Tag Archives: Android

Posted on Author Atlantic Computer Services Categories Blog

Update To Popular Android App Included Malware Infection

Do you use the popular Android app, “Barcode Scanner?” If so, you’re certainly not alone. The app has racked up more than 10 million downloads on Google’s Play Store and is one of the most popular apps in its class.

It’s a simple, straightforward bit of code that does exactly what it sounds like it does, which is why so many people have come to rely on it over the years.

Unfortunately, Google recently pulled the plug, removing the app from the store after it had been there for years. The reason? Sometime during December 2020, an update to the code saw the injection of malware.

Many users give the apps they use regularly a fairly free hand when it comes to downloading and installing updates. In this case, if you let your Barcode Scanner auto-update, the update installed a nasty Trojan on your smartphone that allows hackers complete control over the device. Not good.

Among other things being reported by users who have been impacted by the update are:

  • Default browser changing
  • New default browser opening with no user intervention and surfing to different, usually ad-intensive pages.
  • And displaying ads touting the supposed benefits of other apps that are thought to contain malware.

As bad as those things are, they’re not as bad as they could be. Had the malware’s owners wished, they could have done significantly more damage than that.

Even so, the app has rightly been pulled from the Play Store and if you have it installed on your phone but haven’t allowed it an update in a while, your best bet is to uninstall it and find an alternative that’s not brimming with malicious code. Kudos to Google for taking swift action, even if it meant the sudden end of an app with a multi-year history as a safe, reliable product.

0
Posted on Author Atlantic Computer Services Categories Blog

Some Smartphones Hold Their Value Better Than Others Says Report

Cellphones are everywhere. There are literally billions of them in service and many people have and regularly use more than one. They also represent a significant investment, and the hope is that when you buy one, it will provide you with at least a few years of reliable service and retain a fair amount of its value. You get it hoping that when the time comes to trade it in on a newer model, you get a significant amount of money for it.

Unfortunately, cellphones tend to lose value at wildly differing rates. This is an entirely intuitive conclusion, but until recently, it was something that hasn’t been closely tracked. Until now. BankMyCell is a website that tracks the trade-in values of a staggering array of smartphone makes and models, and the details in their data may surprise you.

For instance, the company discovered that Android phones tend to lose their value at roughly twice the rate of iPhones in the first year, with the trade in price of Android devices giving up more than a third of their value (-33.62 percent) compared to the iPhone, which loses only 16.7 percent of its value on year one.

Things don’t get any better on year two. By that point, an Android-based phone will have lost 61.5 percent of its value, compared to -35.7 percent for iPhones.

BankMyCell’s data gets quite granular, and they have statistics for some of the most popular models available. For instance, after nine months of ownership, the company finds that the Galaxy S20 loses 34.78 percent of its value compared to the iPhone 11, which only loses 12.84 percent, while the Galaxy S20+ loses 30.59 percent of its value, versus the iPhone 11 Pro’s loss of 21.31 percent of its value. Finally, the Galaxy S20 Ultra loses 36.3 percent of its value after nine months, compared with the iPhone 11 Pro Max, which ony loses 15.96 percent of its value.

All that to say, if you’re looking for a phone that will offer the highest possible trade in value when you upgrade, then Apple’s products are hands-down the way to go.

0
Posted on Author Atlantic Computer Services Categories Blog

Rogue Malware Is An Android Users Worst Nightmare

Security researchers at Check Point have recently identified a new strain of malware that seems to be a Frankenstein’s Monster created by combining two older strains.

Dubbed ‘Rogue RAT,’ this deceptively simple bit of malicious code gives anyone who uses it the ability to record your calls, steal your passwords, read all of your messages (text or email) and more.

Even worse is the fact that the hackers behind the code are now selling it on the Dark Web for as little as $29.99 a copy. That’s grim news indeed, because it puts a surprisingly powerful hacking tool in the hands of anyone with thirty bucks to spare, whether they have any actual hacking skill or not.

At the root, Rogue RAT is a keylogger, allowing a hacker to infect a target system and keep track, keystroke by keystroke, everything the user does on that system. Every time the user logs into his or her bank, or any other password protected sites, the controllers of the malware wind up with that information. It gives them the keys to the target’s virtual kingdom and allowing them to cause no end of trouble for an unwary or unobservant victim.

Recent updates to Rogue RAT also allow it to monitor the GPS position of the target, activate the camera to take pictures, activate the mic to record phone calls or in-person conversations happening within proximity of the infected device, and more.

Complicating the issue further is the fact that since it’s widely available, there’s no one preferred method of infection. That depends on the person who bought the malware. Although in practice, many use simple phishing techniques, attaching a poisoned file to an email and relying on social engineering techniques to tempt the recipient into opening the file.

In any case, Rogue RAT is a legitimate danger and should not be dismissed or discounted. Ignore it at your peril.

0
Posted on Author Atlantic Computer Services Categories Blog

New Android App Go SMS Pro Has Security Vulnerability

Do you use the Go SMS Pro Android app? If so, you’ve got plenty of company. The app is one of the most popular on Google’s Play Store, boasting more than 100 million installs. That, unfortunately, is the problem. A few months ago, Trustwave discovered and disclosed a major flaw in the app that allowed unauthenticated attackers to gain unrestricted access to voice messages, videos, and photos that had been privately shared between Go SMS Pro users.

The problem stems from the fact that when users send messages to one another, they’re stored on Go SMS Pro servers and message recipients are given shortened URLs which directs them to the actual content.

Unfortunately, those URLs are generated sequentially, which of course means that any hacker who spends a bit of time experimenting can correctly deduce the next URL in the sequence and easily access content that was not intended for him or her. This opens literally all of the content shared by all the users of the app open to abuse. Once the shortened URL is deduced, it’s simply a matter of copying and pasting it into any browser.

The code team leapt into action and was quick to update the app with a version that promised to close that loophole. On November 20th, 2020, Google removed the old version and replaced it with the updated one.

Unfortunately, the latest version didn’t actually fix the problem. The new version disabled the share functionality so that no new content can be shared, but all of the previously shared materials are still on the server and can still be accessed. Worse, there’s absolutely nothing that an individual user can do to remove his or her previously shared content from the app’s servers. As word of the flaw has spread, hackers all over the world have been designing tools to download the content.

The bottom line is, if you use this app and you’ve shared sensitive files with anyone, odds are that one or more hackers now has a copy of whatever you shared.

0
Posted on Author Atlantic Computer Services Categories Blog

Hackers Using Minecraft Modpacks To Distribute Malware On Android Devices

If you’re an avid gamer, you’re almost certainly at least passingly familiar with Minecraft, and you may be an active player. Despite its blocky, simplistic graphics, it’s the most popular game of all time. It is very prevalent on the internet.

If you play on an Android device, be aware that hackers are now exploiting the game’s popularity to install adware on systems.

They’re doing this by finding ways around Google’s strenuous checks and getting fake Minecraft Modpack apps listed on the store.

Name recognition alone has lured more than a million people to install these poisoned apps. The apps are actually just empty shells that don’t include any Minecraft mods at all, but simply install annoying adware that makes using your Android device virtually impossible thanks to the endless parade of full screen advertisements that pop up, often as frequently as once every two minutes. Every ad that gets displayed puts money in the attackers’ pockets.

Researchers at Kaspersky detected the operation, but it took a while because the hackers used bots to give their apps fake five-star reviews, which served to counter the understandably low rankings from actual users.

To add insult to injury, simply deleting the app from your menu screen won’t actually remove the adware. To do that, you have to take the time to go into the Apps menu under device settings, which is a step that often gets overlooked. That means even after a user deletes the offending app (or thinks he has) ads continue to be displayed, making the attackers even more money.

Once Kaspersky discovered the campaign, Google took swift action and removed the offending modpacks from the Play Store. However, If you’re a fan of the game, and you’re seeing an inordinate number of ads recently, this is quite likely the reason why.

0
1 8 9 10 11 12 17