First-Known Targeted Malware Attack On Android Phones Steals Contacts And Text Messages

Malicious software is nothing new to the cyber security world. So-called malware is what unscrupulous folk use to disrupt or gather sensitive data from our desktop computers. Targeted attacks with malware have been relatively unseen on smartphones, those other computers we carry around that are teeming with personal data.

Now, however, security researchers at Kaspersky Labs say they’ve uncovered the first-known targeted malware attack on Android phones. The victims were specifically Tibetan activists, but the disclosure underlines the broader possibilities for targeted cyber attacks on smartphones.

The attack relied heavily on social engineering, a kind of verbal manipulation, to hack into their targets’ devices. Kaspersky explains that on March 24, the attackers infiltrated the email account of a high-profile Tibetan activist, and used that account to send a spear-phishing email to their contacts list.

The email looked like this:

Notice that it included an attachment, called “WUC’s Conference.apk.” Several activist groups had recently organized a human rights conference in Switzerland. (Kaspersky say they’ve seen several attacks mentioning this event as a baiting tool.)

People who opened that e-mail on an Android smartphone, along with the attached Android Package (APK) file, would find that the file opened an Android application. Once installed, the app called “Conference” would appear on the desktop:

If a user went on to open the app, they’d see a window of text with information about the upcoming “conference.” (See below) At this point, some might have noticed the misspelling of “World” as “Word.”

As the target is reading the message, malicious software they had inadvertently installed would report back to a command-and-control server, before collecting information from the phone. According to Kaspersky, that information would include:

- Contacts that are stored on both the phone and the SIM card

- Call logs

- SMS messages

- Geo-location

- Data about the phone, including the phone number, what version OS it uses and the phone model.

Once the victim received a text message that included a certain protocol, the malware would send the collected data back to the command-and-control server.

Who were the perpetrators? Kaspersky mentions that throughout the malware’s code, the attackers included various messages in Chinese. Since this was probably done for debugging purposes, the malware may be an early prototype. The IP address for the command and control server points to Los Angeles, California, but a domain which used to point there was registered on March 8, by one Shanghai Meicheng Technology Information Co., Ltd, with contact details for the registrar pointing to Beijing.

There are other strong indications that the attackers were Chinese speakers, Kaspersky notes, adding that this is also just one of thousands of targeted cyber attacks on Tibetan and Uyghur supporters. The vast majority of attacks like these have target Windows via exploits in Word.

“Until now, we haven’t seen targeted attacks against mobile phones in the wild, although we’ve seen indications that these were in development,” the researchers said. “It is perhaps the first in a new wave of targeted attacks aimed at Android users. So far, the attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.”

(via -Forbes )

iPad (2022) and iPad Pro with M2 announced

Apple has announced their latest iteration of the iPad (entry level model) and the iPad Pro lineup with the new M2 processor. The event, held on the 18th of October as a recorded session displayed the key features of the iPads with the most significant being the base model iPad which has now received an upgrade. iPad 2022 This model of the base model iPad ditches the almost 12 year old home button and display layout and goes for a cleaner display only design found on the iPad Air . The chassis, which now comes with flatter sides and a TouchID fingerprint sensor on the top has also abandoned the lightning port in favor of USB C and it also comes with a set of pogo style connectors for accessories including a keyboard with trackpad. Internally, the iPad comes either as a Wifi only (Wifi6) and a 5G cellular model and is offered with 64 or 256GB of storage. The processor has also been upgraded to the Apple A14 which is the same found on the iPhone 12 series and last year's iPad Air. L

HTC One to sell as TD 101 at China Mobile

HTC decided to invest in such a brand by launching the One series of smartphones last year, although the company was not able to impose its own product names to certain carriers. Then, just a few days ago, the company launched the HTC One, which is going to be the company’s only One-branded handset this year, a make-or-break kind of project for the Taiwanese Android maker that’s still having a tough time fighting against the competition, especially Samsung. We were under the impression that HTC will further invest in its One brand and not budge to carrier demands anymore when it comes to changing the name of the product – in the U.S., AT&T, Sprint and T-Mobile are going to sell it as the HTC One. But it looks like things aren’t necessarily so, and no, it’s not Verizon that’s going to get its way selling the One as the Droid DNA Plus, as it was recently rumored. We’re looking at China Mobile this time around, which has announced the HTC One as the HTC TD 101. That’s certa

Google Pixel 7 and Pixel 7 pro along with Pixel watch unveiled.

Google announced their latest Pixel 7 and Pixel 7 Pro smartphones along with the Pixel Watch - google's first wearable at a special launch event today. The devices, which are powered by Google's second generation Tensor SOC bring major improvements in photography which has always been Google's highlight. Google Pixel 7 and Pixel 7 Pro. Google's Pixel 7 and the Pixel 7 Pro are Google's latest flagship phones for 2022. The devices, which have been developed around the Tensor G2 - Google's second generation processor developed on a 4nm architecture. The chipset, which consists of 2 Cortex X1 cores, 2 Cortex A78 cores and 4 Cortex A55 cores with a Mali G710 MC10 GPU cores and the chip is paired with 8GB of RAM for the Pixel 7 and 12GB RAM for the Pro variant. Both models come with 128 / 256GB of UFS 3.1 storage and the pro model comes with 512GB. The phones, which come with two different display sizes consist of a 6.3" 2400x1080 AMOLED display with 90Hz refre

MasHD Blog

Search This Blog