SMS Archives

AppWizard

November 8, 2024

Godfather Is A Risk To Android Users Worldwide As 500 Apps Targeted

A new variant of the Godfather banking trojan is targeting over 500 Android banking and cryptocurrency applications globally. Initially focused in the U.S., U.K., and Europe, its reach has expanded to countries including Azerbaijan, Greece, Japan, and Singapore. The malware has transitioned from Java to native code, enhancing its ability to exploit Android’s accessibility services and mimic user actions through gesture automation commands. It employs social engineering tactics, such as a fraudulent website posing as the official MyGov site of the Australian Government, to distribute malicious files. Once installed, the malware communicates with a control server, collects device information, and replaces legitimate banking applications with phishing pages to steal credentials. The Godfather malware has become more difficult to analyze and poses a significant threat to users worldwide.

AppWizard

November 7, 2024

Uninstall these 12 Android apps that record your conversations

Twelve malicious Android applications have been identified that can take control of devices to record audio and perform other harmful activities. These apps include: 1. Rafaqat 2. Privee Talk 3. MeetMe 4. Let’s Chat 5. Quick Chat 6. Chit Chat 7. YohooTalk 8. TikTalk 9. Hello Cha 10. Nidus 11. GlowChat 12. Wave Chat The first six were available on the Google Play Store and were downloaded over 1,400 times before removal. Users are advised to uninstall these apps immediately and remain cautious about downloading unfamiliar applications or clicking on suspicious links.

Winsage

November 3, 2024

New Microsoft Windows Attacks—Stop Doing This Now, US Government Warns Users

The FBI has warned users about vulnerabilities in popular webmail accounts, highlighting risks to passwords and multifactor authentication (MFA) due to emerging cyber threats. The Cybersecurity and Infrastructure Security Agency (CISA) has advised Windows users to reconsider SMS-based MFA. CISA's guidance targets Chief Information Security Officers (CISOs) and enterprise users, emphasizing a sophisticated spear-phishing campaign affecting various sectors, including government and IT. Spear phishing, although less than 0.1% of phishing emails, accounts for 66% of successful breaches, with average costs of USD 4.76 million and potential losses up to USD 100 million. CISA notes that foreign threat actors often impersonate trusted entities and use malicious remote desktop protocol (RDP) files to gain unauthorized access. CISA has recommended ten security measures for organizations, including restricting outbound RDP connections, blocking RDP files, enabling MFA, and adopting phishing-resistant authentication methods. CISA advises against SMS-based MFA due to its vulnerability to SIM-jacking attacks. Kaspersky has raised concerns about SIM swap fraud, particularly in areas with high smartphone usage. Organizations are encouraged to use stronger MFA alternatives, such as software authenticators or passkeys.

AppWizard

October 25, 2024

Android app permissions explained and how to use them

Since Android 6.0 Marshmallow, users have control over app permissions, allowing them to manage what information and features apps can access. Android app permissions determine an application's access to device functionalities, such as reading SMS messages, using the camera, or accessing location data. Users must approve permission requests through on-screen prompts when launching an app for the first time. Permissions can be modified later through the Apps menu, where users can see which permissions have been granted or denied. Permissions include access to body sensors, calendar events, call logs, camera, contacts, files and media, location, microphone, nearby devices, notifications, phone information, physical activity logs, and SMS. Users can also check permissions by type in the Privacy tab of the Settings menu, allowing them to see how many apps have requested each permission. It is advisable to deny unnecessary permissions, especially for apps that request access that does not align with their functionality. Android 12 introduced features for enhanced transparency, allowing users to disable camera and microphone permissions for all apps and receive notifications when these features are accessed. The Privacy Dashboard provides insights into app permissions used over the past 24 hours. Android 13 added a photo picker feature for sharing specific media without granting full file system access.

AppWizard

October 23, 2024

Delete These 12 Android Apps That Record Your Conversations – Jason Deegan

Security researchers at ESET have identified twelve malicious Android apps capable of recording audio in the background and other intrusive actions. Six of these apps were distributed through the Google Play Store, while the other six were disseminated through less direct means. One tactic used by hackers involves posing as romantic interests on messaging platforms to persuade targets to download infected apps containing the VajraSpy Trojan. The malicious apps fall into three categories: 1. Infected messaging apps that steal personal information and run a Trojan in the background. 2. Apps that exploit accessibility features to intercept communications on WhatsApp and Signal, with one app, Wave Chat, capable of recording phone calls and ambient sounds. 3. A disguised news app that requests personal information and can intercept contacts and files. The identified malicious apps to uninstall include Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. The first six were downloaded over 1,400 times from the Google Play Store before being removed.

AppWizard

October 22, 2024

Best Password Managers for 2024 and How to Use Them

- Security is the foremost priority when choosing a password manager; look for zero-knowledge principles and AES 256-bit encryption. - The cost of password managers varies, with options for individuals, families, and businesses, and many offer free tiers with restrictions. - Cross-platform compatibility is essential, ensuring the service works across all devices, operating systems, and browsers. - Essential features to look for include multifactor authentication, password generator, secure sharing options, and automatic synchronization. - Secure sharing capabilities allow safe exchanges of vault items, with some services allowing sharing with non-users. - Some password managers offer secure file storage for important documents, with varying storage capacities. - Family plans typically cover multiple accounts under a single subscription fee, making them a cost-effective solution for sharing.

AppWizard

October 22, 2024

Here’s how Android 15 protects your two-factor authentication codes from malicious apps

Android 15 introduces enhanced security for notifications containing two-factor authentication codes by classifying them as "sensitive." Only trusted applications, which must have the RECEIVESENSITIVENOTIFICATIONS permission, can access these notifications, preventing untrusted apps from reading them. The Android System Intelligence (ASI) processes notifications and marks those with sensitive content, ensuring untrusted apps receive a notification stating, “sensitive notification content hidden.” This change aims to improve security against hacking attempts but may disrupt automation tools that read notifications. Workarounds exist to restore previous functionality, but they pose potential security risks.

AppWizard

October 20, 2024

Google is about to improve how it checks apps on your Android phone for malware

Google Play Protect scans 200 billion Android applications daily to protect its 3 billion users from malware. A new feature called live threat detection uses AI to monitor app requests for sensitive permissions and interactions. If suspicious activity is detected, the app is flagged for review, and users are alerted. The testing occurs on the device to maintain user privacy through Google’s Private Computer Core. By the end of the year, live threat detection will be integrated into devices from various manufacturers. A report identified 50 dangerous apps in the Google Play Store, including Google Messages and Facebook, based on high-risk permissions requested. Google has required developers to submit a Permissions Declaration Form for apps requesting sensitive permissions by the end of the month, with potential extensions until the year's end for some developers.

AppWizard

October 17, 2024

Google Play distributed over 200 malicious apps with over 8 million downloads

The Google Play Store distributed over 200 malicious applications that collectively garnered more than 8 million downloads. These apps, categorized as tools, personalization, photography, productivity, and lifestyle, contained threats such as info-stealers, adware, loan installers, and banking trojans. The malicious apps were active from June 2023 to April 2024, with India and the United States being the most targeted regions. There has been a rise in spyware infections, particularly affecting the education sector. Attackers have employed a method called “versioning” to push malware through app updates, evading security measures.

AppWizard

October 15, 2024

Over 200 malicious apps on Google Play downloaded millions of times

Zscaler's analysis revealed that over 200 malicious applications on Google Play accumulated nearly eight million downloads between June 2023 and April 2024. The identified malware families included Joker (38.2%), Adware (35.9%), Facestealer (14.7%), Coper (3.7%), Loanly Installer (2.3%), Harly (1.4%), and Anatsa (0.9%). In May 2023, Zscaler flagged more than 90 malicious apps on Google Play with 5.5 million downloads. The Necro malware loader was downloaded 11 million times, and Goldoson malware infiltrated 60 legitimate apps with 100 million downloads. Zscaler blocked an average of 1.7 million malware transactions per month, totaling 20 million during the analysis period. Spyware infections surged, particularly from SpyLoan, SpinOK, and SpyNote, with 232,000 blocks recorded. The most targeted countries were India, the United States, Canada, South Africa, and the Netherlands. The education sector saw a 136.8% increase in blocked transactions due to mobile malware. Users are advised to read reviews, verify app publishers, and scrutinize permissions to mitigate malware risks.