News  Android
Nazi Eagle

Malware author arrested in Russia

In 2014, an estimated 350,000 Android devices were infected by a particularly nasty strain of malware known as Svpeng. Recently it was announced the Russians had arrested the 25-year old author and detained 4 of his suspected accomplices. The gang were said to be particularly fond of Nazi war symbols and memorabilia, leading to the "Nazi Zombie" virus infection tag.

This infection is serious because the gang has been esitmated to steal around $1 million to date, with over 90 percent of attacks targetting the US and the UK.

Svpeng adapts its technique

Utilising a worryingly advanced level of sophistication, the malware adapts itself over time. Originally it would pop up a window asking for credit card details when users went to Google Play, which is something every app user does all the time. Then it changed into a form of ransomware which threw up a fake but convicing FBI penalty notice demanding payment.

News  Android

DroppedIn: It's bad because it's in the SDK

A serious weakness in the Dropbox SDK for Android has been uncovered by IBM's X-Force Application Security Research Team. It's not a virus directly, but rather a security hole in the SDK for Dropbox, which is the Software Development Kit other legitimate software developers use to write apps. In other words, this hole is carried through into the apps which make use of it, and that means some big names including Microsoft Office Mobile have been affected.

Dropbox has announced it has already fixed this weakness, but of course this means all the other developers which used the compromised SDK must rebuild their apps using it, upload their fixed versions and urge their users to upgrade to them. They did stress that merely using the vulnerable SDK wasn't sufficient, the developer also had to use its OAuth/Sync functions.

News  General
MWC 2105 Smartphone Virus

Users warned to be more vigilant than ever

At the 2015 annual mobile jamboree, MWC, mobile vendors warned users of the relentless increase in malware, phishing and virus attacks aimed specifically at smartphone and tablet users. Throughout 2014, 99% of all smartphone malware was aimed at the Android platform. This is clearly a huge issue for users since its market share in 2015 is now at 84.5%.

Real financial threats

If you can protect the hardware from damage, do not forget the inside too. Android is more open than iOS, and even if you stick to the Play Store, malware can still infect your device. All is not lost, however, as Samsung has wisely partnered with Intel Security to pre-load its anti-malware solution, McAfee VirusScan Mobile, on its phones.

News  Android

Legitimate banking app rebuilt to infect

Once again Android users are being warned of the dangers from loading apps from untrusted sources, such as the plethora of 3rd party app stores we've seen exploding over the web in the last 12 months. This time a legitimate banking app has been taken from the Play Store, reverse engineered and had code added which in effect, allows it to download and install malware at any point in the future. It's a Trojan for the smartphone itself.

It was spotted by Symantec in December 2014, but recently seems to have reared its ugly head again. To trick users into downloading extra malware, the app shows a popup saying "Google play need to be updated".