• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   android

GhostClicker Adware is a Phantomlike Android Click Fraud
  • Posted on:August 16, 2017 at 8:52 am
  • Posted in:Mobile, Social
  • Author:
    Mobile Threat Response Team
0

We’ve uncovered a pervasive auto-clicking adware from as much as 340 apps from Google Play, one of which, named “Aladdin’s Adventure’s World”, was downloaded 5 million times. These adware-embedded applications include recreational games, device performance utilities like cleaners and boosters, and file managers, QR and barcode scanners, multimedia recorders and players, device charger, and GPS/navigation-related apps.

While the majority of the said apps have been taken down, 101 were still downloadable as of August 7, 2017. Our detections/sensors saw the prevalence of this adware in Southeast Asian countries as well as Brazil, Japan, Taiwan, Russia, Italy, and the U.S.

Read More
Tags: adwareandroidGhostClicker

Vulnerability in F2FS File System Leads To Memory Corruption on Android, Linux
  • Posted on:August 8, 2017 at 1:12 am
  • Posted in:Mobile, Open source, Vulnerabilities
  • Author:
    Veo Zhang (Mobile Threats Analyst)
0

August’s Android Security Bulletin includes three file system vulnerabilities (CVE-2017-10663, CVE-2017-10662, and CVE-2017-0750 that were discovered by Trend Micro researchers. These vulnerabilities could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and controlled by the malware. A malicious app could be used to trigger this vulnerability, which occurs when a malicious disk using the F2FS (Flash-Friendly File System) is mounted. The disk can either be an actual physical device or a virtual file image.

Read More
Tags: androidF2FSLinux

Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More
  • Posted on:July 17, 2017 at 3:55 am
  • Posted in:Mobile
  • Author:
    Trend Micro
0

The information-stealing RETADUP worm that affected Israeli hospitals is actually just part of an attack that turned out to be bigger than we first thought—at least in terms of impact. It was accompanied by an even more dangerous threat: an Android malware that can take over the device.

Detected by Trend Micro as ANDROIDOS_GHOSTCTRL.OPS / ANDROIDOS_GHOSTCTRL.OPSA, we’ve named this Android backdoor GhostCtrl as it can stealthily control many of the infected device’s functionalities.

There are three versions of GhostCtrl. The first stole information and controlled some of the device’s functionalities without obfuscation, while the second added more device features to hijack. The third iteration combines the best of the earlier versions’ features—and then some. Based on the techniques each employed, we can only expect it to further evolve.

Read More
Tags: androidbackdoorGhostCtrlOmniRAT

July’s Android Security Bulletin Addresses Continuing Mediaserver and Qualcomm Issues
  • Posted on:July 7, 2017 at 4:34 am
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Giannina Escueta (Technical Communications)
0

Google has released their Android security bulletin for July in two security patch level strings: the first dated 2017-07-01 and the succeeding one dated 2017-07-05. As always, Google urges users to update and avoid any potential security issues. Owners of native Android devices should apply the latest over-the-air (OTA) updates, and non-native Android device users…

Read More
Tags: androidMediaserverQualcomm

June’s Android Security Bulletin Address Critical Vulnerabilities in Media Framework and Qualcomm Components
  • Posted on:June 8, 2017 at 1:49 am
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Ronaldo Mangahas (Technical Communications)
0

Google recently released their June security bulletin for Android, which addresses critical vulnerabilities found in Media framework, as well as various critical vulnerabilities that are based on Qualcomm components. As with previous Android security updates, this month’s bulletin is available via over-the-air updates for native Android devices or via service providers and manufacturers for non-native devices.

Read More
Tags: androidQualcomm
Page 1 of 2412 › »

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Business Email Compromise

  • How can a sophisticated email scam cause more than $2.3 billion in damages to businesses around the world?
    See the numbers behind BEC

Latest Ransomware Posts

  • Cerber Ransomware Evolves Again, Now Steals From Bitcoin Wallets
  • New WannaCry-Mimicking SLocker Abuses QQ Services
  • LeakerLocker Mobile Ransomware Threatens to Expose User Information
  • SLocker Mobile Ransomware Starts Mimicking WannaCry
  • Large-Scale Petya Ransomware Attack In Progress, Hits Europe Hard

Ransomware 101

  • This infographic shows how ransomware has evolved, how big the problem has become, and ways to avoid being a ransomware victim.
    Check the infographic

Popular Posts

  • The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard
  • A Look at JS_POWMET, a Completely Fileless Malware
  • CVE-2017-0199: New Malware Abuses PowerPoint Slide Show
  • Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly
  • OnionDog is not a Targeted Attack—It’s a Cyber Drill

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.