latest
Microsoft discovers XZ Utils backdoor vulnerability in Linux distros, issues guidance
A Microsoft employee came across a very dangerous backdoor exploit in XZ Utils, affecting numerous Linux distros; the company has now issued guidance.
A few days ago, we learned that the Python Package Index (PyPI) has temporarily restricted the creation of new accounts and package submissions to its portal following the emergence of a malware campaign through which attackers were uploading malicious packages to the directory in a coordinated manner. Now, Microsoft has detailed a new vulnerability in Linux distributions after it was discovered recently by a company employee.
Five reasons antivirus has gotten worse
Third-party antivirus has slowly fallen out of favour with users. But what happened to make this software lose users' trust?
Antivirus used to be a mainstay of any home desktop. Software like McAfee was basically essential, and weekly virus scans were a feature of lots of people's early experience of 2000's home computers. But in the last decade, third-party antivirus has all but disappeared as a requirement for a new PC, and it seems less effective than ever at stopping legitimate threats to your PC, all while getting slower, more bloated and increasingly expensive. But what happened to antivirus? How did a once commonplace bit of software end up in relative obscurity? Here are five reasons why we think antivirus has gotten worse.
The Internet is chock-full of viruses, spyware, keyloggers, and other malware that can steal confidential data from your PC and ruin your day. As such, it’s paramount to remain cautious when downloading files from online sources.
6 reasons you don't need third-party antivirus software in 2023
A lot of computers come pre-installed with third-party antivirus software. But you may not need it as an average user.
Antivirus software suites like Norton and McAfee have become household names at this point. A lot of hardware manufacturers like Dell and HP receive payment from companies like Norton to pre-install trial versions of their antivirus software onto these new computers. From there, most people end up subscribing to antivirus software that they probably don’t need.
Despite the best efforts of Google Play Protect, the Play Store is not as safe as it may appear
The Google Play Store is the one-stop shop for most Android apps, but you still have to be careful.
If you own an Android smartphone, then the place you go to get your apps is most likely the Google Play Store. It's the safest and most convenient, and you can generally rely on Google Play Protect to ensure that the apps you download are safe and won't harvest your data or take over your smartphone. However, that isn't quite the full picture.
In Android 13, Google is cracking down on malware that uses Accessibility APIs
In Android 13, Google is cracking down on malware that use Accessibility APIs. Check out what that means for you and what you can do here.
Malware has been an issue on Android for a long time, and one of the most prominent vectors of attack is through the accessibility services on a user's phone. Accessibility APIs are powerful tools intended for developers to help aid users with disabilities, as they can read the screen, inject inputs, and more. Unfortunately, that also makes them ripe for abuse, with malware such as FluBot tricking users into enabling those APIs for malicious apps that in turn, cannot be uninstalled. This is changing in Android 13, as Google will prevent apps sideloaded from outside an app store from being granted those permissions.
Apple is suing NSO Group, creator of "Pegasus" iMessage malware
Israeli tech firm NSO Group created malware that could be spread through iMessage, and now Apple is suing the company.
NSO Group Technologies, based in Herzliya, Israel, made headlines earlier this year after it was revealed the company created an iMessage exploit that was used to spy on journalists and other high-profile individuals on behalf of various governments. NSO is already being sued by Meta (formerly known as Facebook), and now Apple has announced that it is also taking legal action against NSO.
PSA: Rescue your phone from the FluBot SMS malware with malninstall
Use this tool by XDA Recognized Developer linuxct to remove FluBot SMS malware from your Android phone easily.
FluBot is an Android-targeting malware that impersonates other apps on a victim's phone to steal their banking credentials and other private information. It spreads through SMS and can eavesdrop on incoming notifications, read and write SMSes, make calls, and transmit the victims' entire contact list back to its control center. The virus also lures victims into changing the Accessibility settings on their phones, forbidding them to uninstall it. If you are also a victim of FluBot and are unable to remove it from your smartphone, you should use an app called "malinstall" to get rid of this malware.
Apple M1 Macs face their first malware via an adware extension
The first ever piece of malware software that reportedly targets Apple's new ARM-based chipset for Macs has been found. Read on!
A lot of people might argue that Mac is comparatively safer than Windows. While that is largely true, the past few years have seen a steady increase which has become a cause of concern. A new malware has now been spotted, which is said to be the first such malicious piece of software targeting Apple's new M1 processor.
Popular Barcode Scanner app caught infecting Android smartphones
A popular barcode scanner app on the Google Play Store has been caught infecting Android phones with malware. Read on to know more.
A popular barcode scanner app with over 10 million downloads on the Google Play Store has been caught infecting Android devices with malware. The app, simply dubbed Barcode Scanner, has since been removed from the Play Store, but it likely still remains there on many of the infected devices.
PSA: If you use NoxPlayer to play Android games on PC, you should read this
A hacker group gained access to NoxPlayer's server infra and has pushed malware to a few users in Asia, but BigNow claims the issue is fixed.
NoxPlayer users beware. A hacker group has gained access to the Android emulator's server infrastructure and has pushed malware to a few users in Asia. Slovak security firm ESET recently discovered the attack, and it has advised affected NoxPlayer users to reinstall the emulator to remove the malware from their systems.
This Cyberpunk 2077 Mobile listing is such an obvious scam, we shouldn't even have to warn you
Cyberpunk 2077 Mobile is not real, so please avoid it at all costs unless you want to install a ransomware on your Android phone.
From being one of the most hyped games of 2020 to becoming one of the bigger disappointments, the chaos around Cyberpunk 2077 does not seem to end. There is now apparently a mobile version of the game that is luring users into installing malware on their Android devices.
The U.S. Government funded smartphones which come with pre-installed malware
The U.S. Government has seemingly funded smartphones which come with pre-installed malware, as part of the Assurance Wireless program founded by the FCC.
A U.S. Government-funded smartphone comes with pre-installed malware, researchers at Malwarebytes have discovered. The malware can't be removed without rendering the device unusable. The smartphone in question is the UMX U683CL and is sold as part of Virgin Mobile's Assurance Wireless program. This is a federal Lifeline Assistance program. Founded by the FCC in 1985, Lifeline is a program intended to make communication services more affordable to low-income consumers. The UMX U683CL costs only $35 through the program, featuring a Qualcomm Snapdragon 210, 1GB of RAM, 5-inch 480p LCD, 2000 mAh battery, and Android Go. It's certainly not a bad offering, but it seems that the price of affordability comes at the cost of privacy. The team at Malwarebytes found not one, but two instances of pre-installed malware on the UMX 683CL.
[Update 2: Back in Play Store] CamScanner app caught injecting malware on Android devices
CamScanner has been caught using an advertising library that injected malicious code onto devices, after which Google has removed it from the Play Store.
If you are someone who frequently works around text documents, you very likely have used CamScanner in the past, or are using it in the present. CamScanner has been around the very early days of Android, presenting itself as a solution to use the camera on your smartphone as a document scanner. The app allows users to digitize paper documents, with the app then auto-cropping and enhancing the image quality of the document. There were features that allowed batch scanning multi-page documents. These features combined to give the app more than a million installs through the Play Store despite the fairly niche nature of its use. However, CamScanner has now been caught injecting malware on the phones of its users, forcing Google to remove the app from the Play Store.
Samsung Galaxy S10 will have McAfee pre-installed for "anti-malware protection"
Samsung has extended its partnership with McAfee, allowing it to install McAfee's anti-malware protection on the Samsung Galaxy S10 lineup. Read on!
In a move that is bound to raise eyebrows, McAfee has announced at MWC 2019 that it is extending its partnership with Samsung to pre-install anti-malware protection powered by McAfee VirusScan onto the Samsung Galaxy S10.
Every Android device is susceptible to a hardware vulnerability called RAMpage
Every Android device is susceptible to a hardware vulnerability called RAMpage. You can read all about it here, and how to test your own Android device.
We have consistently seen various vectors of attack rear their head when it comes to Android smartphones. We've seen Shattered Trust, Cloak and Dagger, and Rowhammer, just to name a few. RAMpage is the latest one on the block, and while it is a hardware vulnerability, it doesn't necessarily need physical access to your device to exploit. How it works is relatively simple.
Amazon Fire TV and Fire TV Stick Devices are being Infected with Cryptocurrency Malware
Several Amazon Fire TV and Fire TV Stick users are reporting instances of being infected with a variation of the infamous ADB.Miner cryptocurrency malware.
Several users in our forums have reported that their Amazon Fire TV and Amazon Fire TV Stick devices have suddenly become very slow to use. This sudden slowdown coincides with the appearance of an app simply called "test" that keeps popping up randomly. Not only is the popup annoying, but it also causes video playback to stop and apps to stop responding, making it very difficult to continue using the device normally.
"AdultSwine" Play Store Malware Shows Pornography in Games for Kids
AdultSwine is a new malware discovered on the Google Play Store. It targets children with the goal of generating as much advertising revenue as possible.
Researchers at Check Point have discovered new malware hidden in about 60 games and applications on the Google Play Store. It's dubbed "AdultSwine", and it displays pornographic advertisements, entices users to install fake security applications, and tries to make users sign up for premium services.
Micromax Remotely Installing Unwanted Apps on Devices
Learn about Micromax' ability to remotely install apps on your device and what you can do to stop this potentially malicious behavior
In the recent past, we witnessed quite a few acts of OEMs messing with devices to achieve various goals, such as increasing benchmark results. We also heard about manufacturers and carriers adding tracing software to their devices, in order to collect data about how the device performs, statistics about voice and data connectivity between the device and radio towers, or even battery runtime data (CarrierIQ are you listening?). Today, however, reports are coming in that users of certain devices by Indian phone manufacturer Micromax noticed apps being silently installed without their consent or permission.