According to a new document obtained by Public Intelligence, the U.S. Dept. of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are increasingly aware of the threats its law enforcement users and officials face at a federal, state, and local level in using older versions of the Android mobile platform.
According to the roll call release — marked as unclassified but "for official use only," and designed for police, fire, emergency medical services (EMS) and security personnel — upwards of 44 percent of Android users worldwide are still using Android versions 2.3.3 to 2.3.7, which still contain security vulnerabilities fixed in later versions. (more)
Spybusters Tip #492 - The latest version of Android is 4.3. Time to upgrade.
Showing posts with label Android. Show all posts
Showing posts with label Android. Show all posts
Wednesday, August 28, 2013
Thursday, August 22, 2013
Spybusters Tip #948 - Android Device Manager Allows Remote Locate, Signal & Erase Security for Android Devices
Access the settings by opening the Google Settings app from your Android app drawer and tapping the option for Android Device Manager.
From there you can choose whether to enable remote location or wiping. This lets you login to the Android Device Manager website and find your phone on a map, cause your device to ring so you can find it if it’s in your other pants pocket or lost in couch cushions, or perform a factory reset if the phone’s been lost or stolen. (more)
Friday, July 19, 2013
Mobile Security Apps Perform Dismally Against Spyware
via Josh Kirschner at Techlicious...
Mobile spyware can have a devastating effect on your life; the
constant fear that a spouse, significant other or even employer is
following your every move, knows everything about your life and has
completely removed any vestige of privacy...
And spyware is not as rare as you may think. According to mobile security company Lookout, .24% of Android phones they scanned in the U.S. had surveillance-ware installed intended to target a specific individual. Sophos reports a similar .2% infection rate from spyware. If those numbers hold true for Android users in general, that would mean tens of thousands could be infected.
I set out to test the leading Android anti-malware vendors to see how they fared at protecting us against the threat of spyware...
The results, generally speaking, were dismal. Of twelve products I tested, none was able to detect more than two-thirds of the samples. Many missed half or more of the spyware apps. And, surprisingly, the potential spyware apps least likely to be detected were those widely available in Google Play. (more)
Josh did an excellent job researching this topic and we thank him for publicly exposing the flaws.
Now, what can be done about really detecting spyware?
Murray Associates was approached by two clients several years ago who had come to the same conclusion as Josh via their own research. They asked us to develop a solution – based on the following conditions:
1. The solution must make quick and reasonable spyware evaluations.
2. No special forensic tools should be required.
3. No special skills should be necessary.
4. No assistance should be necessary once the initial training is over. The phone owner must be able to conduct the test him- or herself—anytime, anyplace.
5. Advancements in spyware software and cell phone hardware should not render the test ineffective.
The results of this project are published in the book, "Is My Cell Phone Bugged?", and are used in SpyWarn 2.0, a unique Android spyware detection app.
And spyware is not as rare as you may think. According to mobile security company Lookout, .24% of Android phones they scanned in the U.S. had surveillance-ware installed intended to target a specific individual. Sophos reports a similar .2% infection rate from spyware. If those numbers hold true for Android users in general, that would mean tens of thousands could be infected.
The results, generally speaking, were dismal. Of twelve products I tested, none was able to detect more than two-thirds of the samples. Many missed half or more of the spyware apps. And, surprisingly, the potential spyware apps least likely to be detected were those widely available in Google Play. (more)
Josh did an excellent job researching this topic and we thank him for publicly exposing the flaws.
Now, what can be done about really detecting spyware?
Murray Associates was approached by two clients several years ago who had come to the same conclusion as Josh via their own research. They asked us to develop a solution – based on the following conditions:
1. The solution must make quick and reasonable spyware evaluations.
2. No special forensic tools should be required.
3. No special skills should be necessary.
4. No assistance should be necessary once the initial training is over. The phone owner must be able to conduct the test him- or herself—anytime, anyplace.
5. Advancements in spyware software and cell phone hardware should not render the test ineffective.
The results of this project are published in the book, "Is My Cell Phone Bugged?", and are used in SpyWarn 2.0, a unique Android spyware detection app.
Monday, March 11, 2013
Perkele - Android Malware Swipes SMS Messages
via Kreb's on Security...
An explosion in malware targeting Android users is being fueled in part by a budding market for mobile malcode creation kits, as well as a brisk market for hijacked or fraudulent developer accounts at Google Play that can be used to disguise malware as legitimate apps for sale...
Unsurprisingly, this particular entrepreneur also sells an Android SMS malware package that targets customers of Citibank, HSBC and ING, as well as 66 other financial institutions in Australia, France, India, Italy, Germany, New Zealand, Singapore, Spain, Switzerland and Turkey (the complete list is here). The targeted banks offer text messages as a form of multi-factor authentication, and this bot is designed to intercept all incoming SMS messages on infected Android phones.
This bot kit — dubbed “Perkele” by a malcoder who goes by the same nickname (‘perkele’ is a Finnish curse word for “devil” or “damn”) — does not appear to be terribly diabolical or sophisticated as modern mobile malware goes. Still, judging from the number and reputation of forum buyers who endorsed Perkele’s malware, it appears quite popular and to perform as advertised. (more)
Tip: Before downloading an app, check out the name of the app developer. If it's a name you aren't familiar with, do a quick Web search for either the developer's name or the name of the app. Anything questionable about the developer or the application should come up. (more)
An explosion in malware targeting Android users is being fueled in part by a budding market for mobile malcode creation kits, as well as a brisk market for hijacked or fraudulent developer accounts at Google Play that can be used to disguise malware as legitimate apps for sale...
This bot kit — dubbed “Perkele” by a malcoder who goes by the same nickname (‘perkele’ is a Finnish curse word for “devil” or “damn”) — does not appear to be terribly diabolical or sophisticated as modern mobile malware goes. Still, judging from the number and reputation of forum buyers who endorsed Perkele’s malware, it appears quite popular and to perform as advertised. (more)
Tip: Before downloading an app, check out the name of the app developer. If it's a name you aren't familiar with, do a quick Web search for either the developer's name or the name of the app. Anything questionable about the developer or the application should come up. (more)
Super Secure Cell Phone
CryptoPhone 500 is a new configurable secure cell phone. Protection is based on...
• End-to-end voice and message encryption: Secure end-to-end encrypted messaging and voice over IP. Works on any network, including 2G GSM, 3G/UMTS, and Wireless LAN.
• Hardened operating system: It is the first mobile phone featuring GSMK's secure Android operating system, built from source code with granular security management. Permission enforcement module controls access to networks, data and sensors (camera, microphone, etc.).
• Baseband firewall: Protection against over-the-air attacks. Constant monitoring of baseband processor activity, baseband attack detection, and automated initiation of countermeasures.
• Encrypted storage system: Protects data at rest against unauthorized access.
The CryptoPhone 500 becomes commercially available by end of April. (more)
 |
| Click to enlarge. |
• Hardened operating system: It is the first mobile phone featuring GSMK's secure Android operating system, built from source code with granular security management. Permission enforcement module controls access to networks, data and sensors (camera, microphone, etc.).
• Baseband firewall: Protection against over-the-air attacks. Constant monitoring of baseband processor activity, baseband attack detection, and automated initiation of countermeasures.
• Encrypted storage system: Protects data at rest against unauthorized access.
The CryptoPhone 500 becomes commercially available by end of April. (more)
Tuesday, February 5, 2013
Two sneaky Android apps have been detected...
The apps cloaks as cache cleaners but instead snoop around once connected to PC. Superclean and DroidCleaner are the two applications uncovered by Kaspersky Labs. Both feature clean-up of Android phone or tablet cache files.
The so-called "cleaners" promise to make devices faster and to increase processing but turns out to download three separate files - autorun.inf, folder.ico, and svchosts.exe. These components are automatically placed in the root of the device's SD card, and once the user connects it to the computer using USB mode, the malware begins to execute itself.
The malware activates the desktop microphone, encrypts all recording, and send all gathered information back to the developer of the malicious application according to Kaspersky. Aside from infecting the PC, the malware also uploads Android device's information, opens arbitrary browser links, uploads and deletes SMS, and distributes contacts, photos, and coordinates online. (more)
The malware activates the desktop microphone, encrypts all recording, and send all gathered information back to the developer of the malicious application according to Kaspersky. Aside from infecting the PC, the malware also uploads Android device's information, opens arbitrary browser links, uploads and deletes SMS, and distributes contacts, photos, and coordinates online. (more)
Tuesday, January 15, 2013
One in Four Android Apps Pose "High Risk" to Security
Almost 25 percent of Android apps feature code that can access application permissions and cause security vulnerabilities, according to a new study by mobile security firm TrustGo.
Of the 2.3m Android apps analysed by TrustGo in the fourth quarter of 2012, 511,000 were identified as high risk, defined as being able to make unauthorised payments, steal data or modify user settings.
Not all of the apps are universally available. For example, just 10 percent of apps in the US and Western Europe had a high risk for causing security issues. While China was reported to have the most high risk apps available for download. (more)
Not all of the apps are universally available. For example, just 10 percent of apps in the US and Western Europe had a high risk for causing security issues. While China was reported to have the most high risk apps available for download. (more)
Friday, January 4, 2013
Released: SpyWarn - Android Smartphone Anti-Spyware App
SpyWarn™ the simple-to-use forensic evaluation tool, used to check Android cell phones for spyware. Its unique forensic methodology makes it
impossible to miss active spyware.
SpyWarn™ begins with a FREE diagnostic survey – like a private consultation with a forensic expert.
Based on your answers, a vulnerability Threat Level for your phone is computed.
If your Threat Level is low, there is little need to worry. Keep the app handy for future tests. If the Threat Level is medium to high, conduct further testing with SpyWarn PRO (an in-app upgrade).
Additional features found in SpyWarn PRO:
• Automated analysis of key internal phone functions affected by spyware.
• An eBook version of, "Is My Cell Phone Bugged? Everything you need to know to keep your mobile communications private." (152 pages, $17.95 in hardcover.)
• An automatic Eavesdropping Alert function.
• Data and power statistics.
• A data & power graph.
• A history of every analysis you conduct.
Other "spyware detection" apps only scan for known spyware files. New or well hidden spyware is missed. SpyWarn's unique forensic methodology makes it impossible to miss active spyware. Available at Google Play. (more)
SpyWarn™ begins with a FREE diagnostic survey – like a private consultation with a forensic expert. Based on your answers, a vulnerability Threat Level for your phone is computed.
If your Threat Level is low, there is little need to worry. Keep the app handy for future tests. If the Threat Level is medium to high, conduct further testing with SpyWarn PRO (an in-app upgrade).
Additional features found in SpyWarn PRO:• Automated analysis of key internal phone functions affected by spyware.
• An eBook version of, "Is My Cell Phone Bugged? Everything you need to know to keep your mobile communications private." (152 pages, $17.95 in hardcover.)
• An automatic Eavesdropping Alert function.
• Data and power statistics.
• A data & power graph.
• A history of every analysis you conduct.
Other "spyware detection" apps only scan for known spyware files. New or well hidden spyware is missed. SpyWarn's unique forensic methodology makes it impossible to miss active spyware. Available at Google Play. (more)
Saturday, December 29, 2012
See Two App Store Icons on Your Phone? Beware.
New spyware Trojan – Android.DDoS.1.origin – silently takes over your phone.
via Dr. Web...
Android.DDoS.1.origin
creates an application icon, similar to that of Google Play. If the
user decides to use the fake icon to access Google Play, (Google Play)
will be launched, which significantly reduces the risk of any suspicion.
When launched, the Trojan tries to connect to a remote server and, if successful, it transmits the phone number of the compromised device to criminals and then waits for further SMS commands...
Activities of the Trojan can lower performance of the infected handset and affect the well-being of its owner, as access to the Internet and SMS are chargeable services. Should the device send messages to premium numbers, malicious activities will cost the user even more.
It is not quite clear yet how the Trojan spreads but most probably criminals employ social engineering tricks and disguise the malware as a legitimate application from Google. (more)
via Dr. Web...
Android.DDoS.1.origin
creates an application icon, similar to that of Google Play. If the
user decides to use the fake icon to access Google Play, (Google Play)
will be launched, which significantly reduces the risk of any suspicion.When launched, the Trojan tries to connect to a remote server and, if successful, it transmits the phone number of the compromised device to criminals and then waits for further SMS commands...
Activities of the Trojan can lower performance of the infected handset and affect the well-being of its owner, as access to the Internet and SMS are chargeable services. Should the device send messages to premium numbers, malicious activities will cost the user even more.
It is not quite clear yet how the Trojan spreads but most probably criminals employ social engineering tricks and disguise the malware as a legitimate application from Google. (more)
Wednesday, December 26, 2012
Android Virus Uses Your Phone to Spread Spam
Android smartphone users alert...
Spammed text messages have begun circulating that can infect your handset, causing it to continually send virulent text messages to thousands of live phone numbers each day.
That discovery comes as hackers continue to probe the Android platform, in particular, for security holes with no slowdown expected in 2013...
Messaging security firm Cloudmark Research recently discovered a virulent spam campaign that is sending text messages to Android users offering free versions of Need for Speed Most Wanted, Angry Birds Star Wars, Grand Theft Auto and other popular games.
By installing the free app, the user actually downloads a hidden program connecting their handset to a command and control server in Hong Kong, says Cloudmark researcher Andrew Conway. The Hong Kong server next sends the handset a list of 50 phone numbers, copies of viral messages and instructions to begin sending the messages to each of the numbers. (more)
Result...
If victims don't have an unlimited texting plan, the next phone bill could be a whopper because each infected phone can blast thousands of viral text messages a day.
Spammed text messages have begun circulating that can infect your handset, causing it to continually send virulent text messages to thousands of live phone numbers each day.
Messaging security firm Cloudmark Research recently discovered a virulent spam campaign that is sending text messages to Android users offering free versions of Need for Speed Most Wanted, Angry Birds Star Wars, Grand Theft Auto and other popular games.
By installing the free app, the user actually downloads a hidden program connecting their handset to a command and control server in Hong Kong, says Cloudmark researcher Andrew Conway. The Hong Kong server next sends the handset a list of 50 phone numbers, copies of viral messages and instructions to begin sending the messages to each of the numbers. (more)
Result...
If victims don't have an unlimited texting plan, the next phone bill could be a whopper because each infected phone can blast thousands of viral text messages a day.
Friday, December 21, 2012
Android Malware Among Top Threats for 2013
Security company Trend Micro has prophesied that the number of malicious and insecure Android apps will triple from 350,000 by the end of this year to more than a million.
Also among the company's predictions in its "Security Threats to Business, the Digital Lifestyle, and the Cloud" report: Cyber criminals will heavily abuse legitimate cloud services; hacktivist attacks will become more destructive; and the increase in computing platforms and devices will lead to threats cropping up in unexpected places. (more)
Subscribe to:
Posts (Atom)