Security

Google has removed 25 malicious Android apps which tried to steal user Facebook logins. As always, it's worth checking devices to see if these apps are installed, because they won't automatically uninstall from phones even being ousted from the Play ... Store. This particular batch of apps didn't have a common subject, but each promised to carry out a basic function, including: a flashlight, file cleaner, or card game. Hidden deep inside each app was malicious software that ran behind the scenes. The malware came alive each time an app was opened on the phone, specifically checking to see if the ... (view more)

An Android app with 40 million downloads has been linked to large-scale fraud against phone and tablet users. The "SnapTube" app reportedly tricks users with a free trial that leads to an expensive and unwanted subscription. The operators of the app ... say they were previously victims of illegal activity by an advertising partner but have now fixed the problem. SnapTube is a tool that was downloaded from the Google Play Store 40 million times before being removed. It was billed as a way to download videos from Facebook and YouTube, something that's not possible with those services own ... (view more)

Android users should check for 31 rogue beauty-related apps that Google has deleted from the Play Store, but could still be installed onto phones. They can unleash unwanted advertising and open web pages without permission. The apps all have ... different names, but largely offer filters to supposedly enhance self-portrait photographs. Suspicious Typos According to White Ops, which identified the apps, the full list is as follows. Note that many of the app names include apparent spelling and typographical errors: Beauty & Filters Camera Beauty Camera & Photo Editor Pro Beauty Camera ... (view more)

A new form of ransomware named after a Marvel super villain has some particularly evil features. The Thanos malware uses an approach more reminiscent of "physical world" blackmail. Despite the name, the malware thankfully doesn't imitate the ... character Thanos by - spoiler alert - deleting half the files in the entire universe. That said, it's still quite scary thanks to a couple of features beyond the usual tactic of encrypting files and demanding a ransom. Instead, the ransomware also seeks to spread across an entire local network and encrypt all the computers it can reach. This is especially ... (view more)

A security company has warned that a free tool claiming to remove ransomware is in fact ransomware itself. Sophos has also reported that businesses that pay ransoms end up with double the financial costs of those who don't. The company's Paul ... Ducklin examined a tool called "Decrypter DJVU". It's promoted as a way to undo the damage of a strain of ransomware that encrypts files, adds the extension ".djvu" to the name, and demands a payment to decrypt and restore access. (Source: sophos.com ) The tool asks users to type in a personal ID and a file extension, though it appears it doesn't take ... (view more)

Apple has paid $100,000 reward to a security researcher who discovered a simple but potentially damaging bug. Until it was fixed, the bug could have let hackers take over a user's account. The problem was with "Sign in with Apple" - a system that ... lets users sign up to websites via their Apple account rather than having to create specific login details for each site, or go through an email confirmation process it. As with similar systems from Facebook and Google, it only works on websites that support the "Sign in with Apple" feature. When the user visits the third-party site, it ... (view more)

Background "wallpaper" can cause Android phones to crash thanks to a bug with the system. At the moment it appears to be an unfortunate glitch but it could be open to abuse. The image in question is viewable at twitter.com , and features a scene ... with a forest in the foreground, a lake in the midground, and mountains in the background beneath a cloudy sky at sunset. The problem is that once set as the default wallpaper, the image causes the phone to crash. The phone then goes into a loop of restarting and crashing, with the only solution being a factory reset. That's not only time consuming ... (view more)

Microsoft and Sophos have warned users to watch out for emails which claim to offer statistics about the COVID-19 pandemic. They actually harbor a combination of malware and legitimate tools that could easily be abused by a hacker. The emails in ... question have subject lines such as "Covid-19: [May 22] horrible Charts", claim to come from legitimate sources such as John Hopkins University, and have an attachment that's billed as a spreadsheet file with statistics about deaths and infections. (Source: twitter.com ) Malicious Macro The attachment does indeed have an Excel file, but the problem is ... (view more)

A researcher has found a major bug with Thunderbolt port technology that could undermine major security measures on multiple computer systems. There's a big mitigating factor though: an attacker would need extended physical access to the computer in ... order to carry out the exploit. Thunderbolt is a technology that is similar in concept to USB, but adds fiber optic to the usual copper wires. Compared to USB, Thunderbolt has high speed and capacity. Common uses include super-fast device charging (including laptops), 4K video, and extremely quick data transfers. Originally Thunderbolt was only ... (view more)