- QR Code Bug in Apple iOS 11 Could Lead You to Malicious Sites
With iOS 11, Apple introduced a new feature that gives users ability to automatically read QR codes using their iPhone’s native camera app without requiring any third-party QR code reader app. A new vulnerability has been disclosed in iOS Camera App that could be exploited to redirect users to a malicious website without their knowledge. The vulnerability affects Apple’s latest iOS 11 mobile operating system for iPhone, iPad, and iPod touch devices and resides in the built-in QR code reader. Researcher said that you need to open the Camera app on your iPhone or iPad and point the device at a QR code. If the code contains any URL, it will give you a notification with the link address, asking you to tap to visit it in Safari browser. The URL allows attackers to manipulate the displayed URL in the notification, tricking users to visit malicious websites instead.
Cyber Security Tips: Users are strongly recommended that check URL while using QR code, avoid visiting URL.
- HiddenMiner Android Monero Mining Malware Cause Device Failure
Another day, another Android malware this time, the malware not only comes with Monero mining capabilities but its continuous mining process drains the targeted device. The IT security researchers at Trend Micro have discovered a sophisticated Moreno mining malware targeting Android users in the name of fake Google Play update. As of now, its prime targets are users in China and India since third-party apps are popular in both countries. Dubbed HiddenMiner by researchers the malware hides behind a legitimate looking Google Play update app. Once the app is installed it requires users to activate it as a device administrator and displays persistent pop-ups until victims click the Activate button. Once you grant the required permission the malware start using computer (CPU) power of the targeted device to mine Monero cryptocurrency.
Cyber Security Tips: Users are strongly recommended that avoid updating your device from update notification, check the app permission while installing and keep installing apps from reputed sources.