Android's open-source operating system allows for more affordable alternatives for millions of people, but it also opens the door for hackers to sneak in prepackaged malware.
Preinstalled malware had been discovered on more than 7.4 million Android devices, which had the ability to take over devices and download apps in the background while committing ad fraud, researchers working for Google found.
While major Android partners like Samsung or LG, as well as Google's own Pixel devices, are likely safe from these kinds of threats, budget phone makers who rely on third-party software to save a few bucks could be vulnerable.
Many of the preinstalled harmful apps pop up after a malicious actor tricks phone makers into including their software on their devices.
Android's security team discovered two major malware campaigns hidden in preinstalled apps over the last three years, one called Chamois and the other called Triada.
They affected millions of devices and turned off Google Play Protect, spied on people's web activity and allowed potential hackers to run code remotely, Stone said.
Probably the world’s most exclusive iPhone
Ivan Krstić, Apple’s head of security engineering provided big insights into Apple’s platform security during his presentation at Black Hat U.S. 2019.
The pre-jailbroken device lacks some of the layers of security Apple wraps around iPhones, so it is much easier for researchers to explore these systems for security weaknesses.
[ Take this mobile device management course from PluralSight and learn how to secure devices in your company without degrading the user experience. ]
Similar devices are widely used in Apple’s factories for testing and quality control, which has spawned a black market in them among security researchers, governments and others -- they are often spirited out of factories for sale.
The idea is that by opening up the platform a little, security pros will find it worthwhile to probe it for vulnerabilities and the black market in such devices will erode.
Elaborate zero-day browser break-out betrayed by unusual behavior
Coinbase chief information security officer Philip Martin this week published an incident report covering the recent attack on the cryptocurrency exchange, revealing a phishing campaign of surprising sophistication.
At some point prior to that, the attackers – a group known to Coinbase as CRYPTO-3 or sometimes HYDSEVEN – compromised or created two email accounts at Cambridge.
Two days before the initial emails went out, they registered a domain to deliver their exploit, Martin said.
After corresponding with the initial set of targets – about 200 – through a series of messages over several weeks, the hackers winnowed their list of prospective victims down to five specific marks.
"Stage one of this attack first identified the operating system and browser, and displayed a convincing error to macOS users who were not currently using Firefox, instructing them to install the latest version from Mozilla," Martin wrote.
Android's open-source operating system allows for more affordable alternatives for millions of people, but it also opens the door for hackers to sneak in prepackaged malware.
Preinstalled malware had been discovered on more than 7.4 million Android devices, which had the ability to take over devices and download apps in the background while committing ad fraud, researchers working for Google found.
While major Android partners like Samsung or LG, as well as Google's own Pixel devices, are likely safe from these kinds of threats, budget phone makers who rely on third-party software to save a few bucks could be vulnerable.
Many of the preinstalled harmful apps pop up after a malicious actor tricks phone makers into including their software on their devices.
Android's security team discovered two major malware campaigns hidden in preinstalled apps over the last three years, one called Chamois and the other called Triada.
They affected millions of devices and turned off Google Play Protect, spied on people's web activity and allowed potential hackers to run code remotely, Stone said.
Probably the world’s most exclusive iPhone
Ivan Krstić, Apple’s head of security engineering provided big insights into Apple’s platform security during his presentation at Black Hat U.S. 2019.
The pre-jailbroken device lacks some of the layers of security Apple wraps around iPhones, so it is much easier for researchers to explore these systems for security weaknesses.
[ Take this mobile device management course from PluralSight and learn how to secure devices in your company without degrading the user experience. ]
Similar devices are widely used in Apple’s factories for testing and quality control, which has spawned a black market in them among security researchers, governments and others -- they are often spirited out of factories for sale.
The idea is that by opening up the platform a little, security pros will find it worthwhile to probe it for vulnerabilities and the black market in such devices will erode.
Elaborate zero-day browser break-out betrayed by unusual behavior
Coinbase chief information security officer Philip Martin this week published an incident report covering the recent attack on the cryptocurrency exchange, revealing a phishing campaign of surprising sophistication.
At some point prior to that, the attackers – a group known to Coinbase as CRYPTO-3 or sometimes HYDSEVEN – compromised or created two email accounts at Cambridge.
Two days before the initial emails went out, they registered a domain to deliver their exploit, Martin said.
After corresponding with the initial set of targets – about 200 – through a series of messages over several weeks, the hackers winnowed their list of prospective victims down to five specific marks.
"Stage one of this attack first identified the operating system and browser, and displayed a convincing error to macOS users who were not currently using Firefox, instructing them to install the latest version from Mozilla," Martin wrote.