Archive for the ‘Android’ Category

In capsule:

  • New ransomware named DoubleLocker infects android devices
  • Discovered by security researchers in ESET antivirus
  • The ransomware not only encrypts data but also changes the pin
  • Ransomware is spread through fake adobe flash player app
  • A ransom amount of 0.0130 BTC is demanded to retrieve the data

Security researchers have discovered a new ransomware called DoubleLocker which infects Android devices.

The specialty of DoubleLocker ransomware is that it can change device’s PIN which prevents users from accessing their device and also encrypts the data found in the device.

According to researchers from ESET antivirus, the ransomware is spread via fake adobe flash player app using compromised websites.

After installation, the app request for activation of google play service for obtaining accessibility permissions. The app uses them to activate device administrator rights to make itself as the default home application.

ESET malware researcher Lukas Stefanko said that “Setting itself as a default home app – a launcher – is a trick that improves the malware’s persistence. Whenever the user clicks on the home button, the ransomware gets activated, and the device gets locked again. Thanks to using the accessibility service, the user doesn’t know that they launch malware by hitting Home.”

The new pin set by the attacker is of a ransom value which is neither stored or sent anywhere making it impossible to recover it. When the ransom is paid the attacker resets the pin remotely and unlock the device.

The files are encrypted using AES encryption algorithm through “.cryeye” extension. The attacker has implemented the encryption properly so without the decryption key it is impossible to recover the files said stefanko.

A ransom amount of 0.0130 BTC (approximately USD 74) is demanded to retrieve the data.The only option for the user to retrieve their device other than paying ransom is factory reset, but files will be lost if not backed up properly.

Researchers said there is a possibility to bypass the pin in rooted devices if the device was in debugging mode before getting infected.

“The user can connect to the device by ADB and remove the system file where the PIN is stored by Android. This operation unlocks the screen so that the user can access their device. Then, working in safe mode, the user can deactivate device administrator rights for the malware and uninstall it. In some cases, a device reboot is needed.”

To prevent your device from infection, do follow the instructions below:

  1. Always switch off “Allow installation from unknown sources” in security settings thereby restricting download apps from a third party and anonymous sources.
  2. Always backup your data regularly.
  3. Don’t download attachments from unknown sources.
  4. Always Use google play store to install apps, don’t use any third party app stores.
  5. Download apps from verified developers and check their app rating and download counts before installing an app.
  6. Verify app permission before installing an app.
  7. Install the best and updated antivirus/antimalware software which can detect and block these type of malware.
Advertisements

At the end of last year, Mozilla launched a privacy browser called Firefox Focus for the iOS platform, providing more comprehensive and professional protection for your Internet privacy, by default, including tracking, social and advertising tracking. And now, this privacy-oriented browser officially landed Android platform.

Download: Google Play and App Store

Compared to the regular mobile browser Firefox Focus in the function is a bit a single, only a search and URL bar, but also in the settings panel is also relatively “simple”, you can turn on/off different tracking type. This browser does not support tabs or other menus, and there is an erase button at the top of the app to clean up your online traces manually, and the app is automatically cleaned up after the application is closed.

Compared to the iOS version, Android version Firefox Focus added some additional features. Including an ad tracking count that allows the user to know how many sites each site has blocked, and to allow the user to manually turn off tracking blocking when the page is not loaded correctly, and when you run Firefox Focus in the background, Clean up the Internet history.

tv-pure google

According to The Independent, Google’s voice search function doesn’t just turn on when you ask it to. Rather, it records almost everything.

Feeling unnerved yet? Well, it gets even wilder. You see, you can listen to the recordings Google has stored and associated with your name simply by visiting this webpage.

There’s also this webpage that will show you how much Google knows about your every move on the internet.

Both webpages will contain information from not only computers but any Android device you’ve logged in to your Google account.

How to Delete the Recordings

Luckily, if you’re not too happy about Google having potentially hours of your voice in its database, you can delete those files.

Beside each file’s title you’ll see a checkbox.

google-speach

Just select the three dots top right and select delete    google-voice-delete

How to Stop Google from Recording You Again

Now, as The Independent points out, stopping Google from recording you does result in some limited functionality if you’re using an Android phone or the company’s search.

However, you may be someone whose concern for privacy is much greater than finding what you’re looking for easily. If so, begin by never using Google’s voice search functions again. Follow up by disabling Google’s voice search.

  1. Navigate to Settings
  2. Tap the General tab
  3. Under “Personal” find “Language & keyboard”
  4. Find “Google voice typing” and tap the Settings button
  5. Tap “Ok Google” Detection
  6. Under the “From the Google app” option, move the slider to the left. If Google voice is already enabled move the slider to the left of “From any screen” or “Trusted Voice” and the “From the Google app” will appear.

 

android-wear-lollipop-watchface-variety-970-80Do you own a Smartwatch? If yes, then how safe it is? There are almost 100 percent chances that you own a vulnerable Smartwatch.
Computer manufacturer Hewlett-Packard is warning users of smartwatches including Apple Watch and Samsung Gear that their wearable devices are vulnerable to cyber attacks.
In a study, HP’s Fortify tested today’s top 10 smartwatches for security features, such as basic data encryption, password protection and privacy concerns.
The most shocking part of the study was that –
 

Not even a Single Smartwatch Found to be 100 percent Safe

Security experts found that 100 percent of wearable devices contained at least one serious security vulnerability that could make the devices vulnerable to hackers.
With the increase in the adoption of smartwatches, manufacturers need to pay closer attention to the customers’ security because these wearable devices could potentially open doors to new threats to personal and sensitive information.

“As the adoption of Smartwatches accelerates, the platform will become vastly more attractive to those who would abuse that access, making it critical that we take precautions when transmitting personal data or connecting Smartwatches into corporate networks,” Jason Schmitt, general manager at HP’s Security Fortify said in a statement.

The study [PDF], no doubt, had included Smart watches by Apple, Pebble, Samsung and Sony, as it claims to have picked top 10 smartwatches.

Here’s the list of issues reported by HP:

1. Lack of transport encryption – Though all products implemented transport encryption using SSL/TLS, 40 percent of devices found to be either vulnerable to the POODLE attack, allowing the use of weak cyphers, or still using SSL v2.
2. Insecure Interfaces – Three out of ten smartwatches used cloud-based web interfaces and all of them were vulnerable to account harvesting. This allowed unlimited login attempts, helping hackers guess passwords.
3. Insufficient User Authentication/Authorization – Three out of ten smartwatches completely failed to offer Two-Factor authentication, or the ability to lock accounts after 3 to 5 failed password attempts.
4. Insecure Software/Firmware – 7 out of 10 smartwatches had issues with firmware updates. The wearable devices, including smartwatches, often did not receive encrypted firmware updates, but many updates were signed to help prevent malicious firmware updates from being installed. While a lack of encryption did not allow the files to be downloaded and analyzed.
5. Privacy Concerns – Smartwatches also demonstrate a risk to personal security as well as privacy. All the tested devices collected some form of personal information, including username, address, date of birth, gender, heart rate, weight and other health information.
The experts said it would not disclose the names of smartphone manufacturers whose watches they had tested, but they are working with vendors to “build security into their products before they put them out to market.”
Meanwhile, HP urges users to not connect their smartwatches to the sensitive access control functions like cars or homes unless strong authorization is offered.
Recommendations
HP has the following recommendations for those looking to use or produce smartwatch devices in a more secure manner:
Consumer
• Do not enable sensitive access control functions (e.g., car or home access) unless strong authentication is offered (two-factor etc).
• Enable passcode functionality to prevent unauthorized access to your data, opening of doors, or payments on your behalf.
• Enable security functionality (e.g., passcodes, screen locks, two-factor and encryption).
• For any interface such as mobile or cloud applications associated with your watch, ensure that strong passwords are used.
• Do not approve any unknown pairing requests (to the watch itself).
Enterprise Technical Teams
• Ensure TLS implementations are configured and implemented properly.
• Protect user accounts and sensitive data by requiring strong passwords.
• Implement controls to prevent man-in-the-middle attacks.
• Build mobile applications (specific to each ecosystem) into the device – in addition to any vendor-provided or recommended apps.
tv crime2We are living in an era of smart devices that we sync with our smartphones and make our lives very simple and easy, but these smart devices that inter-operates with our phones could leave our important and personal data wide open to hackers and cybercriminals.
Security researchers have demonstrated that the data sent between a Smartwatch and an Android smartphone is not too secure and could be a subject to brute force hacks by attackers to intercept and decode users’ data, including everything from text messages to Google Hangout chats and Facebook conversations.
This happens because the bluetooth communication between most Smartwatches and Android devices rely on a six-digit PIN code in order to transfer information between them in a secure manner. Six-digit Pin means approx one million possible keys, which can be easily brute-forced by attackers into exposing entire conversations in plain text.
Researchers from the Romania-based security firm Bitdefender carried out a proof-of-concept hack against a Samsung Gear Live smartwatch and a paired Google Nexus 4 handset running Android L Preview. Only by using sniffing tools available at that moment, the researchers found that the PIN obfuscating the Bluetooth connection between both devices was easily brute forced by them.
(Brute force attack is where a nearby hacker attempts every possible combination until finding the correct one. Once found the right match, they were able to monitor the information transferring between the smartwatch and the smartphone.)
Of course, this means an attacker would have to be fairly near the victim and log all intercepted Bluetooth data packets. The large-scale adoption of such an exploit could be fueled by the increasing number of smartwatches or smartbands. Weaponizing it could only be a matter of time.

For this proof-of-concept, a Nexus 4 Android device equipped with Android L Developer Preview and Samsung Gear Live were used. The implications of these recent findings are only moderately surprising – we know from past experience that adoption of new technologies does not always go hand-in-hand with better security practices.

Part of the mitigation process involves using NFC pairing when sending the pin code or the use of pass-phrases. Of course, there’s always the option of adding a secondary layer of encryption at the application level, but this might shorten battery life due to extra encryption computations.

TV_Android

About 460 of the top 500 Android applications create a security or privacy risk when downloaded to Android devices, according to new research. And that’s largely because of a lack of user education and the fact that mobile users don’t mind sharing personal information for free apps in return.

MetaIntell, a vendor that specializes in cloud-based mobile risk management (MRM), set about testing the top apps in a range of stores, including Amazon, CNET, GETJAR and the official Google Play store. It found that more than 92% of the applications it tested used non-secure communication protocols, while 60% communicate with domains that are blacklisted by a reputation service.

Additional risks included developer reputation, content vulnerabilities and 20% of the apps tested had the ability to load external applications either locally or remotely – all without the express consent or knowledge of the user.

Digging deeper into the data, MetaIntell rated the risks so high on many applications that 42% of them should not be allowed onto any consumer or enterprise-owned device.

These results are from an analysis of the apps that people download the most – suggesting that much more user education is necessary when it comes to mobile use.

“What most people do not fully appreciate are the risks associated with downloading apps from the million-plus Android applications available in app stores,” the company explained in the research. “Most users assume that applications are trusted if they are offered in an official app market. App stores typically make no guarantee about the trustworthiness of the products they offer. Most often, applications are developed and hosted in the apps markets with no risk assessment.”

The reality is, almost any application can become the source of serious threats that can affect both the device and the intranets to which that device connects, which can have serious ramifications in an enterprise setting. Users should approach app downloads with this in mind – especially corporate users.

“Access to personal data is what makes mobile applications uniquely useful and relevant to users,” said Chris Hazelton, research director for mobile and wireless at industry analysts 451 Research, in a statement. “In exchange for free apps, consumers are willing to share personal data with third party developers. Companies cannot afford to do this, and must control access to data on mobile devices – creating a real need for greater transparency and control of the apps that are available to employees from public app stores.”

So how can mobile device users and enterprises protect themselves from risky mobile applications? By not downloading applications that carry risk, of course – and that means being vigilant about reading the terms and conditions of apps and understanding what one is agreeing to when downloading. “Threats occur where risk conditions exist. Eliminate the risk and avoid the threat,” said Kevin Mullenex, CEO of MetaIntell.

Unfortunately, that will be easier said than done.

 

Source: infosecurity-magazine

tv crime2
So this post has come about by one of my friends posting the below video from LiveLeak on Facebook which is quite terrifying if you are a parent. But have no fear I will tell you how to stop people from tracking you or your child.

video pic

Some cameras, smartphones and tablets add location data to each picture you take. This means that anyone who wants to can see the exact longitude and latitude of the image. Geotagging data is wonderful for finding out where a picture was taken. However, it may not be obvious if you don’t know how to view it. For those who want to find out whether photos have been geotagged before posting them online, it is important to know how to check. The process is simple and helps to have better control over your pictures.

Is Your Camera Geotagging

Before viewing or checking for location data, you should know whether your camera is geotagging your pictures. Any camera you use must have GPS enabled in order for geotagging to occur. This is most common in smartphones, but some digital cameras have this capability as well. Without this feature, no location data is embedded in images. Remember that this data, called EXIF data, is invisible unless you know how to look for it.

What You Need

To view EXIF data, all you need is a web browser. There is no need to download extra software on your computer. Navigate to Jeffrey’s EXIF Viewer. Unlike many other tools available, this one keeps it simple and focuses on location information so you don’t have to sort through a lot of unnecessary data. Another benefit is the wide variety of file types that are supported. You would have to have some extremely rare file types for this tool not to work for you.

Using Jeffrey’s EXIF Viewer

This tool provides two different options for viewing geotagged images. The first allows you to view information from images already online. The second allows you to check images before they are posted online.

For online images, open the picture in your browser. Copy the URL of the image. The quick way is to highlight the URL and press Ctrl + C. Open the browser window with Jeffrey’s EXIF Viewer. Paste (Ctrl + V) the URL into the Image URL box. Press View Image At URL. You will see a few details about the camera, the date the image was taken and finally the location data along with a map.

For images stored on your computer, press Browse beside the Local Image File box. Choose the file in question and press View Image From File. You will see the same data the online option.

Testing it

Here is a picture I took in the summer of an exhibition about the activist group Anonymous

Post Picture

Now right click on the image and select ‘Copy Link Address’

Navigate to http://regex.info/exif.cgi and pastie the link into the URL Image box

Hit ‘View Image at URL’ and there you go.

location

Although the image on the page is a bit small, you can see tones of data including an arrow pointing to the Museum of London in the UK which is correct.

Now just imagine if this was a picture of your child on a social media site and the person viewing wanted to track them or their school down. Have no fear the following steps will tell you how to stop this from happening.

What can you do to protect yourself from stalkers and other bad guys using geotags to track you down?

Consider turning off location services on some location sharing apps

Find the location sharing settings on your smartphone and turn off the ones that you think might pose a personal safety risk. You can always turn them back on later if you want to.

Most smartphones will let you turn off location sharing for individual apps as an alternative to turning them off globally.

There are some apps such as ‘Find My iPhone’ that you won’t want to disable location sharing on. If you do disable location sharing on apps like ‘Find My iPhone’, then your phone won’t be able to relay its position and you won’t be able to find it using the ‘Find My iPhone’ service should it get lost or stolen.

Remove geotags from your digital photos

If you want to remove geotag information from your image files then you can use an app such asdeGeo (iPhone) or Photo Privacy Editor (Android) to remove the geotag info from your photos.

Consider turning off the location sharing setting of your phone’s camera app as well so that the GPS info does not get recorded as part of the picture’s meta data, this will save you the hassle of having to strip out the location data later on.

How do I turn off Geotaging on my Smart phone

Android 4.2 phones

  1. Start camera application
  2. Hit the Settings button
  3. Scroll down and find the GPS Tag option and turn it off

In older versions, the option may be called “Store Location,” but is it essentially the same process.

BlackBerry 6.0 and 7.0

RIM suggests through the online documentation that disabling geotagging be done on BlackBerry Enterprise Server,  which would work from an admin’s point of view if an agency uses BES. If not, to turn the setting off on an individual BlackBerry  phone:

  1. Open Camera
  2. Set the Location icon to “Disabled”

For some earlier versions, hit the Menu and Option buttons before changing the setting.

iPhone 4 and 5

  1. Go to Settings
  2. Select General
  3. Select Location Services
  4. Set Camera to “Off”

For older versions users can’t really turn off geotagging for the camera without disabling it for all applications. But location warnings can be set to go off when an application is using them.

Windows Phone 7 and 8

  1. Go to Settings
  2. Navigate to Applications
  3. Scroll down to Pictures & Camera
  4. Set “include location (GPS) info in Pictures you take” to “Off”

I hope this has put your mind at ease, but if you do have any question please contact me. Also please share this on social media sites and on friends pages.