Originally Published 2 months ago — by Hacker News
The article advocates for moving away from Google's control of Android towards open-source alternatives like PostmarketOS, emphasizing the importance of open platforms for user freedom, privacy, and innovation. It discusses the challenges posed by corporate control, security concerns, and regulatory issues, urging collective effort and legislative action to promote open technology and reduce dependency on proprietary systems.
ClayRat is a sophisticated Android spyware campaign targeting users in Russia by impersonating popular apps like WhatsApp and TikTok through fake websites and Telegram channels. It can exfiltrate sensitive data, take photos, and propagate itself by sending malicious links to contacts. The malware uses obfuscation and fake app installers to bypass security measures, and while Google Play Protect offers some protection, the threat highlights ongoing risks from pre-installed apps with elevated privileges.
A vulnerability in the Unity game engine could allow malicious code to target Android users' crypto wallets, with patches being rolled out to fix the issue. Users are advised to update their games, avoid sideloading apps, and practice good security hygiene to protect their wallets. The vulnerability affects Unity projects dating back to 2017 and could potentially lead to device compromise or credential theft.
You can repurpose old Android or iPhone devices as security cameras by installing free apps like Alfred Camera, positioning them in strategic locations, and powering them with a nearby source, providing an affordable way to enhance home security and monitor your property remotely.
Google is ending the ability to sideload unverified apps on Android devices to enhance security and ensure all app developers are verified, marking a shift away from a key feature that distinguished Android from iOS.
The FBI warns iPhone and Android users about a surge in QR code-based scams where malicious codes are used to steal personal and financial information, urging caution and avoidance of unknown QR codes to prevent malware infections and data theft.
The FBI warns against replying to unknown or suspicious text messages, which are increasingly used by organized criminal gangs for scams like fraud and romance schemes. Experts recommend verifying sender identities independently and using tools like Australia's Truyu app or MalwareBytes' Scam Guard to detect and prevent these scams, which pose significant risks to personal data and finances.
The TSA warns travelers to avoid public WiFi and USB charging stations at airports due to cybersecurity risks like data theft and malware, emphasizing the importance of using secure connections and trusted charging sources to protect personal information during travel.
AT&T has introduced a new feature called Wireless Account Lock, allowing customers to prevent unauthorized changes to their accounts and protect against SIM swapping attacks by enabling a simple switch in the myAT&T app, with similar protections offered by other major US carriers like T-Mobile and Verizon.
Android 16 will introduce a new security feature that alerts users to potential Stingray surveillance by detecting connections to suspicious or insecure mobile networks, helping to protect against digital eavesdropping and fake cell towers, although full protection depends on hardware support and upcoming device updates.
A $1 phone scanning tool developed by iVerify has detected seven instances of Pegasus spyware among 2,500 scans, highlighting the widespread use of such malware globally. The tool's development required significant investment due to the locked-down nature of mobile operating systems like iOS and Android. The findings, to be presented at a security conference, underscore the need for accessible spyware detection tools, as evidenced by the tool's role in identifying spyware on devices linked to political figures and activists. This development challenges the assumption that mobile devices are inherently secure.
The FBI has issued a warning about potential cyber attacks from China targeting American infrastructure, specifically through vulnerabilities in iPhone and Android text messaging. The hacking campaign, known as Salt Typhoon, has reportedly compromised major telecom companies like AT&T, Verizon, and Lumen Technologies. To protect communications, the FBI advises using encrypted messaging apps like Signal and WhatsApp, and ensuring devices receive timely updates and employ strong multi-factor authentication.
Cybersecurity firm iVerify has detected new infections of the Pegasus spyware, developed by NSO Group, on mobile devices of ordinary professionals and civilians, challenging the belief that such spyware only targets high-profile individuals. Their Mobile Threat Hunting feature found a 2.5 per 1,000 scan infection rate, revealing a more widespread issue than previously thought. The findings highlight significant gaps in current mobile security practices and emphasize the need for more robust, user-accessible security measures.
iVerify, a mobile device security firm, has launched a spyware detection feature that has already identified seven infections of the notorious Pegasus malware among 2,500 device scans. The tool, available to both paying and free users, uses a combination of malware signature-based detection, heuristics, and machine learning to identify spyware on iOS and Android devices. The findings challenge the narrative that spyware targets only activists and journalists, revealing infections among business leaders and government officials. This development highlights the growing prevalence of spyware and the need for accessible detection tools.
Google has issued a warning about the active exploitation of a privilege escalation vulnerability, CVE-2024-43093, in the Android Framework, which allows unauthorized access to certain directories. The flaw is reportedly under limited, targeted exploitation, though specific details on its real-world use are scarce. Additionally, a patched Qualcomm chipset vulnerability, CVE-2024-43047, has also been actively exploited. Both vulnerabilities may have been used in targeted spyware attacks, but it's unclear if they were combined for privilege escalation and code execution.
