytes Security

Hermit spyware is deployed with the help of a victim’s ISP

June 29, 2022 0 Comments Android, Apple, c2, command and control, commercial spyware, cve-2018-4344, CVE-2019-8605, cve-2020-3837, cve-2020-9907, cve-2021-30883, cve-2021-30983, Google, hermit, hermit spyware, iOS, modular spyware, pegasus, Privacy, rcs labs, Reports, spyware, threat analysis group

Credit to Author: Jovi Umawing| Date: Wed, 29 Jun 2022 10:03:54 +0000

A new commercial spyware for governments, called Hermit, has spotted in the wild. It affects iOS and all Android versions.

The post Hermit spyware is deployed with the help of a victim’s ISP appeared first on Malwarebytes Labs.

ComputerWorld Independent

The surveillance-as-a-service industry needs to be brought to heel

June 24, 2022 0 Comments Android, Apple, iOS, Mobile, Security, small and medium business

Credit to Author: Jonny Evans| Date: Fri, 24 Jun 2022 09:40:00 -0700

Here we go again: another example of government surveillance involving smartphones from Apple and Google has emerged, and it shows how sophisticated government-backed attacks can become and why there’s justification for keeping mobile platforms utterly locked down.

What has happened?

I don’t intend to focus too much on the news, but in brief it is as follows:

Google’s Threat Analysis Group has published information revealing the hack.
Italian surveillance firm RCS Labs created the attack.
The attack has been used in Italy and Kazakhstan, and possibly elsewhere.
Some generations of the attack are wielded with help from ISPs.
On iOS, attackers abused Apple’s enterprise certification tools that enable in-house app deployment.
Around nine different attacks were used.

The attack works like this: The target is sent a unique link that aims to trick them into downloading and installing a malicious app. In some cases, the spooks worked with an ISP to disable data connectivity to trick targets into downloading the app to recover that connection.

To read this article in full, please click here

MalwareBytes Security

A week in security (May 23 – 29)

May 30, 2022 0 Comments A week in security, Android, APT, awis, chrome, chromeloader, dns, goodwill, NVIDIA, Ransomware, round up, Vulnerabilities, week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 30 May 2022 12:41:00 +0000

Posts from the last week on Malwarebytes Labs describing all the latest news, exploits, scams, and more.

The post A week in security (May 23 – 29) appeared first on Malwarebytes Labs.

Microsoft Security

Android apps with millions of downloads exposed to high-severity vulnerabilities

May 28, 2022 0 Comments Android, cybersecurity, Microsoft, Microsoft security intelligence, Mobile, Security, vulnerability

Credit to Author: Katie McCafferty| Date: Fri, 27 May 2022 16:00:00 +0000

Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.

The post Android apps with millions of downloads exposed to high-severity vulnerabilities appeared first on Microsoft Security Blog.

MalwareBytes Security