Home Tags Malicious Code

Tag: Malicious Code

Ztorg: from rooting to SMS

Irsquo;ve been monitoring Google Play Store for new Ztorg Trojans since September 2016, and have so far found several dozen new malicious apps.

All of them were rooting malware that used exploits to gain root rights on the infected device.
In May 2017, a new Ztorg variant appeared on the Google Play Store – only this this time it wasnrsquo;t a rooting malware but a Trojan-SMS.

12-year-old security hole in Unix-based OSes isn’t plugged after all

“Stack Clashrdquo; poses threat to Linux, FreeBSD, OpenBSD, and other OSes.

Fileless malware attack against US restaurants went undetected by most AV

Ongoing campaign shows more hackers are adopting sneaky attack technique.

Mac ransomware author is giving away malicious code to script kiddies

Ringleader passes 30 per cent of earnings to their stooges Security researchers have discovered a ransomware variant that targets Macs rather than Windows PCs.…

VU#251927: CalAmp LMU-3030 devices may not authenticate SMS interface

OBD-II devices are used to provide telematics information for managers of fleets of vehicles. One type of device,manufactured by CalAmp,has an SMS(text message)interface. We have found multiple deployments where no password was configured for this interface by the integrator/reseller.

Companies using the CalAmp hardware should be aware that they need to set a password or disable SMS.
Vendors were notified and the SMS interface was disabled or password-protected by all vendors known to be affected.

Google Removes Rooting Trojan Dvmap From Play Store

Google removed a rooting an Android Trojan called Dvmap from Google Play that injects malicious code into an infected devicersquo;s system library.

Dvmap: the first Android malware with code injection

In April 2017 we started observing new rooting malware being distributed through the Google Play Store. Unlike other rooting malware, this Trojan not only installs its modules into the system, it also injects malicious code into the system runtime libraries.

A wormable code-execution bug has lurked in Samba for 7 years....

Comparisons to the Windows flaw WCry exploited are exaggerated, but only a little.

Ztorg: money for infecting your smartphone

This research started when we discovered an infected Pokeacute;mon GO guide in Google Play. We detected the malware as Trojan.AndroidOS.Ztorg.ad.

After some searching, I found some other similar infected apps that were being distributed from the Google Play Store.

After I started tracking these infected apps, two things struck me – how rapidly they became popular and the comments in the user review sections.

False Positives: Why Vendors Should Lower Their Rates and How We...

In pursuit of a high cyberthreat detection rate, the some developers of cybersecurity solutions neglect the subject matter of false positives, and unfairly so. Regretfully, only then does the idea dawn on these developers that high-quality protection from cyberthreats involves not only prevention but also a low false-positive rate.

Cisco kills leaked CIA 0-day that let attackers commandeer 318 switch...

Fix neutralizes attack code that was put into the wild in early March.