Showing posts with label Android. Show all posts
Showing posts with label Android. Show all posts

Wednesday, May 31, 2023

Delete Alert - Android App iRecorder has Morphed Into Spyware

A screen recording app available in the Google Play store that was installed over 50,000 times functioned normally for months before it started spying on users, researchers say.


The app, iRecorder – Screen Recorder, was first uploaded to the Google Play store on September 19, 2021, according to Lukas Stefanko, a malware researcher with cybersecurity firm ESET.

Stefanko said that the app had no harmful features until a later update changed the code, likely in August 2022. After that date, malicious code allowed bad actors to make secret audio recordings and secretly transfer images, videos, saved web pages, and other files off of devices, according to ESET. 

Anyone who had downloaded the app before August 2022, might still have been exposed if they updated the app manually or automatically. It’s not yet clear if the developer or another actor is responsible for the update that converted the app into a Trojan horse.

The app is no longer available in the Google Play store, TechCrunch reports, but if you already have it on your phone you should uninstall it and clear the app’s files. more

Friday, December 23, 2022

Eavesdropping & Anti-Eavesdropping Apps

Two new apps to be aware of…

The iEavesdrop app redirects internal microphone, external wired microphone or line input input audio to any Bluetooth audio device such as AirPods so that you can use your phone as a stealth listening device.

Using the correct line input cables, audio from any device such as an external microphone, in-flight entertainment or portable gaming device can be routed to your AirPods or other Bluetooth device. iEavesdrop will work with all iOS devices.

THIS APP CAN ALSO BE USED FOR MANY OTHER PURPOSES SUCH AS A BABY MONITOR, HEARING AID OR ANY OTHER APPLICATION THAT REQUIRES YOU TO LISTEN IN OR ROUTE MICROPHONE AUDIO TO A BLUETOOTH DEVICE.
(iOS)


———


(ANDROID)

About this app...
Ever thought someone might eavesdrop through your smart phone? Skewy is a privacy protection method, which is more than just a software setting. With Skewy you can mask your conversation with a simple – yet effective method. Simply making the audio data picked up by your phone unusable. Additionally, Skewy can detect ultrasonic signals to indicate the presence of device tracking technologies.

Thursday, October 6, 2022

New "RatMilad" Android Malware—Steals Data and Spies on Victims

"RatMilad", a new type of Android malware,
is now being used within the Middle East to spy on victims via their smartphones and steal data. RatMilad is a kind of spyware, which are malware programs used to spy on victims through their devices. RatMilad is capable of recording both video and audio, giving the attackers the ability to listen in on private conversations and conduct remote surveillance.

On top of this, RatMilad allows malicious actors to change application permissions on victims' devices.

RatMilad is infecting devices via a phony VPN and number spoofing apps Text Me and NumRent. These apps are being spread through links on social media, meaning almost anyone could be exposed to RatMilad. Once the phony app is installed onto the device, RatMilad can start stealing data and spying on victims. It is being used in this campaign by an Iranian hacker group known as AppMilad. more

Wednesday, December 22, 2021

Millions of Android Phones Vulnerable Over ‘Eavesdropping’ Scare

MILLIONS of people around the world have been exposed to snoopers by dodgy microchips loaded into Android smartphones.

According to security experts, vulnerabilities in processors produced by Taiwanese firm MediaTek could have allowed malicious apps to spy on their users.

MediaTek, one of the world's leading chip-makers, last month issued a fix for four bugs disclosed by researchers at cyber firm Check Point.

Its circuitry is found in one in three of the world’s smartphones, including high-end handsets from Xiaomi, Oppo, Realme, Vivo and more.

Check Point detailed the vulnerabilities exposed by its crack team of cyber buffs in a blog post last week. more

 

Wednesday, July 15, 2020

Android: Camera Can Remain Active When Phone is Locked

Mozilla says it will fix the bug later this year, in October.

Mozilla says it's working on fixing a bug in Firefox for Android that keeps the smartphone camera active even after users have moved the browser in the background or the phone screen was locked.

The bug was first spotted and reported to Mozilla a year ago, in July 2019, by an employee of video delivery platform Appear TV.

The bug manifests when users chose to video stream from a website loaded in Firefox instead of a native app. more

Thursday, November 21, 2019

Spybuster Tip #734: Don't Store Incriminating Photos on Your Android Phone

This time around, a team of security researchers found a terrifying flaw with the Android camera apps that could let malicious apps completely take control over a phone’s camera to spy on users without their knowledge.

It doesn’t take a genius to know that photos and videos can contain extremely sensitive information, and therefore, you should think twice about giving an app permission to use a camera...

Android camera apps often store photos and videos to an SD card, granting an app permission to storage gives it access to the entire contents of that card, according to the researchers. And the truly terrifying thing is that attackers wouldn’t even need to request access to the camera.

To demonstrate the vulnerability, the team at Checkmarx recorded a proof-of-concept video. Using a mockup Weather app, the team was able to not only take photo and video from a Pixel 2 XL and Pixel 3, it also was able to glean GPS data from those photos.


The team was able to detect when the phone was face down and could then remotely direct the rear camera to take photos and video. Another creepy bit is that attackers could potentially enact a “stealth mode,” where camera shutter noises are silenced and after taking photos, return the phone to its lock screen like nothing happened.

But perhaps most disturbingly, the video demonstrates a scenario where attackers could start recording a video while someone was in the middle of call, record two-way audio, and take photos or video of the victim’s surroundings—all without the target knowing. more

Tuesday, July 23, 2019

Android Smartphone Alert: Spearphone Eavesdropping

A Spearphone attacker can use the accelerometer in LG and Samsung phones to remotely eavesdrop on any audio that’s played on speakerphone, including calls, music and voice assistant responses. 

A new way to eavesdrop on people’s mobile phone calls has come to light in the form of Spearphone – an attack that makes use of Android devices’ on-board accelerometers (motion sensors) to infer speech from the devices’ speakers.

An acronym for “Speech privacy exploit via accelerometer-sensed reverberations from smartphone loudspeakers,” Spearphone was pioneered by an academic team from the University of Alabama at Birmingham and Rutgers University.

They discovered that essentially, any audio content that comes through the speakers when used in speakerphone mode can be picked up by certain accelerometers in the form of sound-wave reverberations. And because accelerometers are always on and don’t require permissions to provide their data to apps, a rogue app or malicious website can simply listen to the reverberations in real time, recording them or livestreaming them back to an adversary, who can analyze and infer private data from them. more

Wednesday, June 20, 2018

Android Alert: Surveillance Malware Infects Telegram App

A new family of malware capable of comprehensive surveillance is targeting Android devices through the encrypted messaging app Telegram, according to research from antivirus vendor ESET.

The malware – which has mostly been distributed in Iran – ensnares its victims by posing as an application pledging more social media followers, bitcoin, or free Internet connections, according to ESET. Once downloaded, the malware can carry out surveillance tasks ranging from intercepting text messages to recording audio and screen images from devices, ESET researcher Lukas Stefanko explained in a blog post.

Each compromised device is controlled via a bot that the attacker commandeers via Telegram, which recently boasted 200 million monthly users.

Attackers can control victimized devices by simply tapping the buttons available in the version of the malware they are operating,” Stefanko wrote.

Such nefarious programs have been knocking on Google Play’s door in droves: With the help of machine learning, security specialists removed 700,000 malicious apps from the store last year. more

Tuesday, February 27, 2018

Smartphone Goes Dark at the Flip of a Switch

Cybersecurity firm DarkMatter has launched its first smartphone, designed to stop spy agencies listening to you.

An Android device called Katim, it was made available commercially Monday at Mobile World Congress in Barcelona, Spain, and has a 5.2-inch display, as well as a high level of encryption...

One security feature built by the Middle East-based firm is called "shield mode," which disconnects power from the microphone and camera on the device so that nobody can spy on your conversations. more

Tuesday, January 2, 2018

Stop Your Apps from Spying on Your TV Viewing

That innocent-looking mobile game you just downloaded might just have an ulterior motive. Behind the scenes, hundreds of different apps could be using your smartphone's microphone to figure out what you watch on TV, a new report from The New York Times reveals...

Basically, a bunch of apps with innocuous names like "Pocket Bowling 3D" include extra software that's designed to listen for recognizable audio from your TV, including specific shows and commercials...

All of these apps need to get your permission before they can record in the background. So the easiest way is just to deny that permission. However, it's possible that you might approved the request without realising it, or your kid might do it while playing with your phone. In that case, switching it off is pretty easy...

Just head into Settings on your device and check the permissions for the app in question. If the app has microphone access when it doesn't need to (why would a bowling game need to use your microphone?), just toggle that permission off. more

Sunday, December 24, 2017

The Catch Santa in the Act App, by Snowden?!?!

Earlier this year, NSA whistleblower Edward Snowden met with Jacqueline Moudeina, the first female lawyer in Chad and a legendary human rights advocate... 

Snowden told Moudeina that he was working on an app that could turn a mobile device into a kind of motion sensor in order to notify you when your devices are being tampered with.

The app could also tell you when someone had entered a room without you knowing, if someone had moved your things, or if someone had stormed into your friend’s house in the middle of the night.

Snowden recounted that pivotal conversation in an interview with the Verge. “She got very serious and told me, ‘I need this. I need this now. There’s so many people around us who need this.’”

Haven, announced today, is an app that does just that. Installed on a cheap burner Android device, Haven sends notifications to your personal, main phone in the event that your laptop has been tampered with.

If you leave your laptop at home or at an office or in a hotel room, you can place your Haven phone on top of the laptop, and when Haven detects motion, light, or movement — essentially, anything that might be someone messing with your stuff — it logs what happened. It takes photos, records sound, even takes down changes in light or acceleration, and then sends notifications to your main phone.

None of this logging is stored in the cloud, and the notifications you receive on your main phone are end-to-end encrypted over Signal. more

Thursday, November 23, 2017

Google Android Tracking You - Bad News / Good News / Bad News

Bad News...
Your phone knows where you are at pretty much all times. This is no surprise—that's part of the appeal. But while there are options to disable GPS and Location Services in the settings of Android phones, this won't stop Google from knowing where you are. Short of turning off your phone, there's actually no real way.

New details about the length to which Google tracks Android phones surfaced today from Quartz, which reports that Android phones will track your location even if you disable location services and even if you aren't logged into the phone...

Good News...
The practical effect of this is that, so long as your Android phone is on and not inside a Faraday cage, your location data is being communicated. Google told Quartz that this practice has existed for 11 months, but that the information was never stored or used and furthermore that the process will now be ended.

Bad News...
While the practice is just generally creepy, it also can have profound legal implications. Loose restrictions allow law enforcement in many states to obtain cell tower location information without a warrant until an upcoming Supreme Court case will ultimately decide if this will remain legal. In the meantime, there's nothing much to do besides be aware of how much and how easily your phone may be tracking you. If you really want privacy, you'll just have to turn the thing all the way off. more

Tuesday, July 11, 2017

Android Malware Steals Data From 40 Apps

A newly uncovered form of Android malware aims to steal data from over 40 popular apps including Facebook, WhatsApp, Skype and Firefox - and the trojan has been actively engaging in in this illicit activity for almost two years.

Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.

The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more

Friday, June 16, 2017

Android Malware - Steals Personal Data, Then Covers its Tracks

A new variant of Android malware is making rounds in the Google Play store and it is bad news all around.

According to Trend Micro, a Trojan dubbed Xavier, which is embedded in more than 800 applications on Android’s app store, clandestinely steals and leaks personal data.

Mobile malware is not new to the Android platform, but Xavier is a little more clever. It downloads codes from a remote server, executes them, and uses a string encryption, Internet data encryption, emulator detection, and a self-protect mechanism to cover its tracks. more

Thursday, April 20, 2017

400 Google Play Store Apps Have Been Compromised with BankBot

A new Malware has been spotted in the wild targeting Google Play Store apps.

The malware has been dubbed as “BankBot” by security researchers... So far at least 400 Google Play Store apps have been compromised. 

The attacking mechanism: Once downloaded, the malware tricks users into gaining administrative privileges before removing the icon of the app, letting the user think that the app has been deleted. In reality, however, the app continues to work in the background!

That’s not all; the Botnet is designed to display fake screens disguised as banking apps, encouraging the users to put credit card information and other login credentials. As soon as the app gets what it wants, the credentials are then passed on to the hacker through a control and command (C&C) server. more

Thursday, December 29, 2016

Mobile Security: The InfoWorld Deep Dive

As iPhones, iPads, and Android devices become increasingly standard business equipment, IT organizations struggle on how to manage and secure them, and the data that runs through them.

Click to enlarge.
This guide, available in both PDF and ePub editions, explains the security capabilities inherent to each major mobile platform and where using third-party tools make sense -- and where they don't.

It also walks you through the factors to consider in terms of risk for your corporate data, and outlines a rational way to protect that data without getting tied up in knots.  more

Click to enlarge.

Wednesday, December 21, 2016

Android Phones (700 Million) Have Spying Firmware Pre-installed

The term “mobile phone security” is something of a joke these days, with the number of exploits, bugs, and breaches that are endlessly assaulting us and putting our personal information at risk. So, when security outfit Kryptowire sounded the alarm on Chinese company Adups for using its pre-installed apps to spy on Android users with Blu smartphones, it wasn’t exactly a shock.

Now, however, the impact of Adups alleged spying is growing in magnitude, and it’s dragging other Android device manufacturers into the quagmire.

Adups is a company that facilitates over-the-air updates for mobile devices, so its firmware is pre-installed on lots of devices. However, the firmware does much more than it claims, and has the ability to snoop in areas that it shouldn’t, and without the user ever knowing. That information can then be collected by Adups for whatever purposes it desires.

Trustlook, another digital security firm, dug deeper on what devices utilize Adups and could be used by the Chinese company to scrape your private information, and the list is absolutely massive. Trustlook says that over 700 million Android smartphones have Adups firmware installed that puts the user at risk of having text messages, call histories, and device information collected without their knowledge or consent. more

Monday, October 10, 2016

How to Delete Your Private Conversations from Google

Google could have a record of everything you have said around it for years, and you can listen to it yourself.

The company quietly records many of the conversations that people have around its products. 

The feature works as a way of letting people search with their voice, and storing those recordings presumably lets Google improve its language recognition tools as well as the results that it gives to people.

But it also comes with an easy way of listening to and deleting all of the information that it collects. That’s done through a special page that brings together the information that Google has on you.

It’s found by heading to Google’s history page and looking at the long list of recordings. The company has a specific audio page and another for activity on the web, which will show you everywhere Google has a record of you being on the internet. more

Monday, August 8, 2016

Android Bug May Affect 900 Million Smartphones

The bugs were uncovered by Checkpoint researchers looking at software running on chipsets made by US firm Qualcomm.

Qualcomm processors are found in about 900 million Android phones, the company said...
  • Affected devices included:
  • BlackBerry Priv
  • Blackphone 1 and Blackphone 2
  • Google Nexus 5X, Nexus 6 and Nexus 6P
  • HTC One, HTC M9 and HTC 10
  • LG G4, LG G5, and LG V10
  • New Moto X by Motorola
  • OnePlus One, OnePlus 2 and OnePlus 3
  • US versions of the Samsung Galaxy S7 and Samsung S7 Edge
  • Sony Xperia Z Ultra
Exploiting the bugs would allow an attacker to gradually be able to take more control over a device and gain access to its data.

In response, Qualcomm is believed to have created patches for the bugs and started to use the fixed versions in its factories. It has also distributed the patches to phone makers and operators. However, it is not clear how many of those companies have issued updates to customers' phones.

Checkpoint has created a free app called QuadRooter Scanner that can be used to check if a phone is vulnerable to any of the bugs, by looking to see if the patches for them have been downloaded and installed.  more

Friday, July 15, 2016

How a YouTube Video Could Infect Your Phone with Spyware

Researchers from Georgetown University and the University of California, Berkeley say cybercriminals could use hidden voice commands via popular YouTube videos to infect Androids and iPhones with malware.


Micah Sherr, a computer science department professor at Georgetown, says the research was inspired by the proliferation of voice-controlled systems. "Amazon Echo was coming out when we started this work," Sherr notes.

Since then, Google has launched Google Home, a similar always-listening device, and electronic devices lost in a messy bedroom can now be recovered by speaking “Okay Google” or “Hey Siri.”

The new research shows how keeping such devices on always-listen mode could lead to a cyberattack. Sherr says a cybercriminal could attempt to plant malware on the device using a hidden voice command. more