Cyber Security News (12th January 2018)

  1. Android Malware written in Kotlin found in Play Store stealing data

Just another day with just another Android malware hosted on Google Play Store targeting unsuspecting users but this time, the malware is written in Kotlin, a statically-typed programming language. According to the IT security researchers at Trend Micro have discovered an Android malware Androidos_Bkotklind.Hrx on Google Play Store hiding behind a utility app called “Swift Cleaner.” The app claims to clean and optimize Android devices but in reality, it installs malware and steals data and performs other malicious acts including click ad fraud, SMS sending, URL forwarding and sign up users for premium SMS service without the permission or knowledge of the victim. According to the researcher, once the Swift Cleaner is launched, the malware sends device information to its remote server and initiate tasks including sending SMS to a specified number, executing WAP (wireless application protocol) task that lets malware collect wireless network related information and injects a Javascript that allows the malware to secretly steal the device’s data, all this is done after receiving tasks through command and control center (C&C). The malware also able to uploads the information of the victim’s service provider, login credentials, and CAPTCHA images to the C&C server.

Cyber Security Tips:  The malware has already removed from Google, users are strongly recommended that uninstall Swift Cleaner if present on your smartphone, reset your all credentials, and update your mobile antivirus.

  1. WhatsApp Vulnerability Lets Anyone Spy on Group Chats

Two years back mobile messaging app WhatsApp was equipped with end-to-end encryption in order to provide its users comprehensive security from government spying, hackers’ scams and WhatsApp itself. According to the latest report, a critical vulnerability in WhatsApp has been discovered that lets anyone join the chat and spy on conversations without admin’s permission.  According to the team of researchers, group chat encryption in WhatsApp and other messaging apps including Signal and Threema is flawed that makes infiltrating the chats much easier for cybercriminals without seeking permission from group admin. Researchers revealed that they identified a series of flaws in encryption process for group chats in the abovementioned apps and the flaws greatly undermine the security claims of each of these app’s multi-person group communications to various degrees.

Cyber security Tips:  Researchers also advised companies to fix the issue just by adding an authentication mechanism to make sure that the “signed” group management messages come from the group administrator only. This attack is not easy to execute, so users should not be worried about it.

  1. [Bug] macOS High Sierra App Store Preferences Can Be Unlocked Without a Password

A new password bug has been discovered in the latest version of macOS High Sierra that allows anyone with access to your Mac to unlock App Store menu in System Preferences with any random password or no password at all. The impact of this vulnerability is nowhere as serious as the previously disclosed root login bug in Apple’s desktop OS that enabled access to the root superuser account simply by entering a blank password on macOS High Sierra 10.13.1. The vulnerability impacts macOS version 10.13.2 and require the attacker to be logged in with an administrator-level account for this vulnerability to work. The vulnerability impacts macOS version 10.13.2 and require the attacker to be logged in with an administrator-level account for this vulnerability to work.

Cyber Security Tips:  Apple already knows about this issue and you’ll likely get a fix in this upcoming software update, users are recommended to keep monitoring their system.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: