Hack In The Box: Mobile Attackers Are Listening In

 
While most mobile attacks require some level of interaction with the user, Man-in-The-Middle (MiTM) attacks can achieve their goal without the user ever knowing they occurred. This type of attacks allows attackers to eavesdrop, intercept and alter traffic between your device and any other counterpart. There are several ways by which hackers can execute such attacks, the most prominent of which is using a spoofed hotspot. Many attackers establish fake hotspots with names similar to legitimate hotspot names, for example, “Starbucks Coffee” instead of “Starbucks.” Unaware, the user connects to the malicious hotspot. Once the user tries to connect to the server, the hacker uses his ...

FACEBOOK MaliciousChat

 
Check Point disclosed details about a vulnerability found in Facebook Messenger, both in the online and mobile application. Following Check Point’s responsible disclosure, Facebook promptly fixed the vulnerability.   What is this vulnerability? The vulnerability allows a malicious user to change a conversation thread in the Facebook Online Chat & Messenger App. By abusing this vulnerability, it is possible to modify or remove any sent message, photo, file, link, and much more. The vulnerability was fully disclosed to the Facebook Security team earlier this month. Facebook immediately responded, and after a joint effort, the vulnerability was patched. Click here to ...

Zcrypt: The Ransomware Virus Hybrid

 
A recent piece of ransomware has emerged that is causing quite the stir. The reason - it is in fact a virus and can infect users even through USB devices. The technology itself is not new, but when implemented by ransomware the results could be severe. Given this, now is a good time for people that are not running port protection software to disable automatic execution. Using the Check Point SandBlast Agent automatic forensic analysis, we were able to reveal further details about this new strain of ransomware. Zcrypt manages to infect users through USBs by creating autorun.inf and automatically launching a file called “invoice.exe” when the USB key is plugged in. Zcrypt displays ...

In The Wild: Never a Dull Moment with Mobile Malware

 
Mobile malware learns fast. Every time new security measures come along, malware somehow manages to find a way to overcome them. This week we bring you such a story, with further details about Viking Horde, a botnet found by Check Point on Google Play. The malware is capable of bypassing even Android’s latest OS security mechanisms. Meet the Vikings: Part III The Check Point research team uncovered a new Android malware campaign on Google Play it calls Viking Horde. Viking Horde conducts ad fraud, but can also be a launchpad for attacks like DDoS, spam messages, and more. Viking Horde managed to bypass Google Play malware scans masquerading as five different apps so far. The research ...

Hack In The Box: Mobile Malware Goes In For The Kill

 
For attackers, installing a Trojan on your mobile device is the best way to attack it. Mobile malware provides attackers with a full arsenal of capabilities they can use to conduct several types of attacks including surveillance, info-stealing, ransomware, fraud, and much more. Surveillance malware, for instance, can track location, extract call logs, files, and SMS messages, log keyboard activity, take screenshots, and even record video and audio using the device camera and microphone. However, for each of these features, the malware must have the right code. Malware writers do their best to disguise incriminating code segments. Even code for legitimate apps looks like a tangled map ...