New Android Malware Intercepts Incoming Text Messages, Silently Forwards Them on to Criminals

image

A new piece of Android malware has been discovered that can intercept your incoming text messages and forward them on to criminals. Once installed, the trojan can be used to steal sensitive messages for blackmailing purposes or more directly, codes which are used to confirm online banking transactions.

The malware in question, detected as “Android.Pincer.2.origin” by Russian security firm Doctor Web, is the second iteration of the Android.Pincer family according to the company. Both threats spread as security certificates, meaning they must be deliberately installed onto an Android device by a careless user.

Upon launching Android.Pincer.2.origin, the user will see a fake notification about the certificate’s successful installation but after that, the trojan will not perform any noticeable activities for a while. Here are a few screenshots:

image

The malware is loaded at startup via CheckCommandServices, a service that runs silently in the background (right-most screenshot above). It will then connect to a remote server and send over the following information about the mobile device to those behind the attack: handset model, device’s serial number, IMEI, carrier, cell phone number, default system language, operating system, and availability of the root account.

The threat then awaits instructions that contain commands in the following format: command:[command]. Doctor Web has found criminals can send the following instructions to the trojan:

• start_sms_forwarding [telephone number]— begin intercepting communications from a specified number

• stop_sms_forwarding — stop intercepting messages

• send_sms [phone number and text] — send a short message using the specified parameters

• simple_execute_ussd — send a USSD message

• stop_program—stop working

• show_message—display a message on the screen of the mobile device

• set_urls – change the address of the control server

• ping – send an SMS containing the text ‘pong’ to a previously specified number

• set_sms_number—change the number to which messages containing the text string ‘pong’ are sent.

The first one allows attackers to indicate the number from which the trojan should intercept messages, meaning this can be used for targeted attacks to steal specific messages. The third one from the bottom shows the criminals have planned for changing servers in case they believe the current one will be shut down.

Although Doctor Web doesn’t say so, the good news here is that Pincer2 is not likely to be very prevalent. It has not been found on Google Play, where most Android users should be getting their apps, and appears to be meant for precise attacks, as opposed to being aimed at as many users as possible.

In short, this malware threat isn’t one that you will likely be hit with, but it is an interesting example of how Android malware is evolving. Our advice is the same as always: only install apps that you know are safe.

Source: TNW

Advertisements

QNX Commercial Showing Off BlackBerry 10

Awesome commercial from QNX showing how powerful the BlackBerry 10 software is. Great commercial and I would love to see this one playing on TV, it would definitely help get the word out more about BlackBerry 10. 

Benghazi Talking Points Timeline

Clearly there is not much more to be assumed besides there is a major cover up in the Benghazi tragedy. Just look at the altered talking points in the PDF below, they clearly show such a starch contrast to the original assessment. Make sure to read the entire list through and see the changes that have been made, demand answers! Who changed these talking points? Who was behind this blatant misinformation that was given to the American people? Please take the time to look through these released talking point alterations and try convincing yourself this has nothing to do with the fact that this was during a vital election and this clearly rules out the Obama Administration’s claims about The terrorists that are supposedly on their heels running scared.

PDF

Spotify DRM Hole Exploited by MP3-Ripping Chrome Extension

image

A Chrome browser extension that lets anyone rip music from Spotify at the click of a mouse has exposed a flaw in the security of Spotify’s library.

Spotted by Dutch site Tweakers, Downloadify takes advantage of an apparent oversight in Spotify’s music library. When using Spotify’s web player, Downloadify lets users with a paid subscription click on any song and rip it as a DRM-free MP3 to their computer.

The normal Spotify application encrypts the music that it streams, so it looks like this comes down to an oversight of some kind on Spotify’s part. When contacted for comment, Spotify told Wired.co.uk: “We are aware of the issue and are currently working on a fix.” (The exploit was patched after this article was published on Wired UK.)

Meanwhile, Google has taken the plugin down from the Chrome Web Store only a day after its May 7 launch, but, as The Verge has noted, it’s still readily available to download from Github as of the time of writing.

Several sites do exist purely to point out that you can “rip” music from Spotify quite easily by just recording from the audio out jack (or a tape deck held up to the speakers, if you want to do it old school), but any user that does anything to make “copying, reproducing, ‘ripping,’ recording” is explicitly forbidden by Spotify’s Terms and Conditions.

Via: Ars Technica

SoftBank: Our Sprint Bid is Better For This Reason – TD-LTE

image

Softbank CEO Masayoshi Son says his company’s $20.1 billion acquisition offer is best for Sprint, even though Dish Nework’s bid is higher.

Speaking Tuesday at an event in Tokyo, Son told reporters the LTE network efficiencies that his company can bring to Sprint would dramatically improve the value of Sprint’s network to customers. And that’s all because of an LTE variant that Softbank already uses, called TD-LTE.

Softbank has been using TD-LTE for quite some time, and as Son points out, it’s doing so in Japan “on a large scale.”

TD (Time Division)-LTE presents one main advantage over the traditional, Frequency-Division Duplexing (FDD) technology it competes with: flexibility. With TD-LTE, a single spectrum block is used and carriers can decide how frequencies can be used within it. Similar to home broadband, TD-LTE allows carriers to dedicate little frequency to simple things, like sending e-mails, and more to bandwidth-intensive tasks like downloading applications or large files. The result is a more efficient system than what’s currently available in the U.S.

Clearwire, the company that Sprint is trying to acquire, uses the TD-LTE spectrum. In his remarks to reporters on Tuesday, Son said that his company’s expertise, coupled with the Clearwire buy, should dramatically improve Sprint’s LTE efforts and give it a superior offering in the U.S. market. In other words, Softbank would be a better partner.

Son’s comments come just a few days after he said that Dish Nework’s unsolicited bid to acquire Sprint for $25.5 billion is “ridiculous.”

Source: CNET