Tag Archives: smartphone security

Newly Detected Chrome Exploit Puts Every Android Users at Risk

Engadget reports that each version of Android with the latest Chrome are pretty compromised. During the panel PSN2OWN PacSec conference in Tokyo last November 11, Guang Gong, a researcher Quihoo 360, demonstrated the operation of the exploit. The details have not been fully disclosed, but in essence the exploit uses JavaScript v8 to give the attacker full administrative access to the device in one shot.

New Chrome Exploit Puts Android Users in truoble
The organizer of PacSec Dragos Ruiu explained to Vulture South, “The impressive thing is that the exploit Guang works in one shot: most people these days have to exploit several vulnerabilities to gain privileged access to software without interaction”.

“As soon as your phone has access to the vulnerabilities site in Chrome JavaScript V8 is used to install an arbitrary application (in this case a game of BMX bikes) without any interaction from the user to gain control of the telephone,” he further said Dragos Ruiu.

PC Mag noted that from the time when Google was notified of the bug during the conference, some corrections are probably coming in and those who would take advantage of this exploit will not be able to do so. And since Guang Gong has not fully disclosed the details to the public, it may be qualified to receive an award under the program bug bounty Google , which pays rewards of up to $ 15,000 for those shows or solves problems of Chrome.

Last month were found two new vulnerabilities Stagefright , putting billions of users with devices running on Android versions also dating back to the distant 2008 at risk. Stagefright 2.0 can affect devices running versions of Android Lollipop (5.0 to 5.1.1) through remote code execution, Zimperium said in a report, and can be exploited via a web browser. Zimperium informed Google of these defects on August 15 and October 5, and Google has released new patches promptly.

Samsung fixes a security bug in the Samsung Galaxy S4

For urgent problems, quick answers. Just a few hours ago, we learned that the Korean company Samsung has made an important decision for the safety of the owners of its flagship, the Samsung Galaxy S4. Mediatest Digital, dedicated to testing on the safety of mobile devices and software , was able to steal confidential data of some units of this model. Apparently, the names, email addresses and passwords at risk. It is clear that to get them, Mediatest used their sophisticated engineering, which means that access to private information of the users of the Samsung Galaxy S4 was difficult, but not impossible. The company moved this information to the average German Heise Security who was commissioned to confirm the problem. After sending this information to the company itself Samsung, the manufacturer responded to the problem immediately, so no need to worry.

Samsung Galaxy S4 due to rapid wear and tear of the batteries of their mobile devices

Throughout all these years and unlike other companies, Samsung has practiced transparency. And this time could not happen otherwise. As revealed by the average Heise, Samsung took a few hours to respond. So much so that just five days later, has publicly announced that the security hole has been fixed. Unfortunately, we have no information detailing the type of tests have been conducted and the characteristics of the patch. What made Mediatest to squeeze through this hole was to access the device via the WiFi connection. Thus, anyone who could hack the team would have access to personal user data, but could also record and track the movements you do with your phone in your pocket. It could also lock the device and redirect calls to fraudulent numbers.

Luckily, right now the ruling already has a solution. From this point, it is best for users who have a Samsung Galaxy S4 is change passwords. It is a task that everyone should do often, but in this case the gesture is required. You can change them by clicking your user accounts on Samsung through the web. For other services (email accounts, social networks and any other areas in which you subscribe), accessed either via mobile phone or the web, and it changes keys. It is a simple task that will help protect your security doubly aboard the mobile.

If after that you want to continue protecting your mobile phone on the market have different solutions at your disposal that allow you to add an extra protection to your Android. You must not forget that the Google OS is already present in more than 80% of smartphones today, so in a short time has become an interesting target for hackers. Several security companies offers its customers (both individuals and companies) package Security for Android that provides protection when surfing the Internet and is able to detect malicious apps and Android virus. They also protect you from annoying calls and SMS advertising and activate different password protection systems. It is easy to use and includes protection for loss or theft to lock the device, locate and delete the data remotely.

Apple suffered pirate attacks in its developers’ portal

According to the report from Apple, parts of the information of some 275,000 registered external developers would have been stolen.

Ibrahim Balic, a Turkish security analyst, would be responsible for the attack to the portal. It is the first attack’s news against an American company portal.

Apple has been in the news so far run of the year for their possible releases and presentations of products and improved operational systems. Now, they are news on malfunction in their security system, specifically in the portal for developers that is out of service since last Thursday.

According to the official release of the North American company, an attacker tried to access the personal information of the developers; name, postal address, and email address; forcing Apple to prevent access to their page. Company representatives ensure that the most sensitive information is protected but as security filters are hardened, the portal will remain closed until further notice.

the most sensitive information is protected but as security filters are hardened

According to an interview published by The Guardian, a Turkish security analyst called Ibrahim Baliç would be responsible for the attack. Man, based in London, said that his intention was not the attack the site or remove the same information but reporting a total of 13 bugs that allowed access to the information of the users registered on the portal.

He added that just after reporting failures in the system to Apple and upload a video to YouTube with information from some users, portal failed to allow access to the Internet. He says that Apple has not made him any comment in this regard.

It is estimated that 275,000 developers registered on the portal have been white attack, and according to an e-mail sent Sunday night by the company to the developers, it does not rule out that some names and addresses – both physical and electronic mail.

The representatives say they do not know who is behind the attack or their motives: with this, disown Balic participation in the events. The underlying problem is that some users of the site have said they received alerts to reset their password. This information could allow the creation of apps with malware, something Apple already categorically denied that the attack did not affect the code developers.

According to reports from the company, the developer portal is not associated with the customer information from the App Store or iTunes Store and to compensate developers while restoring the site, membership extended periods of users and not withdraws any software that has been uploaded.

This is the first attack that has news that suffers from a website of the American company, but the consequences could be more serious than budgeted. According to other security analysts, the underlying problem might be a massive loss of information from the developers. The attack comes at a bad time for Apple, just prior to the presentation of its new products, including the final version of iOS 7.

If anything serves as a consolation to the Apple company, Ubuntu and Tango also were hacked in recent days.

SIM card Virus To Steal Information from Smartphone

If your smartphone or tablet has an application with a “gray face biting a pink SIM card”, unfortunately you are infected by a Trojan. This is a new virus named as Simhosy, designed to steal information from your phone or tablet (including those stored on the SD card) and send the data to a server via internet. Besides, this dangerous Trojan is able to intercept SMS messages sent and received, as well as phone calls, being a danger certainly your privacy and security. Till now, the virus is found only in Android smartphone and tablets.

How to Spread the Trojan Simhosy is through one of your contacts have previously been infected, or through networking downloads or P2P file sharing. Lacking the characteristic of self-propagating, it is necessary some of the means listed above to infect other devices.

SIM card Virus To Steal Information from Android smartphone

This “friendly” virus showing on the screen of your smartphone or tablet an icon with a face biting a SIM card, comes to our devices as an application to manage our contacts (cn.hosy.simkawang), requiring user intervention (installation of) to infect the system (used social engineering techniques to trick users).

How to remove this Trojan from your smartphone?

To sanitize our system we have to go to the Android menu, select Settings and then Applications. Once we are in this menu and if you have Android 4.0 or earlier installed, go to Manage Applications and you should select the application and uninstall it. For higher versions have 4 on our smartphone or tablet applications and select All from the list that appears we have to select the application icon and proceed with removal.

Technical Details

  • Threat level: 2 – Low
  • Dissemination: Low
  • Damage: Low
  • Dispersibility: Low
  • Full name of the virus: Trojan.Android / Simhosy @ Other
  • Code Type: Trojan Horse: A program that seems beneficial or useful but turns out to be malicious at some point. It is not spread by itself.
  • Platforms affected: Android INP Platform Independent
  • File involved: Simhosy (2) Simhosy (1)
  • Permanent residence Capacity: No. It has no ability to run automatically each reboot.
  • Alias: Android. Simhosy (Symantec) Andr / Simhosy-A (Sophos)
  • Self-propagating capacity: No

Lacks own spreading routine. You can reach the system in the following ways:

Other propagation mechanism

We can reach a contact (who is already infected)
Downloaded from a file-sharing program (P2P).

Symptoms An application displays an icon that is a gray face biting a pink SIM [[image: 11062013135341_Simhosy.png]]

When Simhosy runs, it performs the following actions:
-Other shares
-Infection method
-This Trojan arrives as contact management application. This package must be installed by the user (usually will use social engineering techniques to ‘convince’ the user.

Other details

The permissions that are granted to this application to be installed are:

  • Accessing and changing the state of Wi-Fi
  • Access information about networks
  • Check the phone’s current state
  • Initiate a call without using the graphical interface or require user confirmation
  • Monitor and read the SMS from the device
  • Mounting and un-mounting file systems for external storage (SD memory access)
  • Open Network Connections
  • Read and write contact data
  • Write to external storage devices

The consequences of giving these permissions to an application can be very important, as it could establish communications: phone calls, read SMS messages could also connect Wi-Fi or other network connections to send the stolen data to a server Internet.

Given that some banks use SMS as operations validation codes, an application to be able to read the SMS and also can send data without the user’s knowledge, can be risky.

The 12 most vulnerable smartphone of the world

Everyone knows, how important security is, in all fields, including smartphones. Indeed, above them, lately, more often become a digital warehouse full of personal information, passwords, telephone numbers, credit card numbers etc. The mobile operating systems are becoming more malicious throats, that for months now “repackage” more and more malware. It’s not a totally new viruses for Symbian and Windows Mobile already existed a few years ago, but with the rapid rise in the market for more advanced systems such as Android also “crap” malignant evolve and affect where they have a greater chance of effectiveness, a situation already seen in the PC industry with Windows. Through Settebassi, remained active on Twitter, here is an interesting link to an infographic by the curated information security Bit9.

 

how important smartphone security

 

From research Bit9, emerges as the 12 smartphones are all vulnerable to the world of Android. The iPhone, however, is in 13th place, more “protected” by its rapid adoption by users of newer versions of iOS. Just update the question seems to be a little sore point in the world of Android smartphones that has all the companies involved in the ranking does not shine; unfortunately for quickly updating devices. And do not talk about some of the transition from Android 2.3 to 4.0, just come out and whose absence on most devices is justified: during the months Google has released updates to bug fixes in 2.3 branch, not always promptly accepted by OEMs, which have absolute freedom to decide whether to provide or not. The result is that 56% of Android users have an outdated version of the operating system and thus are vulnerable to additional risks than those relating to the misuse of the product. On the other hand, Apple warrants the supported devices to the latest version of iOS, which includes the bug fixes related to discovered security flaws.

 

Google may at least partially remedy this situation? Yes, if he can get more authority over licensees of the system. This is damaging because of the same company in Mountain View, which is likely to find an image not too dissimilar to that of Microsoft’s desktop on the security front. You must make at least the obligatory bugfix updates, in a time frame acceptable. This malware will not disappear, nor will the system completely safe even from careless use, but it certainly will help you better manage the situation.