Security Alerts & News
by Tymoteusz A. Góral

History
#1092 10 million Android phones infected by all-powerful auto-rooting apps
Security experts have documented a disturbing spike in a particularly virulent family of Android malware, with more than 10 million handsets infected and more than 286,000 of them in the US.

Researchers from security firm Check Point Software said the malware installs more than 50,000 fraudulent apps each day, displays 20 million malicious advertisements, and generates more than $300 million per month in revenue. The success is largely the result of the malware's ability to silently root a large percentage of the phones it infects by exploiting vulnerabilities that remain unfixed in older versions of Android. The Check Point researchers have dubbed the malware family "HummingBad," but researchers from mobile security company Lookout say HummingBad is in fact Shedun, a family of auto-rooting malware that came to light last November and had already infected a large number of devices.

For the past five months, Check Point researchers have quietly observed the China-based advertising company behind HummingBad in several ways, including by infiltrating the command and control servers it uses. The researchers say the malware uses the unusually tight control it gains over infected devices to create windfall profits and steadily increase its numbers. HummingBad does this by silently installing promoted apps on infected phones, defrauding legitimate mobile advertisers, and creating fraudulent statistics inside the official Google Play Store.
Read more
#1093 DLink WiFi camera flaw extends to 120 products
#1092 10 million Android phones infected by all-powerful auto-rooting apps
#1091 CryptXXX ransomware updates ransom note, payment site
#1090 Android KeyStore encryption scheme broken, researchers say
#1089 Symantec: Latest Intelligence for June 2016
#1088 New OSX/Keydnap malware is hungry for credentials
#1087 After hiatus, in-the-wild Mac backdoors are suddenly back
#1086 European Union’s first cybersecurity law gets green light
#1085 Criminals winning 'cyber arms race' - UK National Crime Agency
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12