[Android Security 2015] New Android vulnerabilities

---

New Android Critical Vulnerabilities

1. CVE-2015-1538 Exploit for Android is Now Available for Testing Purposes

This exploit has several caveats. First, it is not a generic exploit. Zimperium Team only tested it to work on a single device model. Zimperium Team tested this exploit on a Nexus running Android 4.0.4. Also, due to variances in heap layout, this is not a 100% reliable exploit by itself.

Zimperium Team were able achieve 100% reliability when delivered through an attack vector that allowed multiple attempts. Finally, this vulnerability was one of several that was neutered by GCC 5.0’s ‘new[]’ integer overflow mitigation present on Android 5.0 and later. (more…)

In 2013, the number of malware for Android has reached its peak

According to Kaspersky Lab’s analysis report, in 2013, the number of malware for Android has reached its absolute peak.

In late January 2014 in the Google Play experts found 200 thousand unique samples of malicious software for mobile platforms.

For the Android platform, there are over 10 million malicious applications, noted Kaspersky Lab experts, in its latest report. According to them, the end of January 2014 in Google Play and other resources they have found 200 thousand unique samples of malware for mobile platforms, which was masked as normal applications. It is worth noting that in November last year, the figure was less than 34% – 148 thousand samples. (more…)

McAfee 3rd Quarter 2013 Threat Report Released

McAfee Labs today published its quarterly report on the latest threat tendencies – review the details to get a generous portion of statistics and nutty facts.

Traditionally, a ‘cold’ summer period, characterized by a relatively poor cybercriminal activity, is nine times out of ten followed by a fall’s wave of devastation that brings new forms of sophisticated threats. With nearly 20 million of new quarantine zone malware exemplars, the third quarter of 2013 is no exception. Apart from nasty PC menaces, a surge of Andriod malware is also observed with 700k new species approximately and a total of almost 2.8ml.

There are 4 threat tendencies to point out, proving that protection technologies desperately need constant improvements and updates without any reference to the user’s status (enterprise or private individual). (more…)

RAT malware is attacking Android

Market of RAT (Remote Access Tools) programs and a longstanding demand of the hackers who organize both individual and corporate attack. These solutions were at one time used to attack the non-governmental organizations, political parties, or simply to capture data from a Web camera. However, until now smartphone users were out of sight of the authors RAT.

However, now the situation is changing. Antivirus company Symantec reported an increase in market RAT for the operating system Android. So, the new code Androrat is a remote administration tool that gives the attacker complete control over the device based on Android. (more…)

The new Android-malware for blocking mobile devices

New Android-malware

Antivirus companies warned of a new program, the blackmailer, presenting itself as a legitimate Android-app for removing malicious software.

As reported in the anti-virus company Symantec, the new code infects users’ mobile devices and impersonating antivirus. However, unlike in the present anti-virus, this development is contrary introducing malicious code on users’ devices.

In Symantec say that the identified application has been called Fakedefender and the company notes a significant increase in the number of infections in recent days. Many users after installation of pseudo-anti-virus linked to these security companies, saying that their devices were blocked and allowed only after entering the unlock code paid. (more…)

Android-application attacks Windows PCs

Specialists in viruses from Kaspersky Lab discovered and described the unusual malicious applications to Android, which for some time have been published in the official store Play Market.

As it turned out, those applications that fall under the definition of viruses that try to compromise Windows-machine by turning the microphone on your PC without your knowledge.

At some point it had to happen – the wiretapping space around Windows-machine is not uncommon for traditional viruses targeting conventional computers. Feature of the next opening specialists Kaspersky is the first time for the penetration of the PC used is Android-application. This application hosted called DroidCleaner, attacked PC through the infamous autorun, placing a special file on the memory card. When you connect your smartphone or tablet PC this file is read and loaded (if the car was not autorun disabled), the virus penetrates the PC includes a microphone for recording and sending recorded audio files to their authors.

The purpose of creating a hybrid virus listener is not completely clear. Of course, in some situations, such as economic or political espionage, a virus might be useful. In other situations, the virus is too broad fronts. Maybe it’s just checking technology before launching a more sophisticated and targeted attack. (more…)

Android.Exprespam has infected hundreds of thousands of devices

Symantec Corporation announces a new threat Android.Exprespam. Scammers create fake application store for the Android platform in order to obtain personal data.

Experts believe that with the help of this scheme hackers have managed to steal from 75 to 450 thousand records of personal data, and this is just the beginning. Users can protect themselves, without following the suspicious links from unknown senders.

Android.Exprespam malware discovered in early January, and thus it was active only a few weeks, but experts believe that the attackers have managed to achieve some success. Company experts Symantec have data that would indicate how successful the attackers attempt to get users to Android to provide their personal data. Obtained during the investigation, the information, which is the only part of the picture indicates that the fake Android application store, called Android Express’s Play, has collected more than 3,000 visitors from 13 to 20 January. (more…)