malware

Mon
14
Jul
John Lister's picture

Browser Extensions Laced With Malware

More than two million Chrome and Edge users installed extensions that later turned into malware. The 18 extensions all delivered their advertised functionality but some unwanted bonus features. Extensions (known as add-ons in Edge) are a third-party ... tool for web browsers that interact with the browser to bring additional features. Most have perfectly legitimate uses, for example sending the text of a long article on a web page to the user's Kindle e-reader, or blocking ads. Because the tools have varying levels of access to a user's browser and online activity, security is a must. That's why ... (view more)

Fri
11
Jul
Dennis Faas's picture

No USB-based TPM for Win11? Here's Why it Won't Work

In today's main article, we talked about the need for continuing Windows 10 support because the vast majority of PC's today Windows 11 requires TPM (Trusted Platform Module) but only newer PCs (circa >2018) have it. I've always wondered why a ... tech company couldn't simply create a USB-based TPM device so that older machines would be able to meet the requirements of Windows 11, so I decided to ask ChatGPT some questions. I thought the answers were fascinating, so I decided to put together a Q&A style article. Here's a breakdown of those questions in case you want to skip right to the ... (view more)

Fri
11
Jul
John Lister's picture

Windows 10 Security Patches 'Must Continue'

A campaign group want users to sign a petition calling on Microsoft to automatically extend support for Windows 10. It says existing plans where users can sign up to an extra year of support cheaply or free of charge don't go far enough. The ... petition is the work of the Public Interest Research Group (PIRG), which describes itself as "an advocate for consumers, advancing solutions to problems that affect our health, our safety and our wellbeing." It commonly campaigns on tech topics including the "right to repair" as a way to benefit consumers while reducing environmental waste. Millions Of ... (view more)

Mon
21
Apr
John Lister's picture

WhatsApp For Windows: Update Immediately

WhatsApp Windows users have been warned to check they are running the latest edition. A new update fixes a bug which could make it much easier to distribute malware. The issue is not with the more familiar mobile app, nor with the website version ... that's available by visiting https://web.whatsapp.com/ in a browser. Instead it's with the downloadable WhatsApp for Desktop Windows app that lets users make video calls and share their screen among other benefits. The security flaw involves the way users can send attachments. As The Register explains, such files come with accompanying data called ... (view more)

Fri
07
Feb
John Lister's picture

Google Play to Limit Permissions on Rogue Apps

Google is to take stronger actions against apps that turn out to be potentially harmful. It may revoke permissions where the app is already on a user's device. One of the most notable aspects of Google's management of Android apps is its particular ... balance of security and privacy. Although it will remove apps suspected or confirmed to be malicious from the Play Store, it doesn't usually do much if anything about devices which already have the app installed. The optional Google Play Protect can technically deactivate suspicious apps, but usually it's left to users to hear about the issue (for ... (view more)

Mon
25
Nov
John Lister's picture

Bizarre Google Search Risk Claim is Overhyped

Claims that typing "Are Bengal cats legal in Australia?" into Google could destroy your computer and empty your bank account are somewhat overblown. But beneath the hyperbole, there's an interesting tactic from hackers. Numerous media sources have ... written stories about the supposed dangers of a "six word phrase" that users must not type for fear of exposing their personal data. The implication is that there's some sort of magical booby trap, but the reality is a little duller. The problem was spotted by Sophos which noted that several of the top search results for the query about the cats ... (view more)

Wed
02
Oct
John Lister's picture

Necro Malware Infects 'Modified' Spotify, WhatsApp

"Modified" versions of popular apps have helped distribute a nasty piece of Android malware. The tactic expanded the reach of the Necro Trojan despite Google's security checks. Necro was able to survive for some time before discovery, largely ... because the infection wasn't obvious to users. Its main purpose was to hijack phones and use them to make money for the people behind the malware. This included displaying paid ads in the background so that users didn't see them, but the scammers were able to claim revenue from advertisers. The malware would also install apps on the phone to earn ... (view more)

Wed
14
Aug
John Lister's picture

Android Malware Hidden For Years

Five rogue Android apps remained in the Google Play store for more than two years. They hosted notorious malware called Mandrake that was hidden through some creative means. According to SecureList, the apps were titled AirFS, Amber, Astro Explorer, ... Brain Matrix and CryptoPulsing. The good news is that the apps had hardly any downloads, one of the reasons they attracted little attention. The real concern is whether malware distributors are using the same tactics with other apps. (Source: securelist.com ) Mandrake has been known about since 2020, though appears to have been in circulation ... (view more)

Wed
12
Jun
John Lister's picture

Google Play 'Update' May Be Scam

Android scammers are using a creatively nasty way to spread malware. They've disguised it as an update for the Google Play store itself. It's a particularly cheeky way to try to get credibility for a malware scam. Not only is Google Play the ... official place to get Android apps in the first place, but the best and simplest Android security tip is to only use apps from Google Play. In this case, the malware doesn't originate as an app but instead as a bogus link. This could be on a web page, in a text message or in an email. The supposed source is Google itself and the link comes with a message ... (view more)

Fri
17
May
John Lister's picture

'Dirty Stream' Floods Android With Malware

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Pages

Subscribe to RSS - malware