Android banking trojans: How they steal passwords and drain bank accounts

andreasc
-
0
Android banking trojans: How they steal passwords and drain bank accounts
[ad_1]

For the most popular operating system in the world—which is Android and it isn’t even a contest—there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals.

These are “Android banking trojans,” and, according to our 2024 ThreatDown State of Malware report, Malwarebytes detected an astonishing 88,500 of them last year alone.

While the 2024 ThreatDown State of Malware report focuses heavily on the corporate security landscape today, make no mistake: Android banking trojans pose a serious threat to everyday users. They are well-disguised, hard to detect in regular use, and are a favorite hacking tool for cybercriminals who want to automate the theft of online funds for themselves.

What are Android banking trojans?

The idea behind Android banking trojans—and all cyber trojans—is simple: Much like the fabled “Trojan Horse” which, the story goes, carried a violent surprise for the city of Troy, Android banking trojans can be found on the internet disguised as benign, legitimate mobile apps that, once installed on a device, reveal more sinister intentions.  

By masquerading as everyday mobile apps for things like QR code readers, fitness trackers, and productivity or photography tools, Android banking trojans intercept a person’s online interest in one app, and instead deliver a malicious tool that cybercriminals can abuse later on.

But modern devices aren’t so faulty that an errant mobile app download can lead to full device control or the complete revelation of all your private details, like your email, social media, and banking logins. Instead, what makes Android banking trojans so tricky is that, once installed, they present legitimate-looking permissions screens that ask users to grant the new app all sorts of access to their device, under the guise of improving functionality.

Take the SharkBot banking trojan, which Malwarebytes detects and stops. Last year, Malwarebytes found this Android banking trojan hiding itself as a file recovery tool called “RecoverFiles.” Once installed on a device, “RecoverFiles” asked for access to “photos, videos, music, and audio on this device,” along with extra permissions to access files, map and talk to other apps, and even send payments via Google Play.

These are just the sorts of permissions that any piece of malware needs to dig into your personally identifiable information and your separate apps to steal your usernames, passwords, and other important information that should be kept private and secure.

The introduction screen when opening “RecoverFiles” and the follow-on permissions it asks from users. Once installed, it is invisible on the device home screen.

Still, the tricks behind “RecoverFiles” aren’t yet over.

Not only is the app a clever wrapper for an Android banking trojan, it could also be considered a hidden wrapper. Once installed on a device, the “RecoverFiles” app icon itself does not show up on a device’s home screen. This stealth maneuver is similar to the features of stalkerware-type apps, which can be used to non-consensually spy on another person’s physical and digital activity.

But in the world of Android banking trojan development, cybercrminals have devised far more devious schemes than simple camouflage.

Slipping under the radar

The problem with the Ancient Greeks’ Trojan Horse strategy is that it could only work once—if you don’t sack Troy the first time, you better believe Troy is going to implement some strict security controls on all future big horse gifts.

The makers of Android banking trojans have to overcome similar (and far more advanced) security measures from Google. As the Google Play store has become the go-to marketplace for Android apps, cybercriminals try to place their malicious apps on Google Play to catch the highest number of victims. But Google Play’s security measures frequently detect malware and prevent it from being listed.

So, what’s a cybercriminal to do?

In these instances, cybercriminals make an application that is seemingly benign, but, once installed on a device, executes a line of code that actually downloads malware from somewhere else on the internet. This is how cybercriminals recently snuck their malware onto Google Play and potentially infected more than 100,000 users with the Anatsa banking trojan.

What was most concerning in this attack was that the malicious apps that made it onto the Google Play store reportedly worked for their intended purposes—the PDF reader read PDFs, the file manager managed files. But hidden within the apps’ coding, users were actually downloading a set of instructions that directed their devices to install malware.

These malicious packages are sometimes called “malware droppers” as the apps “drop” malware onto a device at a later time.  

What does it all mean for me?

There’s a lot of technical machinery at work inside any Android banking trojan that is put in place to accomplish a rather simple end goal, which is stealing your money.

All the camouflage, subterfuge, and hidden code execution is part of a longer attack chain in which Android banking trojans steal your passwords and personally identifiable information, and then use that information to take your money.

As we wrote in the 2024 ThreatDown State of Malware report:

“Once it has accessibility permissions, the malware initializes its Automated TransferSystem (ATS) framework, a complex set of scripts and commands designed to perform automated banking transactions without user intervention. The ATS framework uses the harvested credentials to initiate unauthorized money transfers to accounts held by the attacker. This mimics real user behavior to bypass fraud detection systems.”

Staying safe from Android banking trojans

Protecting yourself from Android banking trojans is not as simple as, say, spotting grammatical mistakes in a phishing email or refusing to click any links sent in text messages from unknown numbers. But just because Android banking trojans are harder to detect by eye does not mean that they’re impossible to stop.

A graphic showing that Malwarebytes detected Android banking trojans 88,500 times in 2023

Malwarebytes Premium provides real-time protection to detect and stop Android banking trojans that are accidentally installed on your devices. It doesn’t matter if the banking trojan is simply a malicious app in a convenient package, or if the banking trojan is downloaded through a “malware dropper”—Malwarebytes Premium provides 24/7 cybersecurity coverage and stops dangerous attacks before they can be carried out.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


[ad_2]
Source link

Bluesky now lets its users host their own servers

andreasc
-
0
Bluesky now lets its users host their own servers
[ad_1]

After ditching the waitlist and opening the platform to everyone, the X competitor Bluesky is now federating its network by letting users run their own servers. The company announced the news on Thursday, adding that users can distance their data from the company’s servers and self-host their data.

All social media platforms store users’ data on their servers, and users do not have much control over that data. A server might be vulnerable to cyberattacks and compromise user’s data, which has happened quite often in recent years. This is the traditional method. But the latest social platform, dubbed decentralized platforms, seeks to change this and give users more control over their data.

Bluesky allows users to self-host their data

Founded by former Twitter (X) CEO Jack Dorsey, Bluesky seems to be the first decentralized social platform that’s making this come true. The Bluesky’s federation network is still in the early phases of implementation and will open up to more servers in the future.

As the company explains, user’s data is stored on Bluesky servers by default. However, users can opt out of the company’s servers anytime and host their data on any provider they want. The transition process happens without losing existing posts, likes, or follows.

Since the implementation has just started, the company has put some “guardrails” in place to ensure a smooth transition process. The company says on its developer’s blog that users can only self-host one Bluesky account at a time. However, the limits will extend to 10 accounts with rate limits in the future. Bluesky added it will increase baseline rate limits as “trust and reputation is established.”

Meanwhile, Bluesky demands users to be more cautious with their account transition. Or at least do not self-host their main account for now since the process has just started and could be slow and faulty.

Bluesky uses its own AT Protocol instead of ActivityPub

There are some differences between Bluesky and its main rival, Mastodon. The first noticeable difference is Bluesky relies on an in-house and exclusive protocol called “AT Protocol.” However, Mastodon and other decentralized platforms are built based on ActivityPub.

“On Bluesky, server choice doesn’t affect what content you see. Servers are only one piece of the protocol — when you browse Bluesky, you see posts that are pulled together from many different servers.” The company added. “This is why you can change your server after signing up without losing your username, friends, or posts.”


[ad_2]
Source link

Reddit goes public and invites users to buy shares

andreasc
-
0
Reddit goes public and invites users to buy shares
[ad_1]

A popular social and news aggregation platform Reddit officially announced it had filed its S-1 registration statement with the SEC to become a publicly traded company. The platform offers Class A common stock on the New York Stock Exchange under the “RDDT.”

The number of shares and price are yet to be determined before going public. Reddit has disclosed the number of its active users and revenue in the S-1 documents handed to the SEC. Accordingly, Reddit has 73 million daily users and over 100,000 active communities at the time. The platform’s total posts have also surpassed the 1 billion mark.

Reddit will become a publicly traded company on the New York Stock Exchange

Founded in 2005, the 18-year-old San Francisco-based company reported an $804 million revenue for the 2023 fiscal year, which shows a 20% increase. Meanwhile, the company had a net loss of $90.8 million last year, making it unprofitable.

As NYTimes reports, Reddit seeks a valuation of at least $5 billion. The company was valued at $10 billion in a 2021 private financing round. The final price will be determined after careful evaluations by bankers.

Reddit also considers selling an unspecified number of its shares to “certain users and moderators identified by us who have meaningfully contributed to Reddit community programs.” So, the platform’s loyal customers can buy shares before other investors and hope to make an early profit.

Additionally, users with a karma score of at least 200,000 and users who have performed at least 5,000 moderator actions can buy shares in the Reddit IPO sooner than everyone else. Reddit also announced it had saved 1.3 million shares of its Class A common stock “to fund community-related programs that empower Redditors to bring their ideas to life.”

Reddit uses its data as an advantage to sign AI training deals

CEO Steve Huffman said, “I have never been more excited about Reddit’s future than I am right now.” Huffman added that Reddit now has the chance to grow its platform and business through advertising, monetizing commerce, and licensing data. Reddit CEO also said their data advantage and intellectual property are “key elements” in training future LLMs.

On Thursday, Reddit announced an AI training deal with Google to help the tech giant train its AI models. The deal is reportedly worth $60 million per year. The company previously blocked AI startups from scraping its data for free.


[ad_2]
Source link

WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking

andreasc
-
0
WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking
[ad_1]

A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk.

The vulnerability was discovered by Christiaan Swiers and reported through the Wordfence Bug Bounty Program, earning him a bounty of $2,063.00.

The flaw in question is an unauthenticated SQL Injection vulnerability that could allow attackers to extract sensitive data, such as password hashes, from the affected websites’ databases.

You can analyze a malware file, network, module, and registry activity with the ANY.RUN malware sandbox, and the Threat Intelligence Lookup that will let you interact with the OS directly from the browser.

Ultimate Member Plugin Flaw

The vulnerability was found in versions 2.1.3 to 2.8.2 of the Ultimate Member plugin. It was caused by insufficient escaping of the ‘sorting’ parameter and a lack of preparation in the SQL query, which could be exploited through a Time-Based blind SQL injection approach.

This method involves attackers using SQL CASE statements and the SLEEP() command to extract information based on the response time of each request.

However, it’s important to note that the vulnerability critically affects only those users who have enabled the “Enable custom table for user meta” option, as the vulnerable Member_Directory_Meta class is loaded only in this configuration.

The Wordfence firewall rule detects the malicious SQL query and blocks the request.
The Wordfence firewall rule detects the malicious SQL query and blocks the request.

Disclosure & Prompt Patching

Wordfence received the vulnerability submission on January 30, 2024. The same day, they validated the report, confirmed the exploit, and contacted the Ultimate Member Team.

The team responded promptly and began working on a fix after receiving full disclosure details from Wordfence.

The Ultimate Member Team released a patch on February 19, 2024, addressing the vulnerability with the updated version 2.8.3 plugin.

Wordfence urges all users of the Ultimate Member plugin to update to the latest patched version immediately to safeguard their sites against potential attacks.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

Major Samsung Galaxy A55 leak reveals specs, price & launch date

andreasc
-
0
Major Samsung Galaxy A55 leak reveals specs, price & launch date
[ad_1]

Samsung will soon launch a new premium mid-range smartphone, the Galaxy A55. It will arrive in a few weeks as the company’s best value for money for 2024. We already know a lot of things about the device thanks to leaks and certifications. A major leak has now revealed its entire spec sheet, price, and launch date, leaving little to the imagination.

The biggest Galaxy A55 leak is here to bare it all

According to a WinFuture report, Samsung will equip the Galaxy A55 with a 6.5-inch AMOLED display featuring a 2340 x 1080 pixels resolution, 120Hz refresh rate, and 1,000 nits of peak brightness. The screen is marginally bigger than the Galaxy A54’s 6.4-inch panel. In fact, the device itself is taller and wider than its predecessor. It measures 161.1 x 77.4 x 8.2 mm in dimension and weighs 213 grams. The Galaxy A54 is 158.2 x 76.7 x 8.2 mm and 202 grams.

Despite a bigger profile, the Galaxy A55 packs the same 5,000mAh battery with 25W wired charging. Samsung is also keeping the camera setup unchanged from the 2023 model, including the front camera. We are talking about a 50MP primary shooter with an f/1.8 aperture and OIS (Optical Image Stabilization), a 12MP f/2.2 ultrawide camera, and a 5MP F/2.4 macro camera. On the front, the device has a 32MP selfie camera with an f/2.2 aperture.

The Galaxy A55 can record 4K videos at 1080p resolution with its primary rear camera and selfie camera. Once again, no changes over its predecessor. The device also shares the IP67 dust and water resistance rating with the 2023 model. So what has changed? Well, on the outside, the design and build quality. Samsung has upgraded the phone to an aluminum frame from a plastic frame and introduced the Key Island design.

On the inside, the Galaxy A55 gets a newer Samsung Exynos 1480 chipset with AMD-powered custom GPU. The chipset is paired with 6GB/8GB RAM and 128GB/256GB storage options. The device runs Android 14-based One UI 6.1 out of the box. Other known specs include NFC, Bluetooth 5.3, WiFi 6, under-display fingerprint scanner, microSD card slot, stereo speakers, and USB-C 2.0. The handset comes in Navy, Ice Blue, White, and Purple colors.

The Galaxy A55 launches in early March with a price cut

Samsung reportedly plans to launch the Galaxy A55 and Galaxy A35 on March 11. The 6GB+128GB variant is said to cost €450, notably less than the Galaxy A54’s entry price of €490. For higher RAM and storage, you will have to shell out around €500, which is still a €50 price cut over the 2023 model. If the phone sees a similar drop in prices in the US, it would be an appealing product in the premium mid-range segment.


[ad_2]
Source link

Microsoft almost sold Bing to Apple, here’s why it didn’t happen

andreasc
-
0
Microsoft almost sold Bing to Apple, here’s why it didn’t happen
[ad_1]

Last September, there were reports that Microsoft tried to sell its Bing search engine to Apple at one point. The talks between the tech giants reached an exploratory stage in 2020 but didn’t get more advanced due to Bing’s quality issues. Now, a court document related to Google’s antitrust trial with the DOJ, which was unsealed on Friday, suggests a similar claim.

Microsoft pitched Apple the idea of making Bing the default search engine on Safari many times

The unsealed document has revealed that Microsoft pitched Apple the idea of making Bing the default search engine on Safari many times. The Redmond-based tech giant tried it as many as six times in 2009, 2013, 2015, 2016, 2018, and 2020. The company even tried to sell Bing to Apple in 2018, apart from offering to establish a Bing-related joint venture. However, every time, Apple declined citing the quality and features of Bing over Google Search, reports CNBC.

In the document, Google mentioned that “In each instance, Apple took a hard look at the relative quality of Bing versus Google and concluded that Google was the superior default choice for its Safari users. That is competition”. The search titan claims that Apple rejected Microsoft’s offer citing the under-par search quality of Bing. The CNBC report also quotes Eddy Cue, Apple’s Senior Vice President of Services, mentioning that Microsoft wasn’t investing enough in search quality and investment.

“Microsoft search quality, their investment in search, everything was not significant at all,” said Eddy Cue, as per the filing. “And so everything was lower. So the search quality itself wasn’t as good. They weren’t investing at any level comparable to Google or to what Microsoft could invest in. And their advertising organization and how they monetize was not very good either.”

Apple is making billions by keeping Google as its default search engine

For the uninitiated, Apple is making billions of dollars by keeping Google as its default search engine. Well, there’s no concrete number, but reports suggest that Google pays nearly upwards of $20 billion yearly to Apple for their deal. Notably, during the antitrust trial, Eddy Cue (Apple’s SVP of Services) testified that if Apple hadn’t received such massive payments from Google, it would have developed its own search engine.

Many industry analysts suggest that the Cupertino tech giant will eventually launch its own search engine. Over the years, many reports have been suggesting that as well. However, given the amount of money the company is already making from Google, we don’t think it will happen any time soon.

Currently, Google is the king of search with a market share of nearly 92 percent as of January 2024, as per StatCounter. As for Bing, it reportedly caters to just around 4 percent of searches across the globe. It’s worth pointing out that StatCounter reports that Bing’s user base is growing gradually. In January 2023, it claimed a market share of 3.03 percent, which has risen to 3.43 percent in January 2024


[ad_2]
Source link

Google’s Gemini AI image tool will be up in no time, but will it rewrite users’ prompts and insert alterations?

andreasc
-
0
Google’s Gemini AI image tool will be up in no time, but will it rewrite users’ prompts and insert alterations?
[ad_1]

Google aims to relaunch Gemini AI image tool in a few weeks, a Reuters report reads.

The latest image-generating tool in the AI craze was paused some days ago, after the inaccuracy backlash over the way Gemini’s image tool generated people.

Google’s AI image generator was designed to turbo-perform on topics of diversity and inclusivity, to the point when it refused to generate white people and in historical context. The reports of the tool generating non-white Vikings went under the radar, but once Gemini AI started generating black German soldiers from the 1940s, things got really controversial.

The information for Gemini’s AI tool revival comes from Google DeepMind CEO Demis Hassabis on MWC – Google DeepMind is the unified Google AI lab DeepMind and the Google Brain (its AI research division). Last summer, it was Hassabis who announced that Gemini is coming.

Since the launch of OpenAI’s ChatGPT in November 2022, Google has been racing to produce AI software to rival that of the Microsoft-backed company.

In 2023, when Bard was released (later rebranded to Gemini), it had shared inaccurate information about pictures of a planet outside the Earth’s solar system in a promotional video, causing its shares to drop by as much as 9%.

“We have taken the feature offline while we fix that. We are hoping to have that back online very shortly in the next couple of weeks, few weeks”, Hassabis said in Barcelona, adding that the tool was not “working the way we intended”.

Meanwhile, people claim to know exactly what’s been going on with Google’s Gemini AI image tool: according to an X/Twitter post, Google’s Gemini system seems to add phrases to a user’s image-generation prompt (the instruction, such as “make a painting of the founding fathers”) and inserting terms for racial and gender diversity, such as “South Asian” or “non-binary” into the prompt before it is sent to the image-generator model.

If this is correct, it means that the Gemini AI image tool is working perfectly well on the picture generating front – it’s just that it’s not your exact words it’s been fed. Does this happen with Google’s search engine as well?


[ad_2]
Source link

Hackers Actively Hijacking ConnectWise ScreenConnect Servers

andreasc
-
0
Hackers Actively Hijacking ConnectWise ScreenConnect Servers
[ad_1]

ConnectWise, a prominent software company, issued an urgent security bulletin on February 19, 2024, revealing two significant vulnerabilities in its self-hosted ScreenConnect servers.

These vulnerabilities were initially reported on February 13 through a vulnerability disclosure program and were not actively exploited until February 20.

The first vulnerability, identified as CVE-2024-1708, is a path traversal issue with a high severity score of 8.4.

The second, CVE-2024-1709, is a remote code execution flaw with a maximum severity score of 10.0, indicating a critical risk.

You can analyze a malware file, network, module, and registry activity with the ANY.RUN malware sandbox, and the Threat Intelligence Lookup that will let you interact with the OS directly from the browser.

Analysis by the Shadowserver Foundation, & Shodan search engine found over 8,200 publicly accessible, unpatched ScreenConnect servers, predominantly in the United States, Canada, and the United Kingdom.

Exploits and Malware Distribution

By February 21, a proof-of-concept exploit was uploaded to GitHub, and a Metasploit module for CVE-2024-1709 was released, making the vulnerabilities easily exploitable by hackers of varying skill levels.

Secureworks researchers discovered that several of their customers’ servers had been scanned for these vulnerabilities, with some showing evidence of intrusion.

One incident involved the execution of a Cobalt Strike Beacon payload through a compromised ScreenConnect server.

Another attack involved downloading a legitimate SentinelUI.exe file, a DLL, and an encrypted file containing an encoded payload.

This malware impersonated Microsoft Windows Update network traffic for communication.

Huntress and Sophos reported similar incidents where Cobalt Strike Beacon and other malware like LockBit ransomware and AsyncRAT were distributed after exploiting these vulnerabilities.

Organizations are recommended to immediately upgrade vulnerable ScreenConnect servers and conduct forensic examinations for signs of exploitation.

They also recommend using available controls to review and restrict access based on the indicators provided in their security bulletin.

Secureworks Counter Threat shared a list of IP addresses and domain names associated with the attacker infrastructure, MD5, SHA1, and SHA256 hashes of the distributed Cobalt Strike Beacon DLLs and other malware samples; the list can be found here.

Organizations should consider the risks before opening these indicators in a browser, as they may contain malicious content.

ConnectWise’s security bulletin serves as a critical alert for organizations using ScreenConnect servers to take immediate action to protect their networks from these serious threats.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are extremely harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.


[ad_2]
Source link

Google’s rolling out new updates to Simplify your Day

andreasc
-
0
Google’s rolling out new updates to Simplify your Day
[ad_1]

Google has arrived in MWC Barcelona with a slew of additional updates for Android. This is on top of everything that was announced at CES last month. Google has nine new Android features that will start rolling out in the coming weeks.

First up is Gemini coming to Google Messages. Starting this week, you will be able to chat with Gemini from within the Google Messages app. You can use Gemini to draft messages, brainstorm ideas, plan events, or have a fun conversation without leaving the Messages app.

Google is also bringing AI over to Android Auto. Thanks to AI, your messages and busy group chats can be automatically summarized and read to you while you’re driving. It is also able to suggest relevant replies and actions. Allowing you to stay focused on the road while keeping up with your messages.

On the accessibility front, Google is rolling out a new feature that will let you hear AI-generated captions for images. Thanks to image captions on Lookout, you can now listen to auto-generated AI descriptions of photos, online images, and pictures included in messages. The company says that this is designed specifically for blind and low-vision users.

Google Lens in Maps is getting a massive update

Google Lens is getting a nice update within Google Maps. You will now be able to use an enhanced screen reader in Lens, which will help you explore nearby and identify places like ATMs, restaurants, and transit stations. Just point your phone’s camera at your surroundings, and TalkBack is able to read the place’s information out loud. This includes business hours, ratings, or directions. This is great for those who are blind or have low vision but also great for those unfamiliar with the area.

Handwritten markup is coming to Google Docs as well. Allowing you to add handwritten annotations to your Google Docs from your Android smartphone or tablet. The Output Switcher on Android is also getting support for Spotify, so you can listen uninterrupted. YouTube Music was already supported, so it’s good to see this expanding to other music services.

The Fitbit app is going to allow you to bring in even more data. These days, many of us use different fitness services and devices. Whether that’s an Oura Ring, MyFitnessPal to track runs and calories, or AllTrails for your hikes, now all of that data can be pulled into the Fitbit app.

Google Wallet Passes are finally arriving on Wear OS. With Wear OS watches, you’ll be able to easily access boarding passes, event tickets, gym memberships, loyalty cards, and much more from your wrist.

Finally, transit directions on your wrist. Google is bringing public transit directions for Google Maps to Wear OS. Allowing you to quickly traverse the different subway stations around the world without pulling out your phone. You can look up departure times on your smartwatch and get compass-guided navigation directions, too.

These are all rolling out to compatible devices in the coming weeks.


[ad_2]
Source link

TECNO’s new POVA 6 Series just stole the show at MWC Barcelona

andreasc
-
0
TECNO’s new POVA 6 Series just stole the show at MWC Barcelona
[ad_1]

TECNO has just announced its newest smartphone, the POVA 6 Pro 5G, at MWC Barcelona. If you take a look at its spec sheet, you might be a bit confused, wondering if this is a mid-range or a flagship smartphone. It’s a stunning 6.78-inch device that comes in Meteorite Gray and Comet Green and is made for gamers and tech fans wanting “hardcore capabilities.”

The specs on the POVA 6 Pro 5G are absolutely wild, and we’re here for it. This beast has the MediaTek Dimensity 6080 processor, which is really the only qualifying factor for this being a “mid-range” phone. On top of that, it sports 8GB of RAM or 12GB of RAM and 256GB of storage. That’s powered by a 6,000mAh capacity battery, which charges at 70W. TECNO has really thrown everything into this phone.

On the camera front, TECNO includes a 32-megapixel front-facing camera with dual-tone LED flash and a 108-megapixel primary camera. It also offers 10x optical zoom, thanks to in-sensor zoom technology.

The best looking gamer-centric phone on the market

The POVA 6 Pro 5G is a stunning smartphone; whether it’s a mid-ranger or a flagship phone, it’s one that would definitely be on my shortlist for my next smartphone. As mentioned before, it does come in two colors: Meteorite Gray and Comet Green. It’s not quite a translucent design on the back, but it is pretty similar. There’s a slight camera bump, but nothing as massive as some other flagship phones these days.

It uses a dynamic light effect on the back, which includes 210 single-point controlled ultra-micro mini LEDs that create ring-shaped and propeller-shaped light effects. The phone seemingly integrates the light effect and the lens into one, bringing the scene reminder function to life. It has up to nine different modes and over 101 different user-defined effects, which can be used for calls, messages, power status, and more.

The POVA series is designed for gamers, and the POVA 6 Pro 5G does a great job with sustained performance. Part of that comes down to the SuperCooled System, which uses a 10-layer stack structure, a 5W phase-change thermal gel, a 2871.78mm VC heatsink, and 1700W graphite thermal conductivity. This helps the phone perform at its optimal temperature all day long.

The TECNO POVA 6 Pro 5G will go on sale in the Philippines, Saudi Arabia, and India at the end of February. It launched in key regions spanning Southeast Asia, South Asia, the Middle East, and Latin America following the initial launch.


[ad_2]
Source link
1...381382383...1,476Page 382 of 1,476