- Dangerous rootkit found pre-installed on nearly 3 million android phones
According to a new report from security rating firm BitSight, the issue is due to a vulnerability in the insecure implementation of the OTA (Over-the-Air) update mechanism used by certain low-cost Android devices. 3 Million Android devices worldwide are vulnerable to man-in-the-middle (MITM) attacks that could allow attackers to remotely execute arbitrary code with root privileges, turning over full control of the devices to hackers. The vulnerable mobiles contains a hidden binary — resides as /system/bin/debugs — that runs with root privileges and communicates over unencrypted channels with three hosts.
Affected android devices are: BLU Studio G, BLU Studio G Plus, BLU Studio 6.0 HD, BLU Studio X BLU Studio X Plus, BLU Studio C HD, Infinix Hot X507, Infinix Hot 2 X510, Infinix Zero X506, Infinix Zero 2 X509, DOOGEE Voyager 2 DG310, LEAGOO Lead 5, LEAGOO Lead 6, LEAGOO Lead 3i, LEAGOO Lead 2S, LEAGOO Alfa 6, IKU Colorful K45i, Beeline Pro 2, XOLO Cube 5.0.
Cyber Security Tips: Company has release update immediately install it.
- Ransoc Desktop Locker Ransomware Scans Social Media Profiles for Exploitation
Ransoc it scrapes Skype and social media profiles along with scanning files and torrents for finding any sort of sensitive information. Then, it customizes a ransom note according to the identified information but does not encrypt files like other ransomware malware – It does threaten victims with bogus legal proceedings in case they fail to pay the ransom. With scraping and scanning capability, the ransomware can display correct personal data, which it takes from Skype and social media profiles. The data also includes profile pictures. The attackers have basically tried to exploit the victim’s fear of exposure and possible legal complications that may result from leaking of such sensitive information.
Cyber Security Tips: To prevent from this hack secure your social media account, avoid to visit any link.