FluHorse Malware Targets Android Users By Mimicking Legit Apps

andreasc
-
0
FluHorse Malware Targets Android Users By Mimicking Legit Apps
[ad_1]

Researchers have warned Android users of a new malware that steals two-factor authentication (2FA) codes for various apps. Identified as FluHorse, the malware lures users by posing as legitimate Android applications and spreads its infections via phishing emails. Users must avoid clicking links received via unsolicited emails or messages to avoid falling victim to FluHorse.

FluHorse Android Malware Steals 2FA Codes

According to a recent report from Check Point Research, their research team identified a new malware, “FluHorse,” that targets Android users’ 2FA codes.

Briefly, the malware poses as various legit apps to trick users into downloading them. These include banking apps, dating apps, or even toll collection apps.

To reach target devices, the threat actors use phishing emails that seemingly take high-profile entities, like government officials, into the loop to add a sense of credibility to the emails.

Once installed, the malware seeks permission to access SMS messages, which empowers it to steal 2FA codes. On-screen, the app keeps showing the user a “system busy” message to avoid alerting the user. This gives time for the attacker to scan all the messages.

The two fake apps used in this campaign garnered over 1,000,000 downloads each. One of these mimicked “ETC” toll collection app and aimed at Taiwan users, whereas the other one impersonated the “VPBank Neo” banking app, striving to target users in Vietnam.

These apps copied the exact layout of the original apps (with some minor differences) to ensure generating no alarms for the victim users. The malicious apps require the victim users to input their credentials and credit card details. Then, having access to the OTPs or 2FA codes empowers the attacker to successfully exploit the victims’ payment and login details even if the user had set 2FA on the respective legit apps.

The malware’s activity dates back to May 2022, which hints about how FluHorse managed escaping detection for about a year. The researchers have attributed the malware’s less complicated structure as its evasive strategy.

Check Point advised users to avoid downloading malicious apps by securing their devices with a robust antimalware.

Let us know your thoughts in the comments.


[ad_2]
Source link

It’s official, HTC will announce a new smartphone on May 18

andreasc
-
0
It’s official, HTC will announce a new smartphone on May 18
[ad_1]

HTC has been teasing the arrival of a new smartphone, and now its launch date is official. The company confirmed that the device will arrive on May 18, so in a couple of days.

The HTC U23 Pro is coming on May 18, the company brand new smartphone

This is an HTC U series smartphone, as it will allegedly be called the HTC U23 Pro. The last HTC U series phone that got announced was the HTC U20 5G. That device arrive back in June 2020.

That was a mid-range smartphone, and this upcoming device won’t exactly include a flagship SoC either, it seems. The Snapdragon 7 Gen 1 SoC is rumored, which is Qualcomm’s mid-range offering.

An AMOLED display is also expected, with a 120Hz refresh rate. The device will include at least 8GB of RAM and 256GB of internal storage. You’ll also get a headphone jack here, it will sit at the top of the device.

It will include a 108-megapixel main camera, and offer some sort of VR support

A 4,600mAh battery is also expected, as is a 108-megapixel main camera. That is basically all the spec info that we have on this phone at the moment. Android 13 will be pre-installed on the device.

One thing to note is that HTC is using the ‘Viveverse’ branding with this smartphone’s teasers. That basically means this phone will offer some sort of VR support.

We also know what the phone will look like, thanks to Evan Blass. He shared images of the phone, albeit rather tiny ones. You can check out the device in two different color options in the gallery below.

White and brown colors are shown here, and as you can see, there are quite a few camera sensors included on the back. A display camera hole sits on the front, while the bottom bezel is noticeably thicker than the rest of them.

Everything will be revealed in only a couple of days, so stay tuned for that. May 18 is the day.


[ad_2]
Source link

Trafficstealer Exploits Container APIs for Malicious Redirections

andreasc
-
0
Trafficstealer Exploits Container APIs for Malicious Redirections
[ad_1]

Researchers caught Trafficstealer actively abusing Docker Container APIs to redirect users to malicious websites. The threat actors use this new piece of software for monetizing traffic while staying under the radar.

Trafficstealer – A New Software Abusing Docker Container APIs To Make Money

According to a detailed report from Trend Micro, they noticed a new software, “Trafficstealer,” exploiting the usual internet traffic for monetization.

Briefly, their honeypots detected a unique dataset that seemed different from a cryptominer or a Linux command for spying. Specifically, they found a container abusing their lab network to redirect traffic to malicious websites or ads. Despite facing abuse, the researchers could gather information about the attackers by analyzing the JSON honeypot logs. As stated in their report,

The attackers had turned our honeypot into a revenue-generating machine for themselves, but they also left some valuable information behind, allowing us to gain a better understanding of their tactics and gather valuable learnings from this experience.

Specifically, the attack begins by deploying container images on a target network to reroute traffic through this container app. In turn, the service promises the user (the “subscriber”) some profit. The subscriber’s device then works as a proxy, keeping the entire traffic rerouting activity undetected. While that sounds harmless, it is dangerous when executed for abusing victim’s networks for monetization.

Simply put, the concept behind this mode of operations resembles that of cryptominers. The difference is that cryptomining abuses the target device’s CPU or GPU, whereas this Trafficstealer container app activity abuses the target network’s traffic.

Trend Micro observed the said image being pulled 500,000 times from the Docker Hub alone, processing 15 MB within seconds. Given the stealthy nature of this attack that even doesn’t suspect the legitimate ad services gaining the traffic (because the traffic looks legit – only that it’s redirected), the researchers suspect numerous legitimate sites willingly running the image on their networks.

To mitigate such threats, the researchers advise employing zero-trust on all container environments, keeping container APIs secured, implementing container authorization policy, and ensuring regular anti-malware scans for container images.

The researchers will continue to monitor this activity to gather more information.

Let us know your thoughts in the comments.


[ad_2]
Source link

1Password Confirms No Breach After “Password Changed” Alerts

andreasc
-
0
1Password Confirms No Breach After “Password Changed” Alerts
[ad_1]

The password management service 1Password assured users of no security breach after accidentally sending “Secret key or password changed” alerts. As explained, the glitch happened due to technical database maintenance.

1Password Sent Erroneous “Password Changed” Alerts

A few days ago, 1Password users became panicked after receiving abrupt alerts from the service notifying them about some password changes.

Interestingly, it turned out to be a mere technical glitch instead of a severe security issue, as 1Password confirmed no data breach.

Explaining the matter in a blog post, Pedro Canahuati, 1Password’s Chief Technology Officer, stated about the database migration activity that triggered the glitch. During the maintenance time period, the service received multiple sync requests from the users, and instead of correctly addressing those requests, the app erroneously responded with sign-in rejections. As stated,

Our US servers returned an error code that was interpreted on our client applications incorrectly. The client applications displayed an incorrect message stating: “Your Secret Key or password was recently changed. Enter your new account details to continue.” In reality, neither the Secret Key or password had changed.

The glitch existed between 9:03 PM and 9:26 PM ET, affecting the service’s US environments. After this time window, the traffic returned to normal, halting any further sign-in rejections.

Besides sharing the details via the blog post, 1Password has earlier posted updates on its status page to inform users about the matter.

As evident from the timeline shared on the page, 1Password first informed the users about scheduled maintenance planned for April 27, 2023, on April 11, 2023. On April 27, the service posted a short message regarding the maintenance to be ongoing.

Then, within a few minutes of this stats update, the service posted another update informing users about the erroneous messages sent to them. It labeled the glitch as an “unintended side effect” of the activity, assuring the users no change in their passwords or Secret Keys.

Canahauti assured users of thorough safety, explaining that no security breach hit the service. Nor did the event expose any user information.

Nonetheless, since the erroneous messages stressed users, the CTO apologized for the inconvenience.


[ad_2]
Source link

Catch up on Google I/O 2023 in under 10 minutes: Video

andreasc
-
0
Catch up on Google I/O 2023 in under 10 minutes: Video
[ad_1]

Google hosted its Google I/O keynote yesterday, and it was a long event, that’s for sure. The company is aware of that, so it decided to cut up a much shorter video for people to watch. You can catch up on Google I/O 2023 thanks to that video that runs for less than 10 minutes.

Google I/O 2023 keynote is now available in a shorter video form, provided by Google

The company published the video on its main YouTube channel, and we’ve embedded it below. This video will basically give you the highlights from the event, in case you didn’t catch it yesterday, or you don’t plan on watching the whole thing.

Of course, it is recommendable to watch the entire keynote if you want to get all the details. Google managed to squeeze only so much content in this 10-minute video.

The company had a lot to say during the keynote, that’s for sure. Those of you who watched the entire thing, probably couldn’t help but notice that AI was in focus. Google used the word ‘AI’ as in ‘Artificial Intelligence’ a ton of times during the keynote. It managed to squeeze it into every section of the event, basically.

Google had plenty to say during the show

Google gave us updates on its various services, and presented some new features, while also expanding existing ones. Google talked about Immersive View, Magic Editor, and also ‘Help me write’ for Gmail.

The company also talked about Android 14 a bit, and announced new hardware too. The Pixel Fold, Pixel 7a, and Pixel Tablet got announced during the keynote. The Pixel Fold is the company’s very first foldable smartphone, and Google spent most of its time talking about that product, as far as hardware is concerned.

We’re only scratching the surface here. It was a long keynote, with plenty of details. The shorter video Google cut up actually does share a ton of info, so check it out below if you’re interested.


[ad_2]
Source link

Here’s a full list of devices that have access to Android 14 beta

andreasc
-
0
Here’s a full list of devices that have access to Android 14 beta
[ad_1]

The Google I/O 2023 was full of hardware and software announcements. The company unveiled the Pixel 6a, Pixel Fold, and Pixel Tablet and released Android 14 Beta 2 for eligible Pixels. Coinciding with this, several OEMs also announced Android 14 beta programs for some of their devices. You will find the full list of devices here.

As many as ten smartphone companies are now running Android 14 beta programs, including Google. The other nine brands are iQOO, Lenovo, Nothing, OnePlus, OPPO, Realme, Tecno, Vivo, and Xiaomi. The list of devices from these firms includes the iQOO 11, Lenovo Tab Extreme (Wi-Fi), Nothing Phone 1, OnePlus 11, OPPO Find N2, OPPO Find N2 Flip, Realme GT 2 Pro, Tecno Camon 20 series, Vivo X90 Pro, Xiaomi 12T, Xiaomi 13, Xiaomi 13 Pro, and Xiaomi Pad 6.

Google has provided links to the official announcements from each OEM here. However, as pointed out by Mishaal Rahman, some links appear to be broken or lead to unpublished pages. Android Headlines has already covered the announcements for the OnePlus 11 and the OPPO Find N2 Flip. Stay tuned for information about future Android 14 beta releases from other brands. Samsung, the world’s largest smartphone company, recently started internally testing Android 14 for a few Galaxy models, including the Galaxy S23. It may start public beta soon.

That said, while Samsung’s Android 14 beta will seemingly come complete with its One UI 6 custom skin on top, these early beta builds from other brands are mostly developer previews with little to no customization over the latest AOSP (Android Open Source Project) releases. Considering the release timeline, they probably haven’t included Google’s Android 14 Beta 2 build either. All of them have warned that the first Android 14 beta build is intended for developers only. General users should avoid installing the update. It may brick the phone, rendering it useless forever.

Android 14 beta is available for all recent Pixel devices

Apart from the aforementioned 13 devices, Android 14 beta is also available for all recent Google Pixel models. Well, except for the three new Pixels the company debuted yesterday. If you have a Pixel 4a, Pixel 4a 5G, Pixel 5, Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, or Pixel 7 Pro, you can visit this website to sign up for the beta program. Once you have completed the registration, you will receive all new beta releases as long as you don’t exit the beta program or Google doesn’t push the stable update. The stable Android 14 update should arrive in August.


[ad_2]
Source link

Android 14 will automatically make Google Photos pix look brighter, and more realistic

andreasc
-
0
Android 14 will automatically make Google Photos pix look brighter, and more realistic
[ad_1]
A preview of Android 14 was strikingly absent from last week’s Google I/O developer conference. But what Google did announce was a feature called Ultra HDR. Compatible apps on Android devices running Android 14 will be able to show photographs with a wider range of colors and brightness. And since the supporting technology to run Ultra HDR is already found on flagship Android phones, as long as you update your device to the latest Android build in August, you’ll have this new feature on your phone.

Ultra HDR images are brighter, more realistic, and colorful

According to Forbes, Ultra HDR will be supported by the Google Photos app. Third-party app developers will have to decide for themselves whether to support the technology but since Adobe is making it easy for them to do so, most big-name apps will probably include Ultra HDR support. The technology works by adding an extra layer of information called a Gain Map to a standard jpeg image.
A standard dynamic range image at left compared with an Ultra HDR image - Android 14 will automatically make Google Photos pix look brighter, and more realistic

A standard dynamic range image at left compared with an Ultra HDR image

According to Adobe, whose patent explains how to create Gain Maps and how to store them in a standard jpeg file, “Images optimized for High Dynamic Range (HDR) displays have brighter highlights and more detailed shadows, resulting in an increased sense of realism and a greater impact.” Adobe adds that there is an issue as these images can look different on various devices.
Adobe explains why this happens. “There are several reasons, including varying capabilities of HDR displays and the different tone mapping methods implemented across software and platforms. Consequently, HDR content authors can neither control nor predict how their images will appear in other applications.” The Gain Map is the solution to this issue since it “combines both standard dynamic range (SDR) and HDR renditions within a single image and interpolates between the two dynamically at display time.”
The Ultra HDR technology is backward compatible which means that apps that don’t support the technology will be able to show the image in SDR. You can see the difference in the image from Google that is embedded in this article. On the left is a photo in SDR while the brighter, more vivid Ultra HDR image is on the right. Google tells app developers in the Android Developers Blog that “Rendering these images in the UI in HDR is done automatically by the framework when your app opts into using HDR UI for its Activity Window…”

Ultra HDR will soon be rolling out to those Beta testing Android 14

While Google’s Ultra HDR announcement covers only jpeg images, there is nothing that stops Apple from implementing the same technology on the iPhone’s HEIC format. Ultra HDR

will be rolling out soon to Android 14 Beta testers.

While the Android 14 Beta program has been a buggy mess, the recent release of Android 14 Beta 2 has been a huge step forward but next month we expect the Beta program to enter into platform stability. This means that internal and external APIs have been finalized and app-facing behavior has also been finalized. At platform stability, most developers are concentrating on “compatibility testing and quality.”

Still, you shouldn’t install the Android 14 Beta on your daily driver. If you must get an early jump with your Pixel 4a (5G) or later, go to the Android Beta website at  google.com/android/beta, or tap on this link. When you get to the Beta Program website, click on the rectangle that says “View your eligible devices.” You will then see a photo of your Pixel model with an Opt-in button underneath. Tap on it and follow the directions.
After a few minutes, go to Settings > System > System update to update your phone. Keep in mind that you won’t be able to exit the Beta program early without wiping the data from your device. Once the final version of Android 14 is installed on your Pixel, for a limited time you’ll be able to exit the Beta program without any penalty. And before you download any Beta software, back up your data.

[ad_2]
Source link

Android Device Migration Tools Allow Unauthorized App Cloning

andreasc
-
0
Android Device Migration Tools Allow Unauthorized App Cloning
[ad_1]

Researchers found numerous applications lacking session cookie validation when transferring data between devices. As observed, this vulnerability allows unauthorized app cloning by an adversary from the victim’s device to its own device via Android device migration tools.

Missing Validation In Numerous Apps Enable Unauthorized App Cloning On Android

According to a recent report from CloudSEK, their researchers observed a serious security risk to Android users posed via phone clone-like features.

As explained, the researchers noticed numerous apps lacking session cookie validation when copying app data to other devices.

Cloning apps is a popular feature on Android devices. Numerous vendors, such as Samsung, Realme, and Oppo, come with built-in device migration tools to facilitate users in transferring apps and phone data to new devices.

While convenient, the inherent lack of session cookie validation allows an adversary to clone apps on its own without the victim knowing. It merely requires the attacker to have physical access to the victim’s device. And if the target device lacks any security locks, such as PIN codes or biometric authentication, copying apps to another device will only take seconds.

For instance, the researchers mentioned WhatsApp as an example which, when cloned, even lets the attacker bypass 2FA because WhatsApp’s secret keys get copied to the new device.

At this point, the only way a user can know if someone has sneakily copied WhatsApp is by using WhatsApp Web, which would load messages from both devices. The user can look for any unrecognized messages sent from their account. Though, this method won’t work if the attacker deletes the relevant conversations.

The researchers demonstrated the attack using two Realme phones, RMX2170 and RMX3660, and some Oneplus and Oppo devices, using built-in migration tools, such as Realme’s Clone Phone. However, this experiment didn’t work on Samsung phones, indicating the device’s resistance to such one-click attacks.

List of apps vulnerable to malicious cloning:

The researchers have mentioned the following most-used apps failing to invalidate session cookies.

  • Canva
  • BookMyShow
  • WhatsApp
  • Snapchat
  • KhataBook
  • Telegram
  • Zomato
  • Whatsapp business
  • Strava
  • LinkedIn
  • Highway Drive
  • BlinkIT
  • Future pay – BigBazaar now owned by Reliance
  • Adani One
  • Clash of Clans, Clash Royal (Supercell)
  • Discord
  • Booking.com

Regarding the impact of such attacks, the researchers highlight malicious unauthorized access to victims’ accounts, leading to financial damages and reputational losses, as possible consequences.

Since this attack typically exploits the apps’ lack of a key security feature, keeping devices secured with screen locks is the most viable strategy to prevent it. Likewise, the researchers advise users to enable 2FA on all accounts and ensure never to leave their devices unattended in public places.

Let us know your thoughts in the comments.


[ad_2]
Source link

Official Pixel Fold video presents the phone & its features

andreasc
-
0
Official Pixel Fold video presents the phone & its features
[ad_1]

Following its Google I/O 2023 announcement, the Pixel Fold went on pre-order. We’ve already published a ton of content on the site regarding the phone, including our hands-on coverage. In order to share more info on the device, Google shared its first official Pixel Fold video, in which it shows you the device and its features.

First official Pixel Fold video shows us the phone and its features

The video itself is embedded below the article, and it has a duration of around 2 minutes. Google really did manage to cram a lot of information in this video, actually.

The video kicks off by showing you the phone’s design from various angles. Following that, you get a closer look at the phone’s cameras, and some camera features that Google is offering. Google talks about Super Res Zoom, Astrophotography, and more.

You’ll get to check out the split-screen on the Pixel Fold here, along with a new bottom bar for multitasking. You can simply drag and drop files between windows, and more.

Google also shows off its live translate feature that takes full advantage of the two screens on this phone. You can type in your language on one screen, and have it projected in a different language on the second screen.

There’s more info packed in this video, so check it out to get a better understanding of what the Google Pixel Fold has to offer.

The phone comes with Google’s latest SoC, and supports wired & wireless charging

Now, the Pixel Fold is Google’s very first foldable smartphone. It is fueled by the Google Tensor G2 SoC, and packs in 12GB of RAM. You get 21W wired and 21W wireless charging here, along with a number of features exclusive to this foldable.

There are three cameras on the back, while both of the phone’s displays are 120Hz panels. If you’d like to take a closer look at the phone’s spec sheet, click here.


[ad_2]
Source link
1...1,2461,2471,248...1,468Page 1,247 of 1,468