News  Apple
AceDeceiver infects Apples App Store

This one infects non-jailbroken iOS devices

For 7 months from July 2015, three apps were lurking in Apples App store which were infected with the AceDeceiver malware. They posed as innocent-looking wallpaper apps which provided the attacker with a fake authorization code to use in their exploits.

A Windows app called "Aisi Helper" claimed to help users with various routine functions such as optimization and backups, in fact was a trojan which went on to infect connected iOS devices. The malware was able to harvest the users Apple IDs and passwords, forwarding them onto their servers.

Once the attackers obtained the fake ID credentials, even though Apple became aware of the problem and removed the original infected Apps fro their App Store, it was too late because the credentials were being used to  install fake apps on iOS devices. This usually needed them to be jailbroken, but as far as the device was concerned the credentials were valid, so non-jailbroken devices are vulnerable.

News  Android
Stagefright is worse than you thought

Back from the dead with a vengance

This sounds just like a cheesy 80's horror flick where the villain "dies" at the end only to return even stronger in yet another sequel. It seems Stagefright, or more accurately the family of malware which exploits a vulnerability in Androids low-level media playback system of the same name, just won't lie down no matter how much you throw at it.

We wrote about this last year when we showed a video of it in action, and also, embarrasingly for Google, again when they screwed up a fix for it. Perhaps their difficulties back then are reflected in this new outbreak.

This variant of the Stagefright attack vector is called "Metaphor" and it is claimed vulnerable devices can be infected when they merely vist a specially crafted web page. As before, it's delivered in the form of a video file which the user doesn't even have to press play to activate since it will begin playing all by itself. Ouch.

News  Android

Spread by simple link in SMS 

Android users are being warned of a new virus, spread by SMS, termed "Mazar".

The message is "You have received a multimedia message from +[country code] [sender number] Follow the link *link here* to view the message.", but the link takes the user to malware which immediately infects the device when clicked.

First spotted in Denmark, there are already 100,000 reported infections. Russian language handsets are deliberately unaffected, which suggests the virus originates in that country. There is no word on how far the virus has spread across the world as of yet.

News  General
Hollywood Hospital Hacked

Malware locked staff out

A nightmare scenario which sounds like it came straight out of the pages of some new Hollywood blockbuster just happened for real, in Hollywood. On Feb 5th a hacker locked staff out of a hospital computer and demanded a ransom before letting them back in.

The hospital was the Hollywood Presbyterian Medical Center, and the staff were locked out via the use of malware which encrypted the data on the infected computers. Only the hacker could release the data by giving the hospital the unique key used to scramble it.

Chief Executive Allen Stefanek said the quickest and most efficient way to restore normal operations was to pay the ransom. The hacker was undoubtedly relying on the fact this was a hospital, and would have to do whatever it took to get back up and running as quickly as possible.