Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Mobile’ Category




    In an earlier blog post, we mentioned that mobile apps are also affected by the Heartbleed vulnerability. This is because mobile apps may connect to servers affected by the bug. However, it appears that mobile apps themselves could be vulnerable because of a bundled OpenSSL library. OpenSSL Library Present in Android 4.1.1 and Certain Mobile Apps We have information that although the buggy OpenSSL is integrated with the Android system, only the Android 4.1.1 version is affected by Heartbleed vulnerability. For devices with that ...

    Posted in Mobile, Vulnerabilities |



    The severity of the Heartbleed bug has led countless websites and servers scrambling to address the issue. And with good reason—a test conducted on Github showed that more than 600 of the top 10,000 sites (based on Alexa rankings) were vulnerable. At the time of the scanning, some of the affected sites included Yahoo, Flickr, OKCupid, Rolling Stone, and Ars Technica. All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. Mobile ...

    Posted in Mobile, Vulnerabilities |



    Note: The author of the entry has been changed to Chengkai Tao. We've recently discovered a design flaw in Android devices that allows fake apps to hijack legitimate app updates, thus enabling the fake app to steal the information stored by the targeted legitimate app. The flaw lies in a common practice for mobile users in China: using an external storage device (such as an SD card) to store downloaded Android application package (APK) files. China-based users commonly update their apps directly -- ...

    Posted in Malware, Mobile |



    Just six months after mobile malware and high risk apps reached the one million mark, we have learned that that number has now doubled. Figure 1. The number of malicious and high risk apps reaches the 2M mark This milestone comes at the heels of the "tenth anniversary” of mobile malware. 2004 saw the first mobile malware—a proof-of-concept (PoC) malware named SYMBOS_CABIR—which infected Nokia phones. But it wasn’t until during the start of the smartphone era that mobile malware exploded onto the ...

    Posted in Malware, Mobile |



    Recently, other researchers reported that a new Android malware family (detected as ANDROIDOS_KAGECOIN.HBT) had cryptocurrency mining capabilities. Based on our analysis, we have found that this malware is involved in the mining for various digital currencies, including Bitcoin, Litecoin, and Dogecoin. This has real consequences for users: shorter battery life, increased wear and tear, all of which could lead to a shorter device lifespan. The researchers originally found ANDROIDOS_KAGECOIN as repacked copies of popular apps such as Football Manager Handheld and TuneIn Radio. The apps ...



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice