Viruses & Malware
SophosLabs has been following an interesting Android malware story over the past week.
The malware goes by the name XX神器 (XXshenqi) in Chinese, or the Heart App, as it calls itself in English.
In theory, the implication seems to be that you can use the app, which you receive as an SMS invitation from one of your friends, to organise a romantic hook-up. In practice, however, you and your friends will just end up with SMS headaches.
Synolocker crypto-malware affecting Synology network access (NAS) devices in particular, has hit the Faculty of Medicine of Chinese University and took hostage no less than 10,000 patient records.
It appears that the affected data belongs to the Centre for Liver Health and Institute of Digestive Disease at the Prince of Wales Hospital in Sha Tin, and the police confirmed that the crooks used Synolocker for the deed.
A new Android design error discovered by Bluebox Security allows malicious apps to grab extensive control over a user's device without asking for any special permissions at installation. The problem affects virtually all Android phones sold since 2010.
Bluebox calls the flaw "Fake ID" because it allows malware apps to pass fake credentials to Android, which fails to properly verify the app's cryptographic signature. Instead, Android grants the rogue app all of the access permissions of whatever legitimate app the malware claims to be.
Attackers have compromised popular Japanese adult websites in order to distribute a trojan that is primarily targeting customers of two major banks in the country; however, the malware could easily be repurposed for use in the U.S., according to researchers with ESET.
The Aibatook trojan is capable of constantly monitoring browsing activity, modifying visited web pages, redirecting to web pages, and constantly monitoring and exfiltrating information entered into web forms, Joan Calvet, a malware researcher with ESET, told SCMagazine.com in a Wednesday email correspondence.
The majority of Android smartphone and tablet users do not need to install anti-virus and other security apps to protect them, despite dire warnings from security companies selling such products, Google’s head of Android security says.
Adrian Ludwig, the lead engineer for Android security at Google, said there was "a bit of a misperception" in how the company reviewed apps for its Google Play store in comparison with other stores.