Category: malware

Auto Added by WPeMatico

xHelper Malware for Android

Posted on By infossl
advancedpersistentthreats, android, hacking, malware, operatingsystems, Security technology, symantec

xHelper is not interesting because of its infection mechanism; the user has to side-load an app onto his phone. It’s not interesting because of its payload; it seems to do nothing more than show unwanted ads. it’s interesting because of its persistence: Furthermore, even if users spot the xHelper service in the Android operating system’s … Read More “xHelper Malware for Android” »

Eavesdropping on SMS Messages inside Telco Networks

Posted on By infossl
eavesdropping, encryption, espionage, malware, Security technology, sms

Fireeye reports on a Chinese-sponsored espionage effort to eavesdrop on text messages: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft. Named MESSAGETAP, the tool was deployed by APT41 … Read More “Eavesdropping on SMS Messages inside Telco Networks” »

Details on Uzbekistan Government Malware: SandCat

Posted on By infossl
hacking, kaspersky, malware, operationalsecurity, Security technology, uzbekistan

Kaspersky has uncovered an Uzbeki hacking operation, mostly due to incompetence on the part of the government hackers. The group’s lax operational security includes using the name of a military group with ties to the SSS to register a domain used in its attack infrastructure; installing Kaspersky’s antivirus software on machines it uses to write … Read More “Details on Uzbekistan Government Malware: SandCat” »

New Reductor Nation-State Malware Compromises TLS

Posted on By infossl
attribution, certificates, kaspersky, malware, randomnumbers, russia, Security technology, tls

Kaspersky has a detailed blog post about a new piece of sophisticated malware that it’s calling Reductor. The malware is able to compromise TLS traffic by infecting the computer with hacked TLS engine substituted on the fly, “marking” infected TLS handshakes by compromising the underlining random-number generator, and adding new digital certificates. The result is … Read More “New Reductor Nation-State Malware Compromises TLS” »

New Unpatchable iPhone Exploit Allows Jailbreaking

Posted on By infossl
exploits, ios, iphone, malware, Security technology

A new iOS exploit allows jailbreaking of pretty much all version of the iPhone. This is a huge deal for Apple, but at least it doesn’t allow someone to remotely hack people’s phones. Some details: I wanted to learn how Checkm8 will shape the iPhone experience­ — particularly as it relates to security­ — so … Read More “New Unpatchable iPhone Exploit Allows Jailbreaking” »

New Research into Russian Malware

Posted on By infossl
cyberespionage, malware, operationalsecurity, russia, Security technology

There’s some interesting new research about Russian APT malware: The Russian government has fostered competition among the three agencies, which operate independently from one another, and compete for funds. This, in turn, has resulted in each group developing and hoarding its tools, rather than sharing toolkits with their counterparts, a common sight among Chinese and … Read More “New Research into Russian Malware” »

Massive iPhone Hack Targets Uyghurs

Posted on By infossl
android, apple, hacking, iphone, malware, Security technology, smartphones, windows, zeroday

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier this year, Google’s Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install malware on iPhones that would visit the site. (The vulnerabilities … Read More “Massive iPhone Hack Targets Uyghurs” »

Attacking the Intel Secure Enclave

Posted on By infossl
academicpapers, computersecurity, intel, malware, Security technology

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy code. Of course, that’s not true. And there are no security mechanisms that can deal with malicious enclaves, because the designers couldn’t imagine that they would be necessary. The … Read More “Attacking the Intel Secure Enclave” »

AT&T Employees Took Bribes to Unlock Smartphones

Posted on By infossl
att, bribes, cellphones, courts, hacking, malware, Security technology, smartphones

This wasn’t a small operation: A Pakistani man bribed AT&T call-center employees to install malware and unauthorized hardware as part of a scheme to fraudulently unlock cell phones, according to the US Department of Justice. Muhammad Fahd, 34, was extradited from Hong Kong to the US on Friday and is being detained pending trial. An … Read More “AT&T Employees Took Bribes to Unlock Smartphones” »

Details of the Cloud Hopper Attacks

Posted on By infossl
advancedpersistentthreats, china, fraud, hacking, ibm, intelligence, malware, Security technology, theft

Reuters has a long article on the Chinese government APT attack called Cloud Hopper. It was much bigger than originally reported. The hacking campaign, known as “Cloud Hopper,” was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple … Read More “Details of the Cloud Hopper Attacks” »