Security Alerts & News
by Tymoteusz A. Góral

History
#1453 Gugi: from an SMS trojan to a mobile-banking trojan
The mobile-banking Trojan family, Trojan-Banker.AndroidOS.Gugi is interesting due to its use of the WebSocket protocol to interact with its command-and-control servers. This protocol combines the advantages of HTTP with those of commonly used sockets: there is no need to open extra ports on a device, as all the communication goes through standard port 80. At the same time, real-time data exchange is possible.

It is worth noting that even though this technology is user-friendly, it is not that popular among attackers. Among all the mobile Trojans that utilize WebSocket technology, more than 90% are related to the Gugi family.
Read more
#1456 Secret Service warns of ‘Periscope’ skimmers
#1455 Adblock Plus finds the end-game of its business model: Selling ads
#1454 Generic OSX malware detection method explained
#1453 Gugi: from an SMS trojan to a mobile-banking trojan
#1452 How a third-party App Store abuses Apple’s developer enterprise program to serve adware
#1451 Hands-on: Blue Hydra can expose the all-too-unhidden world of Bluetooth
#1450 Allow web domain changeover: US tech firms
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12