Cyber Security News (29th March 2018)

  1. QR Code Bug in Apple iOS 11 Could Lead You to Malicious Sites

With iOS 11, Apple introduced a new feature that gives users ability to automatically read QR codes using their iPhone’s native camera app without requiring any third-party QR code reader app. A new vulnerability has been disclosed in iOS Camera App that could be exploited to redirect users to a malicious website without their knowledge. The vulnerability affects Apple’s latest iOS 11 mobile operating system for iPhone, iPad, and iPod touch devices and resides in the built-in QR code reader. Researcher said that you need to open the Camera app on your iPhone or iPad and point the device at a QR code. If the code contains any URL, it will give you a notification with the link address, asking you to tap to visit it in Safari browser. The URL allows attackers to manipulate the displayed URL in the notification, tricking users to visit malicious websites instead.

Cyber Security Tips: Users are strongly recommended that check URL while using QR code, avoid visiting URL.

  1. HiddenMiner Android Monero Mining Malware Cause Device Failure

Another day, another Android malware this time, the malware not only comes with Monero mining capabilities but its continuous mining process drains the targeted device. The IT security researchers at Trend Micro have discovered a sophisticated Moreno mining malware targeting Android users in the name of fake Google Play update. As of now, its prime targets are users in China and India since third-party apps are popular in both countries. Dubbed HiddenMiner by researchers the malware hides behind a legitimate looking Google Play update app. Once the app is installed it requires users to activate it as a device administrator and displays persistent pop-ups until victims click the Activate button. Once you grant the required permission the malware start using computer (CPU) power of the targeted device to mine Monero cryptocurrency.

Cyber Security Tips:  Users are strongly recommended that avoid updating your device from update notification, check the app permission while installing and keep installing apps from reputed sources.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: