HackDig : Dig high-quality web security articles for hacker

Premium SMS malware EXPENSIVEWALL infected millions of Android handsets

Google removed 50 malicious apps from the official Play Store after experts discovered a new malware, dubbed ExpensiveWall, eluded Google Bouncer checks. Google has removed 50 malicious apps from the official Play Store after experts with security firm Check Point discovered a new malware, dubbed ExpensiveWall,  eluded the checks of the Google’s Bounce
Publish At:2017-09-15 16:40 | Read:344 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android ExpensiveWa

BankBot Found on Google Play and Targets Ten New UAE Banking Apps

By Kevin Sun The Android-targeting BankBot malware (all variants detected by Trend Micro as ANDROIDOS_BANKBOT) first surfaced January of this year and is reportedly the improved version of an unnamed open source banking malware that was leaked in an underground hacking forum. BankBot is particularly risky because it disguises itself as legitimate banking app
Publish At:2017-09-13 15:50 | Read:324 | Comments:0 | Tags:Malware Mobile android bankbot google play

O Me, O My! Android O and Its Impact on the Enterprise

As the summer winds down, the next big wave of mobile OS updates is upon us — a seasonal trend that brings about excitement and positive change for both consumers and security leaders. With Google Android O version 8.0 set for imminent release, we’ve lined up some new features to look out for in the context of the mobile enterprise to ensure that you
Publish At:2017-08-08 16:20 | Read:430 | Comments:0 | Tags:Mobile Security Android Android Apps Android Security Google

After Big Takedown Efforts, 20 More BankBot Mobile Malware Apps Make It Into Google Play

A flashlight app, fake videos or a fake gaming app? Any one of those could be malicious and harboring a mobile malware app, right there in a trusted official app store. In an ongoing trend, IBM X-Force noted that malicious apps manage to circumvent controls and infiltrate legitimate stores. And this is not about the plethora of adware apps infecting users in
Publish At:2017-07-28 03:30 | Read:522 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Malware Mobile

Charger Android Ransomware Spread via the Official Google Play App Store

We all know that ransomware is a growing problem for businesses and home users alike, and that most of it is targeted against Windows users.And we’re also familiar with warnings to avoid downloading Android apps from third-party marketplaces rather than officially-sanctioned ones such as the Google Play marketplace.But infosecurity is not a world of ab
Publish At:2017-01-25 09:35 | Read:1252 | Comments:0 | Tags:Cryptography Featured Articles IT Security and Data Protecti

Four spyware apps removed from Google Play

We identified the Overseer malware in an application that claimed to provide search capabilities for specific embassies in different geographical locations.  Through close collaboration with an enterprise customer, Lookout identified Overseer, a piece of spyware we found in four apps live on the Google Play store. One of the apps was an Embassy search tool
Publish At:2016-09-16 10:00 | Read:838 | Comments:0 | Tags:Security android business travel Embassy Google Play mobile

Fake Pokémon Go app on Google Play infects phones with screenlocker

Badware purveyors trying to capitalize on the ongoing Pokémon Go frenzy have achieved an important milestone by sneaking their fake wares into the official Google Play marketplace, security researchers said Friday.Researchers from antivirus provider Eset report finding at least three such apps in the Google-hosted marketplace. Of the three, the one titled "P
Publish At:2016-07-16 04:05 | Read:1569 | Comments:0 | Tags:Gear & Gadgets Risk Assessment Technology Lab android google

LevelDropper: A takedown of autorooting malware in Google Play

LevelDropper, an app in the Google Play Store that we determined to be malicious, is the latest example of a new and persisting trend in mobile threats: autorooting malware. Lookout discovered the app last week and worked with Google to have it removed. All Lookout customers are protected from this threat. At first glance, LevelDropper seemed to be a simple
Publish At:2016-06-27 16:00 | Read:1096 | Comments:0 | Tags:Security android autorooting malware Braintest compromised o

“Godless” apps, some found in Google Play, root 90% of Android phones

Researchers have detected a family of malicious apps, some that were available in Google Play, that contain malicious code capable of secretly rooting an estimated 90 percent of all Android phones.Further ReadingHow a few legitimate app developers threaten the entire Android userbaseThere's a dark side to Android root providers, even when they're fully discl
Publish At:2016-06-24 01:50 | Read:1276 | Comments:0 | Tags:Gear & Gadgets Law & Disorder Risk Assessment Technology Lab

Trojan clicker’s gaze cast upon Google Play store

We’ve discovered a Trojan clicker on the Google Play store doing far more than advertised. The app name in Turkish is “Mayis Guzel Aydir”, which roughly translates to “May Beautiful Overnights”. When you open the app, the full-screen eyeball gives off a definite 2001: A Space Odyssey vibe: After attempting to get the program t
Publish At:2016-06-03 08:35 | Read:950 | Comments:0 | Tags:Cybercrime Mobile Android clicker Google Play trojan

High-Profile Mobile Apps At Risk Due to Three-Year-Old Vulnerability

A total of 6.1 million devices – smart phones, routers, smart TVs – are currently at risk to remote code execution attacks due to vulnerabilities that have been fixed since 2012. The vulnerabilities exist in the Portable SDK for UPnP™ Devices, also called libupnp. This particular library is used to implement media playback (DLNA) or NAT traversal (UPnP IGD).
Publish At:2015-12-04 06:25 | Read:1909 | Comments:0 | Tags:Mobile Vulnerabilities android google play libupnp Netflix T

Password-pilfering app exposes weakness in iOS and Android vetting process

Another mentionable fact is that the InstaAgent developer used the subdomain instagram.zunamedia.com to sent the data that was EXACTLY the same data that has been sent to the official Instagram servers to his server. I think that he wanted to “hide” his malicious HTTP packet because at the first glance it looked like an “official” HTTP packet to the Instagra
Publish At:2015-11-12 18:35 | Read:1029 | Comments:0 | Tags:Gear & Gadgets Infinite Loop Law & Disorder Risk Assessment

Kemoge Android Adware Campaign Can Lead to Device Takeover

Google has been busy removing a number of apps from Google Play that are disguised as popular selections that are actually pushing what starts out as adware but eventually turns more malicious.Google has already yanked down a file-transfer app called ShareIt, developed by Zhang Long of China, who was posting benign versions of his app to Google Play, but hos
Publish At:2015-10-07 14:30 | Read:658 | Comments:0 | Tags:Google Mobile Security Privacy Vulnerabilities Adware Androi

What I’ve been up to: a lot

Hi there Yes, I know, you didn’t hear from me for quiet a while (apart from the usual Twitter noise). But I wasn’t lazy! Actually I feel like I need to get rid of a lot of information. Here’s what I was up to in the last few months: Released the code review audit script scanner (crass) on github, which is basically a very much improved ver
Publish At:2015-10-06 06:05 | Read:1050 | Comments:0 | Tags:Various AFL Android CRASS Good Technology Google Play insecu

Is Stegomalware in Google Play a Real Threat?

By Alfonso Muñoz @mindcryptFor several decades, the science of steganography hasbeen used to hide malicious code (useful in intrusions) or to create covertchannels (useful in information leakage). Nowadays, steganography can be appliedto almost any logical/physical medium (format files, images, audio, video,text, protocols, programming languages, file
Publish At:2015-09-22 14:55 | Read:2448 | Comments:0 | Tags:alfonso muñoz android crypto Cryptography google play hackin

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud