WARNING: Chinese Smartphones Contain Built-In Android Malware

There is a Chinese clone of the Samsung smartphone that steals personal data using a virus disguised as Google Play!


A Chinese Android smartphone that is selling on Amazon, eBay and other online stores have been found to contain a virus that pretends to be the Google Play Store.

This virus steals the user’s data when logged onto the bogus store.

The Star N9500, is resemblance to the Samsung’s Galaxy S4 Android smartphone.  It is manufactured in China but the phone is sold through resellers located in Belfast and Hong Kong.

The Trojan is known  as “Uupay.D“, its disguised as the Google Play Store.  It is pre-installed on the Android smartphone with no way to be removed by the user, according to German security company G Data.

G Data has analyzed one of the smartphones purchased directly from the factory in China and verified its vulnerability.

The scary aspect of this, is that online criminals have full access to these smartphones.

All Access

The malware attached to these Androids, steal personal data from the phone and sends it to an anonymous server located in China.  This Android malware is also capable of installing additional applications or viruses without the user’s knowledge.








The only thing users see is an app with the Google Play Store icon in the running process.  The virus enables criminals to track the location of the smartphone, intercept and record phone calls, make purchases and send premium text messages without the user’s permission.  All completely discrete and disguised.

The authentic phone usually costs £500 while the Chinese smartphones are going for £120.  Users are noticing reviews on this product range from one to five stars.  Although, they are complaining about the poor quality and noticing the phone starts to break down after a couple of months.

The device is offered with an extensive list of accessories which includes a second battery, car charging adapter and second cover.

The low price of a smartphone with such a wide range of features is a criminal tactic, according to Geschkat, a product manager at G Data.

Buyers Beware:  Cheap offers online that seem tempting should make buyers suspicious.  There is no such thing as free.

Android accounted for 97% of the malware targeted at mobile devices last year.  This is an increase of 20% a year, according to data from a security firm F-Secure.

Even though this malware is already installed onto these devices from the Google Play store, it accounts for only 0.1% of malware.

Malware from these Android’s can’t be blamed for all accounts.

The majority of all malware is downloaded from third-party app stores including the Chinese stores Baidu and Anzhi, where access to Google Play is restricted.

Have you come across these phones?  We’d love to hear from you, please leave your comments below!

References:

Gibbs, Samuel
Chinese smartphone on sale on Amazon and eBay contains built-in malware – TheGuardian
http://www.theguardian.com/technology/2014/jun/18/chinese-smartphone-samsung-amazon-ebay-malware-google-play
Published: June 18, 2014

Related posts:

Compromised Sites Serving Android Malware via Drive-by-Downloads 

Researchers Find More Android Malware: Some Send Expensive SMS, Others Steal Data

  Android Trojan Can Partake in DDoS Attacks, Send SMS Spam

  Watch Out for Mobile Adware

‘Prayers for Likes’ Facebook Scam

Pictures of sick babies circulate through social media sites, especially through Facebook.

These images are of sick children, less fortunate families, and persons with deformities.



Specifically, a sick baby with hospital equipment in the background which claims that liking the image equates to a prayer for the child while sharing equates to one hundred prayers.

The disgraceful scam is designed to accumulate likes for a Facebook Page and promote the Page for more shares.

The image of the baby was stolen from a personal Facebook profile and is being circulated without the baby’s parents permission.

This is how most Facebook scams work.  Pictures are distributed and not authorized to be shared, then stolen from its rightful owners.

Tragically, the baby in the picture passed away only two weeks after she was born.

The message continued to circulate, causing great distress to the baby’s family.

If you see messages like this on Facebook, please do not like or share it.

Analysis

Like farming and sharing messages will not help the baby or the baby’s family in any way.  The message is just a tic in the long branch of sick baby hoaxes that falsely claim that you can help a baby by liking or sharing the message.




Some messages claim that money will be donated in exchange for liking or sharing.  Others declare that liking and sharing equates to prayers for the child.

The people who create these messages are driven by greed and selfishness.

This precious baby passed away April 2014, just weeks after she was born.

Whether or not you believe that prayers will help, the real intention of this scam is not pure.

Facebook has removed some of these messages and continues to take them down in a timely manner.

Although, there have been numerous reports, there are still some messages that continue to circulate with no action taken.

If you see scams  like this, please report them to Facebook as soon as possible.

Report a scam:

https://www.facebook.com/help/344403945636114/

http://facecrooks.com/Internet-Safety-Privacy/How-to-report-a-Facebook-scam.html/

What Facebook scams have you come across lately?  Please share your experience and help us take control over these cruel messages.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

‘Prayers for Likes’ Facebook Sick Baby Scam – Hoax-Slayer
http://www.hoax-slayer.com/prayers-for-likes-facebook-scam.shtml

This Day In Tech History: June 13, 2014

In 1993, Microsoft teamed up with Tele-communications and Time Warner to begin the innovative “Interactive TV”.

Consumers were able to purchase products right through the set during a show.

iTV would give users a Digital Set Top Box so the users could use and browse, then go back and continue to watch the video.

The iTV connected to a telephone to let you know who is calling and also allowed you to receive a SMS.

This has greatly influenced pop-culture.  The software allows consumers to bank, shop and surf the web.
Also, this day in history:

• Pioneer space probe crossed Neptune in 1983
• Series of Brazilian websites were hacked by Analysta in 2000
• 2.4.21 of LINUX kernel was released in 2003
• Microsoft ceased development of IE or the Macintosh in 2003
• IE for MAC shut down in 2003
• Fedora Core 4 was released 2005
• Music piracy had been contained from file sharing in 2006
• Vincent Farrari tried to cancel his AOL account, but the agent refused to in 2006.
• Jeffrey Goodin is the first to be sentenced 70 months in jail because of the CAN-SPAM act.  He was posing as an AOL billing agent.

We are again making history today with the “Super Moon” or the “Honey Moon”.  It is the only full moon at its closest to the earth on a Friday 13th until 2049.  We haven’t seen a moon like this in over 100 yrs.

The moon will look larger in the sky, sitting low on the horizon with a honey hue to it.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Powers, Jeffrey
June 13, 2014: Honey Moon, 1993: Interactive Television from Microsoft
http://www.dayintechhistory.com/
Published: June 13, 2014

Related posts:

Windows 8 Consumer Preview is Out: Download, Poke Around & Share Your Thoughts! 

Microsoft Issues Worldwide Virus Alert

  Windows XP is ending, are you prepared?  

The End of Windows XP is Near!

This entry was posted in news and tagged microsoft.
Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL. Edit

« Half of U.S. Adults have been hacked: Are you one of them?

Half of U.S. Adults have been hacked: Are you one of them?

AARP has estimated, nearly half of all adult Americans have been hacked in the past year.  The Better Business Bureau said 1 in 5 of all victims are college students or in their twenties.

Identity theft is exponentially rising while users aren’t realizing the true risk that is posed.

Roughly, 432 million online accounts that belong to 110 million Americans, which are half of all adults were hacked in cyber-attacks in the past year.

Consumer Reports estimates that 11 million Americans were victimized from email scams in 2013.

This year alone, there have been 260 breaches that have occurred in health facilities, exposing the sensitive data of 8 million people.

Could this be from health care facilities still using Microsoft Windows XP?  The software is no longer supported and vulnerable to zero-day exploits.

From coffee shops to corporate networks, grocery stores to airports, two-thirds of surfers have nothing to protect themselves.

AARP has launched Fraud Watch Network, where you can get access to information about how to protect yourself and stay alert on the latest tricks and scams.

The best ways to safeguard your personal data are:

1. Don’t share if you don’t have to
2. Monitor your finances
3. Protect your electronic devices and accounts
4. Leave a paper trail
5. Don’t trust everyone

Studies have shown that from the ages of 18 to 24, in the average of 132 days, they’ve been scammed.
 
That’s five times larger than the national average.

This goes to show why university computers are popular targets for cyber-criminals.

This year nearly 840,000 private records were exposed in breach attacks in at least 12 universities.
 
Universities affected are: University of Maryland, Indiana University, Johns Hopkins University, Iowa State, University of Minnesota, Auburn University College of Business, University of Wisconsin, Loyola Law School and North Dakota University.

Also, there were 5,000 records hacked in 10 data breaches of financial institutions, according to the Identity Theft Resource Center.

Reducing identity theft includes:

• Monitoring financing accounts
• Keeping checkbooks and statements
• Securely storing computers and all devices
• Avoiding Wi-Fi networks when shopping online
• Reading reviews before installing apps
• Decline free game downloads, music, and screen savers
• Adjust privacy settings for your social network sites
• Use credit cards instead of debit cards for liability protection
• Shredding solicitations for pre-approved credit cards

You can opt out of certain solicitations at https://www.optoutprescreen.com

For information on other scams, sign up for the Fraud Watch Network.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Kirchheimer, Sid
Half of U.S. Adults Hacked: Are You Among Them? – AARP Blog
http://blog.aarp.org/2014/06/06/half-of-u-s-adults-hacked-are-you-among-them/
June 6, 2014

Kirchheimer, Sid
College Students: Ideal for ID Theft – AARP Blog
http://blog.aarp.org/2014/05/16/college-students-ideal-for-id-theft…

More Bugs Found in OpenSSL Security Tool

There have been six more bugs found in the widely used OpenSSL security tool.

OpenSSL is a security tool that houses computer programs to enable security over the public Internet.

OpenSSL is used in shared consumer applications, like software in Google’s Android smartphones.

With the Heartbleed vulnerability in OpenSSL,  the new publicity had system administrators rushing to update their systems to protect against it.

Computer administrators everywhere have frowned upon six new security issues that were recently found in the OpenSSL security library.

For example: if you see “https://” in your URL bar, it  indicates that the connection is secure.

The server computer at the other end of the connection is using OpenSSL to provide security.
The two main forms of security are:

1. It scrambles information so it is unreadable to anyone other than the intended recipient
2. It authenticates the source of information, ensuring the sender is who they say they are

 

How to protect yourself

Most won’t have to take any kind of action in response to the OpenSSL attack.

Non-browser client applications such as music players and chat programs will need to be immediately updated.

Distributors of Linux, which uses OpenSSL more openly, have already received issued updates.

If you haven’t already reset all your passwords due to the Heartbleed bug, it is the perfect time to do so.

Major service providers will inform you if it is necessary to reset your password.

Websites that are affected, may be unavailable for a short period of time.  This allows the fixed versions of OpenSSL to be installed by their system administrators.

There will most likely be more flaws discovered in OpenSSL.  Password resets, and software updates are becoming more of a habit with increased internet usage.

Delay no more, secure yourself and reset all your passwords.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Merkel, Robert
Six more bugs found in popular OpenSSL security tool – Homeland Security News Wire
http://www.homelandsecuritynewswire.com/dr20140609-six-more-bugs-found…
Published: June 9, 2014

Within the Heartbleed Bug

Only a few months ago, the Hearbleed OpenSSL bug was discovered.




We are still learning about the countless encrypted transactions that left your accounts vulnerable to theft.
When computers talk to each other, it is called a heartbeat.  Because of a coding mistake, the Heartbleed bug was born.

Lets say there is a banking transaction:  The client (you) sends its heartbeat to the server (your bank) and the server hands it back to you.  So if something goes wrong with the transaction, the other party will know because the heartbeats get out of sync.

It’s like a cassette tape breaking because one of the spindles stopped working correctly.

How it happened

The actual breach happened all because of the following code:

memcpy(bp, pl, payload);

To explain, the memcpy is a command that copies data, and it requires three pieces of information to do so. 
The first set of information is the destination of where the data needs to be copied.  The second is the exact location of the data that needs to be copied.  The third set is the amount of data the computer is going to find when it goes to make the copy.



The bp is a place on the server computer, pl is where the actual data the client sent as a heartbeat is, and payload is the number that says how big pl is.

The bp, which is where the data is going to be copied, is full of the data sitting in the part of the computer before.  Although, the computer treats it as if it were empty because the data has been marked for deletion.

When memcpy takes the data from pl and puts it in bp, it covers up all the old data in bp.

Everything that used to be in bp is destroyed and filled up with the pl data.

If payload says that pl is 64 KB but it only has 0 KB,  memcpy creates a 64 KB sized open space at bp that’s full of garbage data.  None of the bp old data gets overwritten because there’s nothing to replace it since pl is actually empty.

Meaning whatever old data was sitting in bp prior to the heartbeat gets passed back to the client.  Sometimes the data is irrelevant and sometimes its your banking password.

The Heartbleed bug has been fixed but the vulnerability has existed for a decade.  Who knows how much data was exploited.

Do you have maximum protection on your PC?  Is your antivirus out-of-date?  Let us help you protect yourself from the many vulnerabilities that live on the net.  [P] 619-325-0990

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:

Aguilar, Mario
Internet Vulnerability Left Encrypted Data Exposed For 10 Years – GIZMODO
http://gizmodo.com/internet-vulnerability-left-encrypted-data-exposed…
Published: June 5, 2014

Limer, Eric
How Heartbleed Works: The Code Behind the Internet’s Security Nightmare – GIZMODO
http://gizmodo.com/how-heartbleed-works-the-code-behind-the-internets-se…

Request for Google to remove links about you

Have you ever searched for your name on Google and saw just how easy it is for people to find out personal information about you?

Do you have personal information on the web that you would like deleted or hidden from Joe Schmo trying to find out about you?

Google has created an online form in which you can ask for the links to your personal data or posts to be removed from search results.

This form is a response to a European Commission ruling that people have “the right to be forgotten” online.

The EC has administered for Google to stop linking to anything that’s “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.”

The landmark privacy decision by the European Union Court of Justice emerged from a number of cases coming from the Spanish data protection authority in 2011.

This ruling applies across the EU, among those are web giants Google and Facebook.

Clearing Your Name

When you submit links that you would like to be removed, Google says it will,

“assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information.”

A statement provided to CNET by Google, Floridi called the move “an exciting initiative, which will probably require some hard and rather philosophical thinking.”

Google has pledged to consider whether or not there is public interest in information about financial scams, professional malpractice, criminal convictions, and public conduct or government officials.

In order to ask for links to be removed, you have to supply the URL and request, provide your name, contact email address, and a copy of a photo ID.

You may put in a request on the behalf of another person, like a spouse, or an associate, to have their name removed from a link.

Once Google has reviewed your request and have removed the link, it will disappear from Google search results in all site across the EU.

There is a statement saying, Google’s lawyers are arguing that applying the EU ruling to US publications in Google’s US search results would be “absurd”.

So by deleting your name from the EU, are you really being deleted from the net?
 For more information, view this EU podcast below:


Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.

References:
Published by Trenholm, Rich
You can now ask Google to remove links about you – C|Net
http://www.cnet.com/news/you-can-now-ask-google-to-remove-links-about-you/