Fake Android Apps Ran Adware Campaign For Months

 

Researchers caught a sneaky adware campaign targeting Android users for months. This campaign used several fake Android apps mimicking different utilities like pdf readers, weather apps, VPNs, game cracks, streaming services such as Netflix and YouTube, etc.

Fake Android Apps Deployed Adware

According to a recent report from Bitdefender, they detected 60,000 fake Android apps stealthily running adware campaign since (at least) October 2022.

The researchers caught the malware following the alerts from the anomaly detection technology in the Bitdefender Mobile Security.

Briefly, unlike most adware campaigns exhibiting intrusive behavior, this campaign spread organically. The malicious apps would appear to a target user upon searching for certain apps, such as mod games, free VPNs, etc. Then, owing to their apparent legitimacy, the app ads would lure users into downloading the malicious app.

After reaching the device, the malware relies on the default strategy for Android app installation, requiring user input. Then, once the user taps the “Open” button to launch the newly installed app, the malware executes in the background.

However, on the screen, an error message appears to trick the user into believing that the app failed to install. Yet, the lack of an app icon makes it difficult for the victim to uninstall it.

Upon gaining persistence on the device, the malware remains dormant for some time. Then, after receiving the relevant commands from its servers, the malware starts displaying ads on the device when the user unlocks the phone.

Bitdefender caught this campaign because the malware used the device’s browser to show the malicious ad, which their Mobile Security tool efficiently detected. Similarly, the malware also displays full-screen web view of ads.

The researchers have shared the following demonstration of the malware in action.

As always, to repel such threats, users must avoid interacting with apps or links from unknown sources. Likewise, equipping their devices with robust antimalware solutions is the key to preventing most malware attacks.

Let us know your thoughts in the comments.

Microsoft Adding Artificial-Intelligence Based Advanced Antivirus to Windows 10

Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release.

With the launch of its Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017, Microsoft is planning to release lots of security features in an effort to prevent major global malware crisis.

Just a few days ago, we reported about Microsoft's plan to build its EMET or Enhanced Mitigation Experience Toolkit into the kernel of the upcoming Windows 10 to boost the security of your computer against complex threats such as zero-day vulnerabilities.

Also, the tech giant has planned to remove the SMBv1 (Server Message Block version 1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — from the upcoming Windows 10 (1709) Redstone 3 Update.

Now, Microsoft is turning to artificial intelligence (AI) to create next generation of antivirus software.

Microsoft has revealed that its Windows Defender Advanced Threat Protection (ATP), a Windows 10 enterprise service that flags early signs of infection, will soon be augmented with AI-driven malware analysis.

"The stack will be powered by our cloud-based security intelligence, which moves us from a world of isolated defenses to a smart, interconnected, and coordinated defense grid that is more intelligent, simple to manage, and ever-evolving,"

 In the Fall Creators Update for Windows 10, Microsoft will use a broad range of data from Redmond's cloud services, including Azure, Endpoint, and Office, to create an AI-driven antivirus that can pick up on malware behavior and protect other PCs running the operating system.

So, when a new file is discovered by Microsoft's anti-malware cloud service and determined to be malware, its signature will be created, and the AI system will then look for similar malware on other Windows PCs that have network connectivity.

It means this new AI-driven anti-malware system will eliminate the need for users and sysadmins to configure clients and servers to install local patches of antivirus signatures, stopping attacks as they happen and before they have an impact.

Microsoft told CNET that its upcoming update would rely on machine learning from more than 400 Million PCs running Windows 10 to prevent the next global malware crisis like WannaCry and Petya Ransomware attacks.

According to Rob Lefferts, Windows Enterprise, and Security Director, 96 percent of cyber-attacks involve new and zero-day malware, which takes the company hours to create signatures.

But the new AI system will significantly speed up that process by looking for instances of odd behavior within apps to detect an attack.

"If Word were to start allocating memory in big chunks when it never does, we would be able to detect that," Lefferts said. "We built the machine learning models around common applications like Word."

Besides this new upgrade, Windows Defender Advanced Threat Protection also includes some new features like browser-focused Application Guard and cloud-related Device Guard and Exploit Guard.

Cyber Attack and Prevention Tips

A cyberattack is deliberate exploitation of computer systems, technology-dependent enterprises and networks. Cyberattacks use malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft.

Cyberattack is also known as a computer network attack (CNA).

Cyberattacks may include the following consequences:

• Identity theft, fraud, extortion
• Malware, pharming, phishing, spamming, spoofing, spyware, Trojans and viruses
• Stolen hardware, such as laptops or mobile devices
• Denial-of-service and distributed denial-of-service attacks
• Breach of access
• Password sniffing
• System infiltration
• Website defacement
• Private and public Web browser exploits
• Instant messaging abuse
• Intellectual property (IP) theft or unauthorized access

The Institute for Security Technology Studies at Dartmouth University researches and investigates cyberattack issues facing law enforcement investigations and focuses on the continuous development of IP tracing, data analysis, real-time interception and national data sharing.

Keep your computer current with the latest patches and updates.

One of the best ways to keep attackers away from your computer is to apply patches and other software fixes when they become available. By regularly updating your computer, you block attackers from being able to take advantage of software flaws (vulnerabilities) that they could otherwise use to break into your system. 

While keeping your computer up-to-date will not protect you from all attacks, it makes it much more difficult for hackers to gain access to your system, blocks many basic and automated attacks completely, and might be enough to discourage a less-determined attacker to look for a more vulnerable computer elsewhere. 

More recent versions of Microsoft Windows and other popular software can be configured to download and apply updates automatically so that you do not have to remember to check for the latest software. Taking advantage of "auto-update" features in your software is a great start toward keeping yourself safe online. 

Make sure your computer is configured securely.

Keep in mind that a newly purchased computer may not have the right level of security for you. When you are installing your computer at home, pay attention not just to making your new system function, but also focus on making it work securely. 

Configuring popular Internet applications such as your Web browser and email software is one of the most important areas to focus on. For example, settings in your Web browser such as Internet Explorer or Firefox will determine what happens when you visit Web sites on the Internet—the strongest security settings will give you the most control over what happens online but may also frustrate some people with a large number of questions ("This may not be safe, are you sure you want do this?") or the inability to do what they want to do. 

Choosing the right level of security and privacy depends on the individual using the computer. Oftentimes security and privacy settings can be properly configured without any sort of special expertise by simply using the "Help" feature of your software or reading the vendor's Web site. If you are uncomfortable configuring it yourself consult someone you know and trust for assistance or contact the vendor directly. 

Choose strong passwords and keep them safe.

Passwords are a fact of life on the Internet today—we use them for everything from ordering flowers and online banking to logging into our favorite airline Web site to see how many miles we have accumulated. The following tips can help make your online experiences secure: 

• Selecting a password that cannot be easily guessed is the first step toward keeping passwords secure and away from the wrong hands. Strong passwords have eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?). Avoid using any of the following as your password: your login name, anything based on your personal information such as your last name, and words that can be found in the dictionary. Try to select especially strong, unique passwords for protecting activities like online banking.
• Keep your passwords in a safe place and try not to use the same password for every service you use online.
• Change passwords on a regular basis, at least every 90 days. This can limit the damage caused by someone who has already gained access to your account. If you notice something suspicious with one of your online accounts, one of the first steps you can take is to change your password.

Protect your computer with security software.

Several types of security software are necessary for basic online security. Security software essentials include firewall and antivirus programs. A firewall is usually your computer's first line of defense-it controls who and what can communicate with your computer online. You could think of a firewall as a sort of "policeman" that watches all the data attempting to flow in and out of your computer on the Internet, allowing communications that it knows are safe and blocking "bad" traffic such as attacks from ever reaching your computer. 

The next line of defense many times is your antivirus software, which monitors all online activities such as email messages and Web browsing and protects an individual from viruses, worms, Trojan horse and other types malicious programs. More recent versions of antivirus programs, such as Norton AntiVirus, also protect from spyware and potentially unwanted programs such as adware. Having security software that gives you control over software you may not want and protects you from online threats is essential to staying safe on the Internet. Your antivirus and antispyware software should be configured to update itself, and it should do so every time you connect to the Internet. 

Integrated security suites such as  Internet Security Antivirus combine firewall, antivirus, antispyware with other features such as antispam and parental controls have become popular as they offer all the security software needed for online protection in a single package. Many people find using a security suite an attractive alternative to installing and configuring several different types of security software as well as keeping them all up-to-date. 

Protect your personal information.

Exercise caution when sharing personal information such as your name, home address, phone number, and email address online. To take advantage of many online services, you will inevitably have to provide personal information in order to handle billing and shipping of purchased goods. Since not divulging any personal information is rarely possible, the following list contains some advice for how to share personal information safely online: 

• Keep an eye out for phony email messages. Things that indicate a message may be fraudulent are misspellings, poor grammar, odd phrasings, Web site addresses with strange extensions, Web site addresses that are entirely numbers where there are normally words, and anything else out of the ordinary. Additionally, phishing messages will often tell you that you have to act quickly to keep your account open, update your security, or urge you to provide information immediately or else something bad will happen. Don't take the bait.
• Don't respond to email messages that ask for personal information. Legitimate companies will not use email messages to ask for your personal information. When in doubt, contact the company by phone or by typing in the company Web address into your Web browser. Don't click on the links in these messages as they make take you to a fraudulent, malicious Web sites.
• Steer clear of fraudulent Web sites used to steal personal information. When visiting a Web site, type the address (URL) directly into the Web browser rather than following a link within an email or instant message. Fraudsters often forge these links to make them look convincing. A shopping, banking or any other Web site where sensitive information should have an "S" after the letters "http" (i.e. https://www.yourbank.com not http://www.yourbank.com)/. The "s" stands for secure and should appear when you are in an area requesting you to login or provide other sensitive data. Another sign that you have a secure connection is the small lock icon in the bottom of your web browser (usually the right-hand corner).
• Pay attention to privacy policies on Web sites and in software. It is important to understand how an organization might collect and use your personal information before you share it with them.
• Guard your email address. Spammers and phishers sometimes send millions of messages to email addresses that may or may not exist in hopes of finding a potential victim. Responding to these messages or even downloading images ensures you will be added to their lists for more of the same messages in the future. Also be careful when posting your email address online in newsgroups, blogs or online communities.

Online offers that look too good to be true usually are.

The old saying "there's no such thing as a free lunch" still rings true today. Supposedly "free" software such as screen savers or smileys, secret investment tricks sure to make you untold fortunes, and contests that you've surprisingly won without entering are the enticing hooks used by companies to grab your attention. 

While you may not directly pay for the software or service with money, the free software or service you asked for may have been bundled with advertising software ("adware") that tracks your behavior and displays unwanted advertisements. You may have to divulge personal information or purchase something else in order to claim your supposed content winnings. If an offer looks so good it's hard to believe, ask for someone else's opinion, read the fine print, or even better, simply ignore it. 

Review bank and credit card statements regularly.

The impact of identity theft and online crimes can be greatly reduced if you can catch it shortly after your data is stolen or when the first use of your information is attempted. One of the easiest ways to get the tip-off that something has gone wrong is by reviewing the monthly statements provided by your bank and credit card companies for anything out of the ordinary. 

Additionally, many banks and services use fraud prevention systems that call out unusual purchasing behavior (i.e. if you live in Texas and all of the sudden start buying refrigerators in Budapest). In order to confirm these out of the ordinary purchases, they might call you and ask you to confirm them. Don't take these calls lightly-this is your hint that something bad may have happened and you should consider pursuing some of the activities mentioned in the area covering how to respond if you have become a victim. 

10 Tips on How to Prevent Malware & Virus From Infecting Your Computer—and Your Livelihood

Most of us have had to deal with a computer virus or some sort of malware by now. It wasn’t fun; it was annoying, time consuming, and very frustrating.

When our computers start slowing down or behaving in an unusual way, we are often quick to suspect that we have a virus. It might not be a virus, but it is likely that you have some sort of malware. Some are malicious, and others are just annoying. The worst culprits are the hijackers—malware programs that take over your browser, or worse yet, your computer. I have had to remove these types of evil programs from personal computers and work computers in the past, and I’m sure you have, too. Here are 10 tips on how to prevent malware from infecting your computer, keeping your hardware safe.

1. Install Anti-Virus/Malware Software. This tip may go without saying, and I almost just casually mentioned it in my opening paragraph. However, I have seen many computers—especially home computers—that don’t have anti-virus/malware protection. This protection is a must-have first step in keeping you computer virus free.

2. Keep Your Anti-Virus Software Up to Date. Having protection software is the first step; maintaining it is the second. Free anti-virus software is better than nothing, but keep in mind that it’s not the best solution. Microsoft does provide a security package for “free.” It’s free in that if you have Windows on your machine, you are granted access, but you did pay for your Windows license. Many users aren’t aware of this program, but it’s actually decent protection.

3. Run Regularly Scheduled Scans with Your Anti-Virus Software. This too may seem like a no-brainer, but many of us forget to do this. Set up your software of choice to run at regular intervals. Once a week is preferred, but do not wait much longer between scans. It’s difficult to work on your computer while your anti-virus software is running. One solution is to run the software at night when you aren’t using your computer. However, we often turn off our computers at night, and so the scan never runs. Set your anti-virus software to run on a specific night, and always leave your computer running on that day. Make sure it doesn’t shut off automatically or go into hibernation mode.

4. Keep Your Operating System Current. Whether you are running Windows, Mac OS X, Linux, or any other OS, keep it up to date. OS developers are always issuing security patches that fix and plug security leaks. These patches will help to keep your system secure. Similarly, keep your anti-virus software up to date. Viruses and malware are created all the time. Your scanning software is only as good as its database. It too must be as up to date as possible.

5. Secure Your Network. Many of our computers connect to our files, printers, or the Internet via a Wi-Fi connection. Make sure it requires a password to access it and that the password is strong. Never broadcast an open Wi-Fi connection. Use WPA or WPA2 encryption. WEP is no longer strong enough as it can be bypassed in minutes by experts. It’s also a great idea to not broadcast your SSID (the name of your Wi-Fi network). You can still access it with your device, you will just have to manually type in the SSID and the password. If you frequently have guests who use your Internet, provide a guest SSID that uses a different password, just in case your friends are evil hackers.

6. Think Before You Click. Avoid websites that provide pirated material. Do not open an email attachment from somebody or a company that you do not know. Do not click on a link in an unsolicited email. Always hover over a link (especially one with a URL shortener) before you click to see where the link is really taking you. If you have to download a file from the Internet, an email, an FTP site, a file-sharing service, etc., scan it before you run it. A good anti-virus software will do that automatically, but make sure it is being done.

7. Keep Your Personal Information Safe. This is likely the most difficult thing to do on the Internet. Many hackers will access your files not by brute force, but through social engineering. They will get enough of your information to gain access to your online accounts and will glean more of your personal data. They will continue from account to account until they have enough of your info that they can access your banking data or just steal your identity altogether. Be cautious on message boards and social media. Lock down all of your privacy settings, and avoid using your real name or identity on discussion boards.

8. Don’t Use Open Wi-Fi. When you are at the local coffee shop, library, and especially the airport, don’t use the “free” open (non-password, non-encrypted) Wi-Fi. Think about it. If you can access it with no issues, what can a trained malicious individual do?

9. Back Up Your Files. The best thing you can do is back up your files—all of them. Ideally you will have your files (your data) in at least three places: the place where you work on them, on a separate storage device, and off-site. Keep your files on your computer, back them up to an external hard drive, then back them up in a different location. You can use a backup service or simply get two external hard drives and keep one at work, at a friend’s house, at a family member’s house, or in a safe deposit box.

10. Use Multiple Strong Passwords. Never use the same password, especially on your bank account. Typically, we use the same email address or username for all of our accounts. Those are easy to see and steal. If you use the same password for everything, or on many things, and it is discovered, then it takes only seconds to hack your account. Use a strong password. Use lower case, upper case, numbers, and symbols in your password. Keep it easy to remember but difficult to guess. Do not use dates or pet names.

What are the steps you take to protect your computer and data? Please share your ideas below in the comments section.