Search This Blog

Showing posts with label Android App. Show all posts

Microsoft Launches New Privacy Features for Windows 11

 

Microsoft is developing a new privacy dashboard to patch its vulnerabilities for Windows 11 that will allow users to view which apps and tools have access to sensitive hardware components such as the camera, microphone, location, phone calls, messages, and screenshots. It's included in one of June Windows 11 Preview Builds and now is ready for testing in the Dev Channel for Windows Insiders.

Users will be able to view the newly implemented tool in the Privacy & Security > App Permissions section, where a "Recent activity" option will be available, as per Microsoft. Users will be able to locate the monitored category of information in this section. "Once clicked, it will show every instance of one of the programs installed on a user's machine that has recently accessed sensitive devices and information," says the next step. Even though the list contains information about the most recent time the program accessed the service, clicking on any of the entries yields no additional information.

Several users would be able to proactively protect themselves from ransomware and phishing attacks that are unwittingly deployed by malicious actors due to this additional layer of privacy. Malware or malicious software may obtain access to a user's privacy in some cases via spying on its camera or microphone, or by reading file paths, process IDs, or process names.

If Windows Hello is turned off, your PC will be unable to access your camera. Some apps use the Camera app to capture pictures, by the Camera app's camera access setting. No images will be taken and sent to the app that accessed them unless you manually select the capture button in the Camera app.

Desktop apps can be downloaded from the internet, stored on a USB drive, or installed by your IT administrator. Microsoft has not yet officially launched this new privacy option, according to its Windows Insider Blog. This information comes from Microsoft's Vice President of Enterprise and OS Security, David Weston, in a tweet on Thursday. 

Windows has never had a privacy feature as useful as this, but it appears that Microsoft is working to strengthen the operating system's privacy controls. With Android version 12, Google provided a similar capability, although its execution is far from satisfactory.

Huawei's App Gallery Hosted Malicious Apps Installed by 9M+ Android Users

 

Around 9.3 million Android devices have been infected with a new type of malware that masquerades as dozens of arcade, shooter, and strategy games on Huawei's AppGallery marketplace in order to gather device information and victims' phone numbers. 

Researchers from Doctor Web discovered the mobile campaign and categorized the trojan as "Android.Cynos.7.origin," simply because it is a modified variant of the Cynos malware. Some of the 190 rogue games discovered were made for Russian-speaking players, while others were made for Chinese or worldwide audiences. 

The applications requested the victims for permission to make and control phone calls once they were installed and then utilized to access and capture their phone numbers as well as other device data including geolocation, mobile network characteristics, and system metadata. 

All of these harmful games are primarily geared at children, who are easy targets for having all of their permissions activated. Huawei has currently uninstalled all of the vulnerable games from its AppGallery app store. If users have a Huawei smartphone and aren't sure if they're infected or not, some of the malicious apps are mentioned below: 
  • “[Команда должна убить боеголовку]” with more than 8000 installs. 
  • “Cat game room” with more than 427000 installs. 
  • “Drive school simulator” with more than 142000 installs. 
  • “[快点躲起来]” with more than 2000000 installs 
Furthermore, the Doctor Web malware analysts have previously warned Huawei about these harmful apps. Doctor Web researchers stated, "At first glance, a mobile phone number leak may seem like an insignificant problem. Yet in reality, it can seriously harm users, especially given the fact that children are the games' main target audience." 

"Even if the mobile phone number is registered to an adult, downloading a child's game may highly likely indicate that the child is the one who actually uses the mobile phone. It is very doubtful that parents would want the above data about the phone to be transferred not only to unknown foreign servers, but to anyone else in general."

Drinik Malware is Fooling Users to Give in their Mobile Banking Details

 

There's a new malware, and it's wreaking havoc on Android users. Drinik is a malware that steals vital data and financial credentials from a smartphone user. CERT-In, the Indian Computer Emergency Response Team, has issued a warning to many banks. Customers of 27 public and private banks in the country have been hit by the malware so far. 

The Drinik malware is presently imitating an Income Tax Department application, and after a user has been duped into downloading it, it collects all sensitive data. Not only that, but the malware also forces the user to complete a transaction, after which it crashes and displays a bogus warning. In the meantime, it gathers all of the essential information from the user.

In 2016, the Drinik malware was apparently utilised as a primitive SMS hacker. CERT-In, on the other hand, speculated that it had lately morphed into a banking Trojan aimed at Indian customers. Victims receive an SMS message with a link to the phishing site, according to the details mentioned in the CERT-In advisory. It then requests some personal information before downloading the application. 

The malicious Android application imitates a legitimate version of the Income Tax Department's solution for generating tax refunds. According to the advisory, it asks for authorization to view SMS messages, phone records, and contacts, as well as a refund application form that requests information like as full name, PAN, Aadhaar number, address, and date of birth. 

Following that, all sensitive banking information such as account number, IFSC code, CIF number, debit card number, expiration date, CVV, and PIN is requested. According to the attackers, these details will be utilised to help generate tax refunds that will be transferred directly to the user's account. In actuality, the agency observes that when a user touches the app's "Transfer" button, it displays an error and displays a bogus update screen. This aids the attacker in running a Trojan in the background that shares user information such as SMS messages and call logs. 

The attackers are able to construct a bank-specific mobile banking screen using the quietly obtained details in order to persuade the victim to input their mobile banking credentials. According to the CERT-In, these are then exploited to commit financial fraud. 

Banking consumers are advised to download apps directly from official app stores such as Google Play. Furthermore, the government agency advises people not to visit untrustworthy websites or click on untrustworthy links.

Signal Patches Zero-Day Bug in its Android App

 

Signal has patched a critical flaw in its Android app that, in some circumstances, sent random unintended images to contacts without an obvious explanation. 

The flaw was first reported in December 2020 by Rob Connolly on the app's GitHub page. Despite being known for months, Signal has fixed the bug only recently. While the team faced a backlash over this delay, Greyson Parrelli, Signal’s Android developer confirmed fixing the bug recently. As per his response on the same GitHub thread, Signal has patched the flaw with the release of the Signal Android app version 5.17. 

When a user sends an image via the Signal Android app to one of his contacts, the contact would occasionally receive not just the selected image, but additionally a few random, unintended images, that the sender had never sent out, Connolly explained. 

“Standard conversation between two users (let’s call them party A and party B). Party A shares a gif (from built-in gif search). Party B receives the gif, but also some other images, which appear to be from another user (party A has searched their phone and does not remember the images in question). Best case the images are from another contact of B and messages got crossed, worst case they are from an unknown party, who's [sic] data has now been leaked,” Connolly told while describing the flaw. 

At this time, the flaw seems to have only impacted the Android version of the app. Signal Android app users should update to the latest version of the app, available on the Google Play store, researchers advised.

Last year in May 2020, cybersecurity researchers at Tenable discovered a flaw in the secure messaging app Signal which allowed threat actors to track user’s locations. Threat actors can track user’s movements just by calling their Signal number — whether or not the user had his contact information. This could be a big problem for victims of stalking, or for activists and journalists who are trying to avoid government or law enforcement detection to leak information or act in a whistleblower capacity, researcher David Wells wrote.

“That feature is not well advertised, and it’s interesting that someone could disclose your location if they’re your contact. Let’s say I have a burner phone and I just ring your phone, and I do it so quickly that all you see is a missed call from some number. Usually, it’ll be somewhat near you. So, I can force that DNS server [near you] to talk to me. By getting that information, I know what DNS server you’re using and I can determine your general location,” Wells explained.