Android

Trends for 2013: astounding growth of mobile malware

In 2012 the number of unique detections of malware for Android increased globally by a factor of 17X (yes, that is 1,700%), and we expect the increase in 2013 to be even greater. This is one of the main predictions in the white paper we are releasing today: "Trends for 2013: astounding growth of mobile

Free Android USSD vulnerability protection from ESET now on Google Play

If you use an Android phone you may have heard of something called the USSD vulnerability. This allows a nasty piece of malicious software to reset your Android to its factory default settings and permanently delete your data.

The Dynamic Duo for Securing your Android: Common Sense and Security Software

On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,

Dancing Penguins: a case of organized Android pay-per-install

For years, cyber criminals have organized their operations and traded resources through discussion forums and auction sites. One popular item to trade is access to virus infected PCs for cash. These trading schemes are often called pay-per install (PPI) programs. We have recently started an investigation on a new type of pay-per install program, this

SMSmishing Unabated: Best Buy targeted by fake gift card campaign

News of SMS (text) phishing scams are nothing new to readers of this blog.  ESET researcher Cameron Camp recently wrote an article explaining how they work and how to avoid them here on ESET’s Threat Blog: SMSmishing (SMS Text Phishing) – how to spot and avoid scams, And just before Valentine’s Day, my colleague Stephen

QR Codes and NFC Chips: Preview-and-authorize should be default

What do printed QR codes and NFC (Near Field Communication) chips have in common, besides storing instructions that computers can read? They are both hackable and their ability to store and communicate computer instructions is bound to be abused, if not already, then sometime soon. This happens to every new means of communication; QR and

Rogue mobile devices in your enterprise? RSA day one

While our recent post on BYOD focuses on the prevalence and/or risk of inadequately trained staff potentially creating problems for the core IT infrastructure using their own personal devices for work, it seems others here at RSA are concerned with preventing the exact same thing, but from a different angle. I attended one “lighting round”

Windows Phone 8: Security Heaven or Hell?

Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with

Google responds to Android app Market security with stronger scanning measures

In response to recent reports that malicious apps may have made their way into the official Android Market, Google has responded by announcing a new program to more proactively scan the Market and developer accounts for seemingly malicious apps and highlights and/or remove them before users experience trouble. Traditionally, the barriers of entry for developers

CarrierIQ-style data gathering law to require mandatory notification/opt-in?

As legislators grapple with increasingly vocal smartphone owners concerned with privacy, a new Bill before the U.S. House of Representatives aims to require mandatory consumer consent prior to allowing the collection or transfer of data on such devices. You may recall that a company called CarrierIQ recently became the center of attention after a user

Android – meet NSA/SELinux lockdown

National Security Agency’s (NSA) SE Linux team, citing critical gaps in the security of Android , is building a Security Enhanced (SE) version of the publicly available source code for the Android project. This is a variant of the SE Linux project co-developed by NSA and RedHat, which gives (among other things) a more granular

2012 Malware and Cybercrime Predictions: The video version

Exactly how people will abuse digital technology for their own ends is difficult to predict, but organizations must plan ahead to protect data and systems. That's why we have been posting our "best guess" cybersecurity predictions on the Threat Blog this month. Today we present 9 of the most important predictions in the form of

2012 Predictions: More mobile malware and localized attacks

I want share with you what ESET Latin America’s Research team thinks will be the main trends in malware and cybercrime in 2012. In our office it is usual to produce an analysis of emerging trends in a year-end report and so, in keeping with recent postings by my ESET colleagues, I present a summary

Carrier IQ detection: check your source before you install

Android-specific software that checks for Carrier IQ could create an unanticipated problem.

CarrierIQ, keylogging and mobile payment systems

Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. We certainly had no trouble finding the CarrierIQ software on an HTC phone, where it possessed

Android vulnerability patch time lag causes malware opportunity

One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,

Android financial transactions on the rise – watch for malware

Awhile back we mused that the rapid rise in Android malware would hit its stride near the intersection of widespread mobile financial transaction use, and the continuing steep rise in adoption of the platform. Now we see AT&T, T-Mobile and Verizon entering a joint venture to back a payment service for, guess what: Mobile financial

Android malware: rapidly on the rise

I have an Android in my pocket as I type, with all kinds of cool apps ranging from GPS navigation to acoustic guitar tuner (really cool) – and apparently I’m not alone. Users are scooping up the latest batch of Android smartphones in record numbers, and what better target can malware authors ask for? Well,

Android apps: slow data leak?

With the proliferation of the data we hold on our mobile devices, it’s no wonder Neil Daswani, CTO of Dasient, says around 8% of the apps they tested have been leaking data. In a similar vein, he states, “The number of malware samples on mobile devices has doubled in the past two years.” Google tends

1 in 20 mobile devices infected next year?

The mobile devices of late have more compute power than the full desktop PC of yesteryear, and they fit it your pocket, great news for folks “on the go.” And since you’re so multi-tasked anyway, why not load it up with things to make your life easier, after all, it’s really a phone with a

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
11 Dec 2012
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.