Although the Hacking Team leak took place several months ago, the impact of this data breach—where exploit codes were made public and spurred a chain of attacks—can still be felt until today. We recently spotted malicious Android apps that appear to use an exploit found in the Hacking Team data dumps. The apps, found in certain websites, could allow remote attackers to gain root privilege when successfully exploited. Mobile devices running on Android version 4.4 (KitKat) and below, which account for nearly 57% of total Android devices, are susceptible to attacks that may abuse this flaw.Read More
Mobile Threats Analyst
On March 18, Google published a security advisory for a critical vulnerability CVE-2015-1805 that applied to rooting apps. This bug allows malicious apps to gain “root” access to all Android phones below kernel version 3.18. This can greatly affect devices that no longer receive patches, or those with long rollout time. Initially, this flaw has been tagged as ‘medium’ in terms of severity. However, a zero-day exploit was found out that showed the vulnerability could still be exploited successfully, compromising the security of the device. As such, the level of severity was changed to ‘critical.’Read More
A total of 6.1 million devices – smart phones, routers, smart TVs – are currently at risk to remote code execution attacks due to vulnerabilities that have been fixed since 2012.
The vulnerability exists in the Portable SDK for UPnP™ Devices, also called libupnp. This particular library is used to implement media playback (DLNA) or NAT traversal (UPnP IGD). Apps on a smartphone can use these features to play media files or connect to other devices within a user’s home network.Read More
Sex sells, and nowhere is that more true than the Chinese mobile landscape. Porn-themed malware has been hitting Android users in China, Japan, and Taiwan in recent weeks.
These malicious apps are distributed via SEO-optimized fake websites, with keywords targeting hot scandals and affairs used. These sites pretend to be porn video websites, and all lead to various malicious apps being downloaded.Read More
Following news that iOS devices are at risk of spyware related to the Hacking Team, the saga continues into the Android sphere. We found that among the leaked files is the code for Hacking Team’s open-source malware suite RCSAndroid (Remote Control System Android), which was sold by the company as a tool for monitoring targets….Read More