Call 855-708-2203 - Norton Antivirus #Support Phone Number, If you are having any problem with Norton Antivirus you can get Norton Support from our Broovo Expert, We give Online Norton Support and call us any time at 855-708-2203 - Norton Support Phone Number
Related
Original Link
Windows Mobile trojan sends unauthorized information and leaves device vulnerable
Tuesday February 26, 2008 at 1:13 am CST
Posted by Jimmy Shah
Trackback
A Window Mobile PocketPC trojan that disables Windows Mobile application installation security has been discovered in China.
WinCE/InfoJack sends the infected device’s serial number, operating system and other information to the author of the trojan. It also leaves the infected mobile device vulnerable by allowing silent installation of malware. The trojan modifies the infected device’s security setting to allow unsigned applications to be installed without a warning.
The trojan was packed inside a number of legitimate installation files and distributed widely. It has been distributed with Google Maps, applications for stock trading, and a collection of games.
Figure 1
The trojan is installed with a collection of legitimate games.
WinCE/InfoJack was created by a specific website. The website may have hired someone to create the trojan and distribute it to other sites. The maintainer of the website claims that the software was just necessary to collect information on the types of mobiles used to access their site. That would be easier to believe if they had notified the user prior to installation or if they had provided some sort of uninstallation method.
Figure 2
WinCE/InfoJack installs silently along with other applications.
WinCE/InfoJack has a number of features that show its malicious intent:
* installing as an autorun program on the memory card
* installing itself to the phone when an infected memory card is inserted
* protecting itself from deletion, copying itself back to disk
* replaces the browser’s home page
* allows unsigned applications to install without warning
Figure 2 Figure 2
WinCE/InfoJack installs as an autorun program on the memory card.
That last feature, allowing silent installation of an unsigned app, is used by WinCE/InfoJack to auto update itself. It also leaves the mobile open to other malware being installed silently. Fortunately the trojan’s website is no longer reachable, due in part to an investigation by local law enforcement.
I posted about this yesterday.
http://forum.xda-developers.com/showthread.php?t=372699
virus???
that sounds bad
Dear All,
I have an HTC HD2 (a.k.a. HTC Leo) and it may have a problem. It suddenly seems to be able to dial the last number called and also start playing music (from the HTC Sense player) all by itself.
So far this has only happened while I am using the Skyfire web browser. I have spoken to technical support at HTC and been advised to try, firstly, a soft reset and, secondly, a hard reset. So far I have tried only the first and it has not made a difference.
HTC have also said that there is no way to scan the phone for viruses because there is no need for this - no such threat exists. I have read conflicting information on that (including on this forum) so I am a little bit concerned.
Could someone help me with the following: 1) what could be causing this problem to occur, 2) how do I resolve the problem, 3) if it is a virus, how do I protect against this happening again and 4) if it is a virus, do I need to be worried that my information has been compromized in any way?
I am new to XDA Developers and could really use some help with this problem. Many thanks,
Karim434
Honestly, I haven't a clue what would be causing such an issue, and to my knowledge, there isn't any mobile malware that would be capable of manipulating HTC Sense, as most hackers wouldn't dare take the time to learn how to manipulate HTC Sense, especially due to the several different devices using it, all with different specs.
But, there are malicious threats for Mobile OSs', though their 'damage intent' usually isn't worthwhile. Most of the typical current Mobile Malware threats are dialers that dial out-of-country numbers to rack up your phone bill {also paying the numbers it dialed due to non-toll-free services.}
Like I've said many times before on other websites, just because there are no OBVIOUS large threats for mobiles doesn't mean that you shouldn't get protection now.
You don't wait for your house to burn down and THEN get Home Fire insurance... do you? Be prepared. The mobile world grows larger with every hour, as do Black-Hat hackers malicious intents.
Good picks:
Lookout Mobile Security - Free
Kaspersky Mobile Security - $29.95 {Try the 30 day trial}
Symantec Endpoint Security - $??? I believe it comes bundled with Symantecs Endpoint for Enterprise
BullGuard Mobile Security - $39.95 {Try the 14 day trial}
I'd personally recommend Kaspersky Mobile Security due to it's Firewall, Anti-Spam {blacklist & whitelist for calls and sms}, and their 'Find My Phone' options.
VirusSeeker is a comprehensive free mobile security solution for smartphones which consists of antivirus and antitheft features. VirusSeeker helps protecting your mobile and its data from latest malware, spyware and viruses thus keeping it safe and secure. It also helps you to locate and lock your mobile when it is lost or stolen. This mobile security solution has one of the fastest antivirus scanners, which is capable of scanning your mobile in less than 20 seconds.
Features:
1. Real Time Scanning:
• Ensures your mobile is secure at all times.
• Scans an application as soon as it is installed on your mobile, irrespective of the way it is installed via either bluetooth, internet, e-mail, data cable or google play.
2. Antivirus:
• Enables you to scan your entire mobile or any selected application within seconds.
• Uses one of the fastest antivirus scanners, thus saving you precious time.
• It also allows you to schedule a scan to run once a day at a specific time.
• Has an update feature which ensures the mobile database is kept up to date.
3. App Checker (NEW!)
• It makes you aware of all those application installed on your mobile, that are capable of performing certain operations that can misuse or cause damage to your mobile and the data on it.
• It tells you how each application can and may misuse the data of your mobile or be cause harm to it.
• It helps you identify potentially malicious applications.
• It also provides a feature to mark a well-known application as trusted, thus not displaying it on further runs of App Checker.
• This helps keeping the mobile safe and secure.
4. Anti-Theft
• It helps you locate and lock your mobile when it is lost or stolen.
• It enables you to remotely turn ON the mobile’s GPS and have the device send its location as well as the “APPROXIMATE ADDRESS” of where the mobile is, thus making it very easy for you to find you’re mobile.
• It also enables you to remotely lock the mobile, so that no one can access any data or use the mobile. This keeps your data completely safe and secure.
5. SIM-Card Change Notification
• In the case your mobile is stolen, and the thief changes the SIM Card, the mobile immediately notifies you of the SIM Card’s new number.
6. Dashboard
• Has a very user friendly dashboard which tells you about the security status of the mobile.
• It tells you whether the Database is up to date or not, whether scanning is being regularly performed and whether the antitheft details are filled or not. It also tells you whether the mobile is completely secure or not.
7. Statistics
• Tells you the current statistics about your mobile such as the number of files scanned till date, the number of viruses detected, the date the antivirus was last run on, the date App Checker was last run on and the date update was last run on.
compatibility V2.2 And v2.3
Download it from here
https://play.google.com/store/apps/details?id=avsolution.version1
i can’t update the virus definitions from avast server because server can’t be connected.
Du you have the same trouble?
190704 - WhatsApp installs new rootkit, yet undetected by all major security softwares
https://zenosloim.blogspot.com/2019/07/190704-whatsapp-installs-new-rootkit.html
You thought WhatsApp has solved its "exploits" used by state intelligence communities from USA, Great Britain, Australia, Canada, New Zealand and Israel?
Nope.
You can also wonder if it was an exploit, or an "actively tolerated" backdoor ordered by NSA, GCHQ.
And "developed" with Israeli programmers support.
In any case, between 27 of june 2019 and 1 of july 2019, I managed to neutralize and identify a new type of Android rootkit, which was completely undetected by Symantec, Kaspersky, Avast/AVG, ESET.
The rootkit was detected by an indirect method which I will describe here. And eliminated also.
However, THANK YOU, USA, UK, Canada, Australia, New Zealand and especially Israel for the honour accorded to my person, and my swedish phone number: +46 720 329614.
I will technically describe how I detected and eliminated the rootkit, so that your programmers will "correct" the mistakes done, and improve your rootkit for better undetected use.
Same rootkit is also spread packaged with various popular softwares, made available via a "curiously tolerated by US authorities" piracy site, "forum.mobilism.org".
Used devices:
Motorola G6 Plus rooted with latest Magisk, Xposed;
Windows Desktop PC
Windows Software:
Symantec Endpoint Protection
Android Softwares:
Kaspersky Mobile Antivirus AppLock & Web Security
Avast Antivirus Mobile Security & Virus Cleaner
ESET Mobile Security & Antivirus
Marcel Bokhorst NetGuard Pro
3C Battery Monitor Widget Pro
GSam Labs GSam Battery Monitor Pro
Install all needed softwares above.
Configure NetGuard Pro to block anything on Mobile Data and WiFi.
Install/reinstall WhatsApp or some of the softwares "released" on "forum.mobilism.org" between 27 june 2019 and 30 june 2019.
Assume your person is an "interesting profile" for The 5 Eyes Community (US+UK+CA+AU+NZ) or Israel.
It's enough your number is called or you make just one call.
Open WiFi. Keep it open few minutes. Then close WiFi.
Wait at least 12 hours, do not use the phone or the WiFi in it.
The rootkit will trigger itself, trying to send the logged data from your device.
There is a "bug" in the rootkit which will do the following: if it can not send logged data for at least 12 hours, because it is blocked by firewall (used latest version actual for the time period named - possible the author to be "bought" by the affected 5 Eyes + Israel - not sure if future versions will successfully block the rootkit), the rootkit will infect the process "com.motorola.modemservice", in practice "hammering" the phone modem, to be able to force-sending via mobile data, the logged data.
Not being able, this "hammering" will result in an indirect higher power consumption, detected by both 3C Battery Monitor Widget Pro and GSam Labs GSam Battery Monitor Pro.
Connect the phone to PC, and do a complete device scan via adb with Symantec Endpoint Protection.
As you guessed, Symantec being a US registered company, it will detect nothing.
Now do same full device scan (apps, apks, files, processes, memory) with ESET.
ESET is Slovakia native, but operates in USA, hence do not expect to detect something, confirmed.
Do not expect they will make public the evidence registered from my phone.
Now do same full device scan with Avast/AVG.
Czechia native, operating in USA, same result as ESET, nothing detected.
Do not expect they will make public the evidence registered from my phone.
Now the interesting part, use latest Kaspersky Mobile Antivirus AppLock & Web Security.
Unfortunately, Kaspersky is not able to detect the rootkit.
I do hope that Kaspersky will inspect their logs and identify my Motorola G6 Plus scanned by them, to create an identifying signature for the rootkit.
All evidence exists registered at Kaspersky.
So, no actual security software for Windows or Android was able to detect the rootkit.
Clear sign it is a new developed cyberweapon by USA, UK, CA, AU, NZ and Israel.
Eliminating the rootkit.
As no software was able to detect it, only solution was a factory reset of the phone.
Disabled automatically update/install from Google Play to avoid auto reinstalling previous installed softwares, including WhatsApp.
Be very cautious when installing pirated softwares from "forum.mobilism.org", the fact they are "tolerated" by USA authorities, says a lot.
Thinking of "Piracy", "Double Moral", "Money Laundering", "Criminal activities on internet", think of 2 things:
Who are the main "remained tax paradises" ? Mostly USA and UK colonies. (according to United Nation and Interpol statistics)
Which countries receive with open arms "fugitives tax-payers and money lounderers" as "strategic investors" ? UK, Israel. (according to United Nation and Interpol statistics)
This is double moral.