Pre-installed  Android  malware found in over  5 million Android Devices

Pre-installed  Android  malware found in over  5 million Android Devices

Malware covered up as 'wifi system' app, just about 5 million mobile devices have already been infected worldwide. Over the last 10 days, Malware alone has made its developers over $115,000. Dozens of IoT devices already were transformed into a massive Botnet network.

 The researchers believe that all devices affected were dispatched to Tian Pai, a cellphone dealer premised in Hangzhou. That malicious ads malware pushes an adware feature to all infected android smartphone, which shows ads upon this main screen of the device, either pop-up windows or full-screen advertising to gain fraudulent advertising revenue for it developer.

 CheckPoint noticed two bits of pre-installed malware compromised with Samsung , LG, Htc, Asus, Nexus, Oppo and Lenovo. Below are the affected app with the android adware 
Go to Android  Settings > application and check if any of this app is on your mobile device just uninstall 

  •  Androïd.services.securewifi
  • com.changmi.launcher
  • com.system.service.zdsgt
  • com.android.yellowcalendarz

1-800-FLOWERS Canadian Website Injected With Credit Card Stealing Malware

            1-800-FLOWERS Canadian Website Injected With Credit Card Stealing Malware
1-800-FLOWERS e-commerce platform fell victim to Magecart for over 4 years. The California Attorney General's Office reported the infringement to 1800Flowers.ca by the Canadian company which stated that over 500 Californians had been affected. In its results for the third quarter of 2018, the company announced $238.5 million.

The total number of users impacted still has not been reported, "says Stephan Chenette, AttackIQ co-founder and CTO." Pay card skimming malware remains a safety threat for retailers around the world. British Airways, Newegg, Kitronik, were victimized all this year Chenette said.

Investigation results indicate that your first and last name, payment card number, expiration date as well as card security code were included in information collected by the attacker

Check back with the Hackers Review for the latest updates on this story

Android Vulnerability StandHogg Allow Attackers to Data Mine Your Device

Android Vulnerability StandHogg Allow Attackers to Data Mine Your Device


A new StrandHogg 2.0 dubbed Android bug affects all devices running Android 9.0 and older. The bug allows malicious apps pose a legitimate application and steal information from victims. Android users need to update their devices with the latest android version as quickly as possible to guard against the attack.

 The attack enables attackers to gain access private SMS and images, steal the login details of victims, monitor GPS activities, allow and/or record phone calls, and gather intelligence via the microphone and camera of a smartphone.


Due to their code-based execution, it is hard to detect. It doesn't require root access to exploit this security vulnerabilities, it allows advanced threats even on unrooted phones, says researchers at Promon.

On 4 December 2019 Google was told of the bug, giving it more than five months to work on a fix. Google has already pushed out a patch to partners in its Android ecosystem. The update will be given to qualifying users running Android 8.0, 8.1, and 9.0

New Bluetooth Vulnerabilities Found In All Devices

New Bluetooth Vulnerabilities Found In All Devices

According to academic researchers in Switzerland, a new vulnerability in the Bluetooth protocol was discovered. This vulnerable can  enable an attacker to compromise a remotely paired user , Leaving millions of devices at risk .The attack is called BIAS, and the attacking device must be located within the wireless range of a Bluetooth vulnerable device.

 The Bluetooth Special Interest Group revised the Bluetooth Core Requirements and proposed crypto-type cross-checks. The group encouraged users to install the most recent updates from the manufacturers of their devices and systems.

It is strongly recommended by Bluetooth SIG that vendors ensure that the encryption key length is not reduced to 7 octets. Wearable devices such as smart speaker, fitness and health tracker and intelligent home helpers communicate on mobile devices with apps. 

This vulnerabilities include communicating with mobile apps via Bluetooth Low Energy devices, a type of Bluetooth used in modern gadgets. Studies have previously shown that mobile applications that work with Bluetooth devices have an incorporated architecture flaw.

Hackers Exploiting old Vulnerabilities in Magento

                            Hackers Exploiting old Vulnerabilities in Magento
According to the Federal Bureau of investigation, hackers exploiting a flaw in a plugin from Magento to hack online shops. The vulnerability found in Magneto is cross-site scripting (XSS) that allows the hacker to inject a malicious script inside the online store source code.

 Payment  Information which been recorded from user purchases is then encrypted in a Base64 format, enclosed inside a JPEG image and submitted towards the attacker server. Such form of attack is referred to as web skimming or e-skimming. 

The Plugin found with the bug is Magmi which was found three years ago more or less an update is available  Magmi-git 0.7.23 to fix XSS bug that enables initial storage access for attackers.

The FBI alert provides compromise (IOC) indicators which Magento provider can be used to prevent attachments to their websites in their web application firewalls.

         ADVICE FOR E-COMMERCE STORE MANAGERS

  • Check all applications for critical vulnerabilities and prioritize the early patching of network-connected server for identified vulnerabilities and Internet data processing tools such as web browsers.
  • Weblogs and web applications are being constantly checked and monitors for unauthorized entry, alteration and anomaly.

  • Perform network penetration checks, code integrity controls and dynamic device safety measures on websites to detect faults or misconfigurations on regular basics

Zloader "UZUS" Banking Malware Resurrected Amiding At COVID-19


        
Since the beginning of the year, cybersecurity researchers have identified in over 100 e-mail advertisements on the Zloader Malware known has zues.

The malware seems to be under active development ever since it returns in Dec 2019, with 25 varies. This is a version of the notorious Zeus which used to steal millions of dollars from a large theft ring leading up to their takedown. Web injects are used for theft of victimization banking logs or credentials and confidential banking information as well as confidential client data such as cookies and login details. Attackers Behind use PDF files which link the zloader version to a Microsoft Word set down with the macro script. The whole month 's recent analysis varies  from more than one source