First-Known Targeted Malware Attack On Android Phones Steals Contacts And Text Messages

Malicious software is nothing new to the cyber security world. So-called malware is what unscrupulous folk use to disrupt or gather sensitive data from our desktop computers. Targeted attacks with malware have been relatively unseen on smartphones, those other computers we carry around that are teeming with personal data.

Now, however, security researchers at Kaspersky Labs say they’ve uncovered the first-known targeted malware attack on Android phones. The victims were specifically Tibetan activists, but the disclosure underlines the broader possibilities for targeted cyber attacks on smartphones.

The attack relied heavily on social engineering, a kind of verbal manipulation, to hack into their targets’ devices. Kaspersky explains that on March 24, the attackers infiltrated the email account of a high-profile Tibetan activist, and used that account to send a spear-phishing email to their contacts list.

The email looked like this:

Notice that it included an attachment, called “WUC’s Conference.apk.” Several activist groups had recently organized a human rights conference in Switzerland. (Kaspersky say they’ve seen several attacks mentioning this event as a baiting tool.)

People who opened that e-mail on an Android smartphone, along with the attached Android Package (APK) file, would find that the file opened an Android application. Once installed, the app called “Conference” would appear on the desktop:

If a user went on to open the app, they’d see a window of text with information about the upcoming “conference.” (See below) At this point, some might have noticed the misspelling of “World” as “Word.”

As the target is reading the message, malicious software they had inadvertently installed would report back to a command-and-control server, before collecting information from the phone. According to Kaspersky, that information would include:

- Contacts that are stored on both the phone and the SIM card

- Call logs

- SMS messages

- Geo-location

- Data about the phone, including the phone number, what version OS it uses and the phone model.

Once the victim received a text message that included a certain protocol, the malware would send the collected data back to the command-and-control server.

Who were the perpetrators? Kaspersky mentions that throughout the malware’s code, the attackers included various messages in Chinese. Since this was probably done for debugging purposes, the malware may be an early prototype. The IP address for the command and control server points to Los Angeles, California, but a domain which used to point there was registered on March 8, by one Shanghai Meicheng Technology Information Co., Ltd, with contact details for the registrar pointing to Beijing.

There are other strong indications that the attackers were Chinese speakers, Kaspersky notes, adding that this is also just one of thousands of targeted cyber attacks on Tibetan and Uyghur supporters. The vast majority of attacks like these have target Windows via exploits in Word.

“Until now, we haven’t seen targeted attacks against mobile phones in the wild, although we’ve seen indications that these were in development,” the researchers said. “It is perhaps the first in a new wave of targeted attacks aimed at Android users. So far, the attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.”

(via -Forbes )

iPad (2022) and iPad Pro with M2 announced

Apple has announced their latest iteration of the iPad (entry level model) and the iPad Pro lineup with the new M2 processor. The event, held on the 18th of October as a recorded session displayed the key features of the iPads with the most significant being the base model iPad which has now received an upgrade. iPad 2022 This model of the base model iPad ditches the almost 12 year old home button and display layout and goes for a cleaner display only design found on the iPad Air . The chassis, which now comes with flatter sides and a TouchID fingerprint sensor on the top has also abandoned the lightning port in favor of USB C and it also comes with a set of pogo style connectors for accessories including a keyboard with trackpad. Internally, the iPad comes either as a Wifi only (Wifi6) and a 5G cellular model and is offered with 64 or 256GB of storage. The processor has also been upgraded to the Apple A14 which is the same found on the iPhone 12 series and last year's iPad Air. L

Google Pixel 7 and Pixel 7 pro along with Pixel watch unveiled.

Google announced their latest Pixel 7 and Pixel 7 Pro smartphones along with the Pixel Watch - google's first wearable at a special launch event today. The devices, which are powered by Google's second generation Tensor SOC bring major improvements in photography which has always been Google's highlight. Google Pixel 7 and Pixel 7 Pro. Google's Pixel 7 and the Pixel 7 Pro are Google's latest flagship phones for 2022. The devices, which have been developed around the Tensor G2 - Google's second generation processor developed on a 4nm architecture. The chipset, which consists of 2 Cortex X1 cores, 2 Cortex A78 cores and 4 Cortex A55 cores with a Mali G710 MC10 GPU cores and the chip is paired with 8GB of RAM for the Pixel 7 and 12GB RAM for the Pro variant. Both models come with 128 / 256GB of UFS 3.1 storage and the pro model comes with 512GB. The phones, which come with two different display sizes consist of a 6.3" 2400x1080 AMOLED display with 90Hz refre

Nikon D850 is official

Nikon D850 has probably been the company's worst kept secret . The camera , which was announced a month back during Nikon's 100 year anniversary just explained in brief ,but thanks to leakers some of that information managed to hit the internet and inadvertently lead the camera to be the most talked about topic in the camera world . But now , after a month of waiting anxiously for the official pricing (rumors made headlines after many quoted $1000-2000 more than the official one ) , the Nikon D850 is finally official . Nikon D850 The Nikon D850 is Nikon's jack of all trades semi - flagship camera which sits below the D5 but above the D750 . The model which succeeds the D810 from almost 3 years back is armed with a new backlit 35mm sensor and the largest optical viewfinder and pentaprism for any camera . Video features on the camera include 4K with full sensor readout and features 8K timelapse . The camera features 7 fps at full resolution and 9fps when connecte

MasHD Blog

Search This Blog