Another malicious Android Trojan has been spotted hiding in a fake Gmail app to spy and steal from those tricked into downloading it.
Discovered by the security firm NQ Mobile, the fake app hides "DDSpy," a piece of malware that, unbeknownst to the phone user, sneaks onto the device and receives commands from a remote server. Those commands, sent via text, include siphoning the victim's call log, text messages and voicemails, data that is sent to the server in an email.
Content distribution network CloudFlare reset all its customer API keys over the weekend after its CEO’s personal and corporate Gmail was breached in an “elaborate” attack on one customer, which appears to have been the 4Chan message board.
According to CloudFlare CEO Matthew Prince, "a hacker" last Friday exploited a “subtle flaw” in Google App’s Gmail password recovery process, allowing them to break into his personal account, breach his CloudFlare.com Gmail address, bypass Gmail’s two-factor authentication (TFA), and redirect one customer’s website.
Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge, said a representative from the Bureau of Investigative Journalism at a panel chaired by Julian Assange™ today.
Companies also sell products that will let them change the messages you write, track your location and nick your email contacts, claimed speakers on the panel that included representatives from Privacy International and the aforementioned bureau.