Antivirus Vendors
Two-thirds of young people first learn about major news events via Facebook – but as cybercriminals cash in with hoax stories and links, it can be difficult to tell ‘real’ content from fake. Our tips can help.
The post Facebook hoax – how to tell instantly if a story is fake appeared first on We Live Security.
But this is no ordinary conference, this is “Kiwicon” the eighth consecutive annual security conference held in Wellington, New Zealand whose theme this year is – “It’s always 1989 in computer security”.
No expense has been spared by the organisers to reinforce the 80’s theme including name badges in the form of real audio cassettes (yes, they still exist) that are labelled with your hacker name. I’m afraid my hacker name of “Michael” was somewhat plain in hindsight!
The self-deprecating humour scattered throughout the Kiwicon website and program guide is nothing short of amazing; a must-read if you get the chance. And the permanent stage props of a Llama and Sheep really help paint the picture of a conference that has a wonderful relaxed, if not quirky tone.
With more than 1,100 security geeks attending, including many international guests, this conference is likely the closest thing to DEFCON this side of the Pacific; and from comments I’ve heard from fellow attendees, maybe even better.
The first day has concluded with talks as diverse as real cases of journalists and human rights activists being hacked by suspicious government actors, to researchers who reverse engineered the Bluetooth powered controls of an electric skateboard.
Presentations at Kiwicon tend to be very technical, and give you an insight into the genius minds behind some of the leading edge security research that over time assists in keeping all of us safer online, as vulnerabilities are discovered and disclosed.
Day two of Kiwicon is packed with topics such as a walk through of techniques that can be used to detect hoax images that are all too familiar on the Internet these days, as well as some possible disclosures relating to Minecraft which may well turn into breaking news.
But if attending security talks aren’t your thing, the conference also offers the chance to participate in a hacking challenge, lock-picking competition and other activities to keep the minds of the brightest up and coming security professionals occupied.
Until the next conference, stay safe out there.
As a malware analyst, I find new pieces of malware day in and day out. In fact, I see so many new malware samples that it’s difficult for me to determine which pieces would be really interesting for the public. Today, however, I found something that immediately caught my attention and that I thought would be interesting to share.
The three URLs listed above are websites that offer mobile monetizing kits, which are advertising kits that developers can implement in their mobile apps. The goal for developers is to monetize from advertisements. If a user clicks on one of the ads delivered by one of the above listed providers, he may be lead to a malicious subdomain.
The most visited of the three URLs is Espabit. According to our statistics, we know that Espabit’s servers get around 150,000 views a day and nearly 100% of the views are from mobile devices. This may not seem like that much compared to the number of Android users there are in the world, but it is still a considerable number. Espabit is trying to position themselves as a world leader in advertising, and their website may appear innocent, but first impressions can be deceiving.
The most visited Espabit subdomain, with more than 400,000 views during the last few months, leads app users to pornographic sites via the ads displayed in their apps. The site displays a download offer for nasty apps (no pun intended) that have malicious behavior.
The above is just one example of the malicious links; there are many others hosted on the same server. The majority of the links lead to pornography or fake apps that all have one thing in common: They all steal money from innocent users.
How do they convince people to download their app? By posing as official Google Play apps. The apps are designed to look like they are from the official Google Play Store – tricking people into trusting the source. Since Android does not allow users to install apps from untrusted sources, the sites offer manuals in different languages, like English, Spanish, German, and French, explaining how to adjust Android’s settings so that users can install apps from untrusted sources, like these malicious apps. How considerate of them.
Now let’s take a deeper look at what the apps are capable of doing:
All of the “different” apps being offered by the three sites listed above are essentially the same in that they can steal personal information and send premium SMS. So far, we know about more than 40 of them stored on the websites’ servers. Most of the apps are stored under different links and, again, are offered in different languages (they want everyone to be able to “enjoy” their apps). The goal behind all of the apps is always the same: Steal money.
Some of the permissions the apps are granted when downloaded…
Once you open the apps, you get asked if you are 18 or older (they are not only considerate in that they offer their product in various languages, but they also have morals!).
After you click on “YES” you are asked to connect your device to the Internet. Once connected to the Internet your device automatically starts sending premium SMS, each costing $0.25 and sent three times a week. That’s all the app does! The amount stolen a week does not seem like much, but that may be done on purpose. People may not notice if their phone bill is $3.00 more than it was the month before and if they don’t realize that the app is stealing money from them and don’t delete the app it can cost them $36.00 a year.
This malware is actually not unique in terms of the technique it uses. However, collectively, the three websites have around 185,000 views daily, which is a lot considering there is malware stored on their servers. Not everyone is redirected to malware, but those who are, are being scammed. Considering that the most visited malicious subdomain had around 400,000 views in the last quarter, it tells us that a large number of those visitors were infected. This means these ad providers are making a nice sum of money and it’s not all from ad clicks and views.
Although many mobile carriers around the world block premium SMS, including major carriers in the U.S., Brazil, and the UK, this case should not be taken lightly. These malware authors use social engineering to circumvent Google’s security and target innocent app users via ads. Think of how many apps you use that display ads, then think of all the valuable information you have stored on your phone that could be abused.
All malicious apps we found and described here are detected by Avast as:
Android:Erop-AG [Trj]
Android:Erop-AJ [Trj]|
Android:Erop-AS [Trj]
Some of SHA256:
DBEA83D04B6151A634B93289150CA1611D11F142EA3C17451454B25086EE0AEF
87AC7645F41744B722CEFC204A6473FD68756D8B2731A4BF82EBAED03BCF3C9B
The emergence of Uber has put taxi drivers around the world on red alert. Just this week, the Spanish High Court has ordered the company to cease operations on the grounds of unfair competition with taxi drivers.
Yet it’s not just the business model (putting customers in touch with unlicensed drivers) that stretches the limits of legality. The app, which effectively manages requests and responses, also contains some dubious aspects.
This is what a group of IT security researchers have discovered after analyzing how the mobile app works. They have analyzed the code of the Android app in detail and their findings don’t reflect well on Uber.
The study revealed that while users take advantage of the services they offer, the system transmits information about their Internet habits along with certain features of their phone, details that are entirely unrelated to the service.
The San Francisco based ‘start-up’ would seem to be interested in the people its customers are in contact with; it collects data on the length of calls and the phone numbers.
It also gathers information about the apps installed on the device, the free memory space and byte circulation. Similarly, the GPS coordinates and the IP address of the phone are recorded.
The company wants to know what messages (SMS, MMS and emails) are sent and received by users, and suspiciously, the tool reports the malware that the phone is vulnerable to and the security algorithm used on the device. The obvious question is, why would a company that only offers a transport service need all this information about its users?
Some have defended its strategy, claiming that this is an anti-fraud measure to identify fake accounts (competitors could use the app covertly with other intentions). Still, the end doesn’t justify the means. The terms and conditions of the app don’t reflect the entire flow of information that really takes place.
For the moment these experts have only analyzed the app for Android; it’s still unclear whether the same things happen on the iOS version. Nevertheless, it may be best to fear the worst, as Apple is hardly renowned for its discretion.
If you think that after this news Google will be withdrawing the app from its platforms, you’re probably forgetting a small detail -in the form of a bundle of cash. Google Ventures, the branch of the company that invests in new ventures and business opportunities, has financed Uber to the tune of $258 million. It’s unlikely to write that off just for a small problem of privacy.
Uber is not the only app that uses your data without clarifying the reasons. We recently discussed some torch apps that do the same with GPS coordinates, photos and text messages.
You can’t entirely avoid being spied upon, though revelations like these are a wake-up call to be on your guard with respect to the permissions on the apps that you download. It’s common to accept conditions without reading them in the belief that an app must be trustworthy, but all that glitters isn’t gold.
Remember that Panda Mobile Security, our free antivirus for Android, can help you to monitor which personal data on your phone is shared with third-parties.
The post More controversy for Uber: The app compiles user data without permission appeared first on MediaCenter Panda Security.
Facebook doesn’t want you to be in the dark about their new privacy policies.
2015 is arriving and, as usual, tech companies start to launch their updates for the new year. However, it looks like someone is sparking some debate with its recent policies that are to be implemented in less than a month. That someone is… Facebook.
After all the controversy around the Facebook Messenger app last summer, the world’s largest social media company is under fire, again!
Recently, Facebook published their new terms, data policies, and cookies policies that the network will launch January 1st. Basically, the update says that every user of Facebook’s services agree, among other changes, with the utilization of tools that can help to aggregate data in order to create more customized ads – the company also introduces ways to guarantee basic data security.
I’ve noticed that the way I’ve received the ads in my profile is quite different to what it used to be. After simply browsing through a website related to a specific theme, let’s say, football or software, I immediately start to receive wall post offers related to that topic, company, or product that I researched online. Imagine how it’s going to be in 2015 after the new policy has been officially launched?
Would the world’s largest social media website be spying on us? They have admitted publicly that it’s quite easy to monitor online activities, and they do hold a lot of data on their members, which makes people feel a bit uncomfortable. Just search for articles about it, and you’ll see.
Facebook’s goal with this new privacy policy is to help users “understand how Facebook works and how to control your information.” This introduces an element of decision-making on the user’s behalf.
Some of the updates you can expect to see are:
Discover what’s going on around you: Facebook is working on ways to show you the most relevant information based on where you are and what your friends are up to.
Make purchases more convenient: People in some regions will see a Buy button, making purchasing easy because you don’t have to leave Facebook. And you get targeted ads based on what you are interested in, like me seeing an increased number of football and software ads.
Make you part of the Facebook ecosystem: You will be even more invested in the “Facebook family” because they are making Instagram, WhatsApp, and the growing number of companies, apps and services that Facebook is acquiring work together more seamlessly.
You should be concerned about the contents and data that you publish on Facebook, because sometimes they make you look like an idiot, but don’t go off the deep end thinking that your social network will steal your privacy! You are still under control of your data!
To help you maintain control, Facebook wants you to understand how they use your information and find information about privacy on Facebook at the moment you need it. Tips and suggestions can be found in Privacy Basics.
It’s also necessary for you to take some precautions, such as:
And, obviously, use a good antivirus that will help you with all the above procedures! No matter what tools online companies and social media websites are using to better understand your behavior in the “Internet of Things”, you are still under control of your data. Do your part and live a health virtual life!
AMSTERDAM and SAN FRANCISCO – December 11, 2014 – AVG Technologies N.V. (NYSE: AVG), the online security company™ for 188 million active users, today announced it will speak at the Lifelong Tech and exhibit at the Family Tech Summits at the 2015 International Consumer Electronics Show (CES) being held January 6-9, 2015 in Las Vegas.
Highlighting the company’s participation is AVG Chief Marketing Officer Judith Bitterli’s Tech Talk on Jan. 6 on “The Privacy Fear Factor,” a guide to essentials for online safety.
“Feeling safe, comfortable and confident online, especially in our increasingly connected and mobile world, can seem overwhelming if you don’t have the right tools in place,” said Bitterli, who regularly blogs on tech topics for Boomers at AVG Now. “The 50+ audience wants to be connected, engaged, informed and entertained. But privacy has been a major issue for them in fully utilizing the Internet – which has become an essential part of all of our lives. We must address the these issues so we can safely access the services we need — from health records to financial and social sites.”
As part of the presentation, Bitterli will share insights around Boomers’ tech usage and attitudes about privacy and protection issues, including findings from AVG’s new Digital Diaries Boomer research study.
The Lifelong Tech Summit (formerly the Silver Summit) looks at products and services that impact the lives of Boomers – which accounts for approximately 78 million US citizens (450 million worldwide) born between 1946 and 1964. This year’s Summit is designed to showcase the latest products and solutions for lifelong learning, enhancing and augmenting sensory experience, smart home control, healthy aging, and more. See more at: http://livingindigitaltimes.com/
What: ‘The Privacy Fear Factor’ presentation at Lifelong Tech Summit at CES
Who: AVG Technologies’ CMO Judith Bitterli
When: 1:30 p.m. January 6, 2015
Location: The Venetian, Level 2, Bellini 2006
AVG also will exhibit at the Family Tech Summit’s Cool Mom’s Showcase, being held Jan. 6-9 at CES Tech West, Sands Expo Level 2, Cool Products Pavilion #74935. This event is designed to highlight products that help families save time and energy so they can devote it to what’s important. AVG will showcase some of its key online security and privacy products for families, including “Magda and Mo”, the series of interactive online books that help children learn how to stay safe online. Location Labs by AVG, which was acquired by AVG in September 2014, will feature its Phone Controls service, which US customers can try for free through their tier 1 wireless carrier. Phone Controls lets parents see at a glance and limit how kids use phones, through real-time alerts and easy-to-read weekly email summaries on texting, calling and app downloads.
###
About AVG Technologies (NYSE: AVG)
AVG is the online security company providing leading software and services to secure devices, data and people. AVG has over 188 million active users, as of September 30, 2014, using AVG’s products and services including Internet security, performance optimization, and personal privacy and identity protection. By choosing AVG’s products, users become part of a trusted global community that engages directly with AVG to provide feedback and offer mutual support to other customers.
All trademarks are the property of their respective owners.
Contacts:
Spearheaded by nonprofit www.hourofcode.com, during the past year, Hour of Code has reached tens of millions of students in 180+ countries. As of last count, there were 77,221 Hour of Code events around the world.
Anybody can host an Hour of Code anytime, but a grassroots campaign goal is for tens of millions of students to try an Hour of Code event during this week – December 8-14, 2014— the first anniversary of the event during Computer Science Education Week.
Facebook’s Mark Zuckerberg supports the program, recently donating $1 million on Indiegogo to Code.org’s Hour of Code crowd-funding campaign. And this Friday, December 12, Apple retail stores across the planet will host one-hour coding workshops, for free, to anyone who wants to sign up and participate. These will offer an introduction to computer science, designed to demystify code and help inspire students to learn the basics of it. Apple will also host developers and engineers for special events and discussions in many cities around the world.
Code Week’s effort encourages minorities (this includes women) to open up the possibilities for both technology and for people. It’s truly a win-win.
But somehow in our tech-obsessed world, there remains a real stigma about coding – a genuine perception that it is difficult or challenging or too, well, nerdish. The stereotypes regarding coding are tiresome and so last millennium! This is in many ways limiting and unfortunate as coding is an incredible skill for people of all races, creeds, and genders.
Increasingly, technology affects every aspect of our lives, from the cars we drive to food we eat to the clothes we wear and the medicine we take. You can be a consumer, or a creator (or, ideally, both). Everyone should have the chance to have a say in creating the technology of the future.
Making education available matters, if we’re truly serious about creating equal opportunity on our increasingly connected planet. If you have a son, daughter, or grandkids, I encourage you to get them excited about and take part in Hour of Code.
Lets broaden the tech tent by inviting everyone in, and celebrate the Hour of Code. I’d love to go along with them and stretch my mental synapses a bit!
That’s truly impressive. One-hour tutorials are available in over 30 languages. As the organization says, “”No experience needed. Ages 4 to 104.”
Mobile payment platform Charge Anywhere has revealed an exploit in its software that means that five year’s worth of credit card data could be at risk.
The post Charge Anywhere warns of payment data leak appeared first on We Live Security.
Dropbox, Paypal, Gmail… There were many technology giants who suffered security problems of one sort or another in 2014.
Sometimes, even the best antivirus isn’t enough to protect the files you share with others, but we can offer you an antivirus software that includes a password manager which helps you securely access all your Web services while only having to remember one master password.
Below we offer a summary of the most infamous attacks of the year, and take the opportunity to remind you to set strong passwords and use them on all your devices.
In May, eBay took us all by surprise when it asked users of PayPal, its online payment platform, to change their passwords.
The Internet auction site seemingly confirmed that cyber-criminals had accessed, a couple of months earlier, the accounts of some employees.
This, in turn, would have given them access to the company’s internal network, and from there to the database with user names, phone numbers, email addresses and passwords.
They did assure however that neither the bank details nor the credit card data of customers had been compromised.
September witnessed one of the most talked about attacks of 2014: CelebGate.
The leaking of nude images of 2013 Oscar winner, Jennifer Lawrence, as well as of other models and actresses via the 4Chan /b/ forum, was the subject of much debate.
Apple claimed that the accounts of these celebrities “were compromised by a very targeted attack on user names, passwords and security questions”. A practice “that has become all too common on the Internet”.
This way, Apple denied that the hacking of these accounts was the result of a vulnerability in its iCloud or ‘Find my iPhone’ services.
In September, a Russian cyber-security forum published a file with more than five million Gmail account details.
Several experts confirmed that over 60% of the username/password combinations were valid. Google claimed however that the information was outdated, i.e. that the accounts either didn’t exist or were no longer used.
Like Apple, it said there was no evidence that its systems had been compromised.
Also in September, Viator was the victim of a security attack through which cyber-criminals accessed the bank details of its users. Company sources said that the attack took place between September 2 and 3.
It appears that Viator became aware of the hacking thanks to complaints from customers about unauthorized charges on the credit cards used on the service.
As you would expect, and to prevent the theft of more data, Viator asked users to change their account passwords and to keep an eye on any transactions charged against their credit cards.
After the invasion of privacy of Hollywood actresses and models, in October, users of Snapchat had the security of their files compromised.
Snapchat is a mobile app for sending photos and images that are deleted between one and ten seconds after the message is read.
Although Snapchat doesn’t store users’ images, another app, Snapsave, available for Android and iOS, does save them, and this enabled the theft of 200,000 photos.
A user of Pastebin, a meeting point for hackers and IT security specialists, claimed to have obtained the passwords of seven million Dropbox users and, in order to prove this, made some of them public.
On the company’s official blog, Dropbox was quick to announce that it had not been hacked, but that the data had been stolen from other services and consequently used to access its platform.
What does Dropbox advise? Not using the same password for all services and enabling two-step verification.
The post The six most infamous attacks of 2014 appeared first on MediaCenter Panda Security.
