Hummingbad returns to Google Play store
Hum ming Bad—an Android- based mal ware that infected over 10 million Android devices around the world last year and made its gan gan estimated $300,000 per month at its peak — has made a comeback.
Security researchers have discovered a new variant of the HummingBad malware hiding in more than 20 Android apps on Google Play Store.
The infected apps were already downloaded by over 12 Million unsuspecting users before the Google Security team removed them from the Play Store.
The Check Point researchers said the HummingWhale-infected apps had been published under the name of fake Chinese developers on the Play Store with common name structure, com .[ name ]. camera, but with suspicious startup behaviors.
Trojan on Facebook can steal critical information
A security researcher has discovered a critical vulnerability in Facebook that could allow attackers to delete any video of the social networking site shared by anyone on their wall.
Dubbed BankBot, the trojan has the ability to get administrator privileges on infected devices. Once it gets full privileges, the malware trojan removes the app’s icon from the phone’s home screen in order to trick victims into believing it was removed.
BankBot trojan remains active in the background, waiting for commands from attacker’s command and control (C&C) server.
BankBot has a broad range of tasks, including send and intercept text messages, make calls, track devices, steal contacts, show phishing dialogs, and steal sensitive information, like banking and credit card details.
“Once Android.BankBot detects that any of the aforementioned applications have been launched, it loads the relevant phishing input form to access user bank account login and password information and displays it on top of the attacked application.”
The malware hides itself until the victim opens any mobile banking or social media app. Once the victim opens one such app, BankBot launches a phishing login overlays, tricking victims to re-authenticate or re-enter their payment card details.
The collected data is then sent back to online servers, where the attackers can access the stolen data.
BankBot can download credentials for apps including Facebook, WhatsApp, Instagram, Twitter, Youtube, Snapchat, Viber, WeChat, imo, Uber, and the Google Play Store.
The BankBot trojan can also intercept text messages, send them to the attackers, and then delete them from the victim’s smartphone, which means bank notifications never reach the users.
How to protect against such attacks
To prevent yourself against such attacks, you are advised to:
Always be careful when downloading APKs from third-party app stores. Go to Settings ? Security and then Turn OFF “Allow installation of apps from sources other than the Play Store.”
Never open attachments from unknown or suspicious sources.
Never click on links in SMS or MMS sent to your mobile phone. Even if the email looks legit, go directly to the website of origin and verify any possible updates.
Always keep your Anti-virus app up-to-date.
Keep your Wi- Fi turned OFF when not in use and Avoid unknown and unsecured Wi-Fi hotspots.
Encrypted email service
Lavabit makes return
Texas-based Encrypted Email Service ‘Lavabit,’ that was forced to shut down in 2013 after not complying with a court order demanding access to SSL keys to snoop on Edward Snowden’s emails, is relaunching on Friday.
Lavabit CEO Ladar Levison had custody of the service’s SSL encryption key that could have helped the government obtain Snowden’s password. Although the FBI insisted it was only after Snowden’s account, that was the key to the kingdom that would have helped the FBI agents obtain other users’ credentials as well.
But rather than complying with the federal request that could compromise the communications of all of its customers, Levison preferred to shut down his encrypted email service, leaving its 410,000 users unable to access their email accounts.
What the end of net
neutrality means
Now that Trump has taken office net neutrality is on the chopping block. The principle that all internet traffic should be treated equally is all but dead. With net neutrality, Amazon, for example, can’t cut a deal with Time Warner to make its website come up faster than Walmart’s. For all the talk of being for the common man, this administration won’t stand in the way of big businesses making deals.
The internet was built on the very idea of net neutrality. It has a history going back more than a century in “common carrier” laws, when Standard Oil was fined for creating a deal with a railroad (also a common carrier) in which it got a “rebate” whenever a competitor shipped oil on the line. These kinds of deals create vertical monopolies to the disadvantage of consumers, escalating prices. They also stifle innovation as they price access to the market out of the reach of startups and inventors.
Take the cable business. Spectrum (Charter Communications) controls about a third of the market for internet access with no viable alternatives in many areas of the country.
Download e-mails from
your favorite service
The first thing you need to do is set up Mozilla Thunderbird and then add your email account(s) using the IMAP protocol.
Once you have Thunderbird set up on your PC or laptop, set up your Inbox using the “Unified Inbox” view. Using this method, all emails you receive (even from multiple email accounts) will be shown in a single Inbox. This makes it easy to view and process all your Inbox emails at once.
Contact us for the complete set of instructions via email.