malware

Android scammers are using a creatively nasty way to spread malware. They've disguised it as an update for the Google Play store itself. It's a particularly cheeky way to try to get credibility for a malware scam. Not only is Google Play the ... official place to get Android apps in the first place, but the best and simplest Android security tip is to only use apps from Google Play. In this case, the malware doesn't originate as an app but instead as a bogus link. This could be on a web page, in a text message or in an email. The supposed source is Google itself and the link comes with a message ... (view more)

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Recently, Google has started baking artificial intelligence (AI) into its standard search results. However, the new AI-powered responses have been criticized for giving credibility to scams, including leading users to malicious sites where their ... systems could be compromised by ransomware and similar. Although the baked-in artificial intelligence results have already been available for people who have intentionally asked to try it, what's important to note is that Google is now rolling it out for some ordinary users when they carry out a search. The idea of the new tool is to better handle ... (view more)

Google says Chrome will now warn users about risky sites using real-time information. The improvements won't compromise user privacy. Chrome already offers a feature called Safe Browsing. The default option, "standard protection," kicks in when ... users are about to visit a site, download a file or install an extension. The feature compares the target URL (website address) against a database of known and suspected security risks and warns the user of a match. The optional "enhanced protection" option will also actively check the target site for any signs that it may be compromised, threaten ... (view more)

The latest malware targeting banking users may have infected up to 200,000 Android devices. The criminals behind Anatsa have deliberately exploited what's meant to be a useful feature that makes users' lives easier. The attacks have some familiar ... features such as distributing the malware through free tools that perform some basic functions and finding ways around the Android permission system. What makes it a particularly nasty campaign is that it takes advantage of the Android Accessibility system. Security researchers at ThreatFabric spotted the malware in five apps with similar names: ... (view more)

Mac users have been warned to watch out for bogus updates to the Safari and Chrome browsers. It's a scam to spread data-stealing malware. The AMOS malware, also called Atomic Stealer, is particularly nasty as it targets data stored or transmitted by ... web browsers. This includes login details, passwords, and credit card numbers. It also looks for cryptocurrency wallets, which give access to Bitcoin and other cryptocurrencies that can be stolen and turned into cash. (Source: malwarebytes.com ) The malware has been around since the spring when the scammers targeted people searching for popular ... (view more)

Artificial Intelligence tools aren't as useful for writing malware as it first seemed. However, they may be useful for phishing scams and other social engineering. Two recent security company reports covered by The Register explored how malware ... scammers are particularly interested in AI tools that generate material. The theory goes that such tools could write code designed to exploit vulnerabilities in software and websites. (Source: theregister.com ) It's not a completely outlandish theory as some users have found such tools can efficiently write code for a particular task. It can take ... (view more)

More than 60,000 Android apps contained a nasty piece of malware designed to steal banking information. The scam doesn't target the official Google Play store, but rather third-party sources. The rogue apps fall into two main categories. Some are ... designed to closely resemble real, popular apps. Others are promoted as "modded" versions of genuine apps that are supposedly identical but with an alteration that supposedly removes ads or a requirement to pay a subscription. In reality, the scammers have taken the genuine apps, copied them, and made one modification. Unfortunately that modification ... (view more)

A notorious botnet that spreads malware through fake emails is back in action. Emotet has returned with some new tactics to try to bypass security checks. Emotet had already gained a reputation for being (comparatively) successful at fooling humans ... and computers alike. Its most notable characteristic was that it not only used messages that appeared to come from a trusted contact, but that it addressed the recipient by name and even appeared to be a reply to a previous genuine message. Most commonly, Emotet sends malware through Microsoft Word documents with macros. These are now disabled by ... (view more)

Samsung's flagship phone is getting special protection against a particularly nasty form of mobile malware. It combats zero-click attacks, which can steal data or compromise a handset without needing any action by the user. The hacking technique ... hasn't been widely seen in real-world attacks on Android phones, though Samsung claims it has worked on Apple devices. Samsung clearly believes it's just a matter of time before attackers find a vulnerability that would make such an attack almost irresistible. The company explains that a zero-click attack would exploit such a vulnerability by sending ... (view more)