Security Alerts & News
by Tymoteusz A. Góral

History
#2094 Preinstalled malware targeting mobile users
The Check Point Mobile Threat Prevention has recently detected a severe infection in 36 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the users’ use, it arrived with it.

According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using system privileges, meaning they couldn’t be removed by the user and the device had to be re-flashed.
Read more
#2103 New Instagram credential stealers discovered on Google Play
#2102 New macOS Proton RAT available for sale on Russian hacking forum
#2101 Spam campaign targets financial institutions with fake security software
#2100 Detecting and eliminating Chamois, a fraud botnet on Android
#2099 Google launches invisible reCAPTCHA with no user interaction required
#2098 0day exploits rarely discovered by more than one group, study finds
#2097 Dahua, Hikvision IoT devices under siege
#2096 New Linux malware exploits CGI vulnerability
#2095 How online gamers use malware to cheat
#2094 Preinstalled malware targeting mobile users
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12