Archive for the ‘Android’ Category
Google is expanding its new Android-based two-factor authentication (2fa) to people logging in to Google and Google Cloud services on iPhones and iPads. While Google deserves props for trying to make stronger authentication available to more users, I’ll be avoiding it in favor of 2fa methods Google has had in place for years. I’ll explain why later. First, here’s some background.
Google first announced Android’s built-in security key in April, when it went into beta, and again in May, when it became generally available. The idea is to make devices running Android 7 and up users’ primary 2fa device. When someone enters a valid password into a Google account, the phone displays a message alerting the account owner. Users then tap a "yes" button if the login is legitimate. If it's an unauthorized attempt, the user can block the login from going through.
The system aims to tighten account security in a meaningful way. One of the key causes of account breaches is passwords that are compromised in phishing attacks or other types of data thefts. Google has been a leader when it comes to two-factor protections that by definition require something in addition to a password for someone to gain access to an account.
Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday.
Triada first came to light in 2016 in articles published by Kaspersky here and here, the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered. Once installed, Triada's chief purpose was to install apps that could be used to send spam and display ads. It employed an impressive kit of tools, including rooting exploits that bypassed security protections built into Android and the means to modify the Android OS' all-powerful Zygote process. That meant the malware could directly tamper with every installed app. Triada also connected to no fewer than 17 command and control servers.
In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices, including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. The attackers used the backdoor to surreptitiously download and install modules. Because the backdoor was embedded into one of the OS libraries and located in the system section, it couldn't be deleted using standard methods, the report said.
If the prevalence of abusive Google Play apps has left you numb, this latest report is for you. Carefully concealed adware installed in Google-approved apps with more than 440 million installations was so aggressive that it rendered mobile devices nearly unusable, researchers from mobile security provider Lookout said Tuesday.
BeiTaAd, as the adware is known, is a plugin that Lookout says it found hidden in emojis keyboard TouchPal and 237 other applications, all of which were published by Shanghai, China-based CooTek. Together, the 238 unique apps had a combined 440 million installs. Once installed, the apps initially behaved normally. Then, after a delay of anywhere between 24 hours and 14 days, the obfuscated BeiTaAd plugin would begin delivering what are known as out-of-app ads. These ads appeared on users' lock screens and triggered audio and video at seemingly random times or even when a phone was asleep.
"My wife is having the exact same issue," one person reported in November in this thread discussing BeiTaAd. "This will bring up random ads in the middle of phone calls, when her alarm clock goes off or anytime she uses any other function on her phone. We are unable to find any other information on this. It is extremely annoying and almost [makes] her phone unusable."
"Look, ma, I'm in Minecraft!" Play Minecraft Earth at a real-world scale... [credit: Apple / Mojang ]
Mojang, the Microsoft-owned studio behind Minecraft, used Monday's WWDC keynote to unveil the world's first live gameplay look at its next smartphone-exclusive game, Minecraft Earth. This demo also included the firmest tease yet about when series fans will get their hands on the augmented-reality game: "coming this summer to iOS." This specific tease didn't include any indication of whether that means the game's promised Android version will take longer to land as a public beta.
The onstage demo began with two Mojang employees aiming their iOS devices at a table, where a blocky Minecraft game world appeared that both users could simultaneously interact with. By walking around the table and aiming their devices' cameras, the staffers could use items and weapons, interact with switches, and drop or plant items in their inventories. One staffer also placed her Minecraft-styled avatar into the game world like a doll, which she could then animate by moving her real-world body. iOS's upcoming ARKit 3.0 appears to support body gestures like hand-waving, and we saw one-handed and two-handed waves in this portion of the demo.
This was followed by a world shift from the top of a table to all around the WWDC stage, which resulted in the Mojang reps appearing as real people inside the blocky, virtual Minecraft Earth world—and having their bodies occluded by virtual content (like when one staffer hid behind a freshly planted bundle of flowers). While the players could walk around the real-world space to reach new parts of the virtual world, they largely relied on aiming their phones' views to manipulate distant objects or lay down torches.
Google's official Play Store has been caught hosting malicious apps that targeted Android users with an interest in cryptocurrencies, researchers reported on Thursday.
In all, researchers with security provider ESET recently discovered two fraudulent digital wallets. The first, called Coin Wallet, let users create wallets for a host of different cryptocurrencies. While Coin Wallet purported to generate a unique wallet address for users to deposit coins, the app in fact used a developer-owned wallet for each supported currency, with a total of 13 wallets. Each Coin Wallet user was assigned the same wallet address for a specific currency.
"The app claims it lets users create wallets for various cryptocurrencies," ESET Malware Researcher Lukas Stefanko wrote in a blog post. "However, its actual purpose is to trick users into transferring cryptocurrency into the attackers' wallets—a classic case of what we named wallet address scams in our previous research of cryptocurrency-targeting malware."