dcsimg

Mobile Menace Monday: A race to hidden ads

Who doesn’t love a good motorcycle racing game, right? How about one easily available on Google Play, a “safe” place for all your Android app desires? How about a bike racing game that sticks with you so much, you can’t easily uninstall it? And it displays hidden ads? Wait, what!? That’s right! In the slideshow below, a game titled Motorcycle Race—Bike Race (package name: com.bikeme.racersm) has … [Read more...]

Mobile Menace Monday: re-emergence of a fake Android AV

Back in early 2013, a new mobile antivirus (AV) company called Armor for Android emerged into the mobile security software industry that had everyone perplexed. It seemed eerily like malware known as a Fake AV, and some even gave it that label. As a younger mobile researcher, I was one of those who gave it such a label, adding it to a list of malware detections. Shortly after, Armor for Android … [Read more...]

Mobile Menace Monday: Fake WhatsApp can steal info from your phone

Last month, a blogger at My Online Security reported receiving a spam comment containing WhatsApp Plus. Going through the process, they downloaded an APK of this so-called WhatsApp Plus. Where they ended was as stated, I am not certain exactly what this does, but from the sandbox reports it looks like it has the potential to steal information, photos, phone numbers etc from your mobile … [Read more...]

A week in security (March 26 – April 01)

Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one can protect their P2P payment apps. Other news “Lone wolf” sextortionists pose as hot … [Read more...]

10 ways to protect your Android phone

Android has been around for nearly a decade and has come a long way from its early wannabe iPhone days. New features, upgraded camera phones, a wide variety of apps and platforms, and polished interface design have led to a huge install base—a whopping 2 billion+ monthly active devices—making it the biggest mobile OS in the world to date. This is but one testament to how technological advancements … [Read more...]

A week in security (March 12 – March 18)

Last week on Malwarebytes Labs, we took a look at the inner workings of a fileless attack, explored what happened in a zero day ransomware attack aimed at South Koreans, gave you hints and tips for avoiding cold calls, and took a deep dive into the secretive world of GrayKey. Other news The Equifax story just keep rumbling on. (Source: The Guardian) Some Meltdown and Spectre updates. (Source: The … [Read more...]

A week in security (March 05 – March 11)

Last week on Malwarebytes Labs, we paid homage to several women in tech, including some of our very own, on International Women’s Day and shared their stories. We also looked into an adware posing as an Android app that claims to live stream the 2018 Winter Olympics, exposed scammers that go by the name GeeksHelp, who were caught red-handed (again) after their first unmasking two years … [Read more...]

Mobile Menace Monday: Olympics app has more ads than games

An app claiming to live stream the 2018 Winter Olympics (but really serving up a blizzard of ads) had a short run on Google Play. It was uploaded to the Play store on February 8, 2018. Since then, it’s been removed. The last known existence of it on the store was a cached snapshot from February 10. Poorly-made app At first, things seem normal with a simple opening screen. After displaying … [Read more...]

A week in security (February 12 – February 18)

Last week on Malwarebytes Labs, we looked at a huge Android cryptomining campaign, malicious apps on Google Play, and some Apple scams doing the rounds. We also explored the world of healthcare security, and dived into the land of scammy Valentine’s Day tricks and cheats. Other news Thought the Equifax breach couldn’t get any worse? You might want to take a seat. (Source: The … [Read more...]

Kotlin-based malicious apps penetrate Google market

An open-source programming language, Kotlin is a fully-supported official programming language for Android. Google boasts that Kotlin contains safety features in order to make apps “healthy by default.” Many apps are already built with Kotlin, from the hottest startups to Fortune 500 companies. (Twitter, Uber, Pinterest) Concise while being expressive, Kotlin reduces the amount of … [Read more...]