Android Trojan "Xenomorph" drains bank accounts - all money at stake - General Questions and Answers

Researchers from "ThreatFabric", a computer and network security company, have discovered the latest version of Xenomorph. According to them, with the new update, the malware is one of the "most advanced and dangerous banking Trojans."
The fraudsters behind the Trojan are targeting victims worldwide. They have targeted a total of 400 banks, mainly from the United States, Spain, Turkey, Poland, Australia, Canada, Italy, Portugal, France and Germany.
Xenomorph is hiding behind an app that is currently still available in the Google Play Store (as of March 22). It is the app CoinCalc - Currency Converter by Sam Ruston.
Meanwhile, the fraudsters behind the malware can sit back and relax. Because Xenomorph is designed in such a way that everything from installing the software to transferring money is automated.
Previously, the Trojan was only able to read the banking data of smartphone users.

Another reason why 2FA is a THING in 2023.

Related

[Q] Application stores for each country

Hello everybody! I'd like to try to discover why Microsoft and Apple target their application stores for countries while Android can do only one store for all applications. I understand that a good reason to segment applications are the laws of each country. Example: Take beer is considered something normal in the U.S., but may be considered an illegal act in Eastern countries. How Google can exempt from that responsibility? The future is that the Android Market is also divided into countries?

Android hardening - secure handling of personal data - local storage YES - cloud NO

Android hardening - secure handling of personal data - local storage YES - cloud NO - Options and solutions
===========================================================================================================
Nowadays, when software developers sell "their products to the consumers" and "themselves to government agencies", it's essential to safeguard personal data of any kind.
Not because you are breaking the law in your country and are afraid for authorities.
But for respect of your private integrity and personal data.
Even more when you have your own business and government agencies use your private data for economical espionage and give your private company data to your competitors. That explains how various big companies from North America have won contracts against competitors from Europe, or viceversa.
So here come few advices for owners of Android smartphones.
1. Use a decent firewall with detailed logging capability: ukanth AFWall+, JTScholl Android Firewall.
Authorise only programs which you are well-informed what they do and where they go.
2. Use a good permissions logger/filtering program in interractive mode: Marcel Bokhorst XPrivacy.
Grant permissions only in interactive mode and use your knowledge and common sense to understand which program asks for a certain permission.
If you need a good program, but it asks for strange or anormal permissions thinking of what that progarm is suppose to do (use your thinking),
simply grant only permissions that you think are acceptable, in interactive mode, and check the logg of XPrivacy and of your firewall for all the communications. Block anything which looks suspicious.
The above tools are essential, does not matter you are from USA, Russia, China, Iran.
3. The security suite. Depending on your country and relations in respect to world powers, choose accordingly.
Are you from USA, hard to trust a chinese or russian product.
Are you from Russia, best protection comes from a russian product. Never trust a product made in USA or UK.
Are you from the 3rd world (Brazil, India, Indonesia, Iran - be well informed who are the enemies of your country - and never trust products from them).
It would be total inconscience for Iran to use USA or UK or Israel products.
Are you an international corporation spread, use at least double-layered security gateways with products from both USA and Russia or China, you'll see how they react against deetcted malware, according to its country of origin.
Don't be surprised if Symantec or McAfee or Comodo don't detect Stuxnet derivates.
4. Protection of own passwords, sensitive personal data, and so on.
NEVER use cloud solutions and any product with included cloud functionality and no local import/export of data.
On the list of shame comes almost all known products in category: Password Managers and Browsers.
Only exceptions: KeePassDroid, Keepass2Android Offline. (we'll see how long the Germany government will let the authors develop without introducing backdoors .
The only secure information managers which really can assure a minimal level of security for your private data.
Both freewares.
All other commercial products use only cloud for import/export/sync, and your private data is directly accessible to known government agencies.
Only browser with local import/export of bookmarks/passwords is Habit Browser (we'll see how long the Japan government will let the author develop without introducing backdoors .
All other browsers do not allow local import/export of bookmarks/passwords, only sync via cloud and your privacy is gone.
5. Regarding to anti-theft software. Same rules apply as at 3. (all depends on your country). Best, take well care of your device. The anti-theft has a double-face: depending on your software and most of your phone operator, it is not always to recommend to track your device. Many operators, even in foreign countries, give total access to government agencies into their infrastructure.
6. Email. Encrypt it, save it only locally on device and avoid sync to cloud or email apps doing that.
A good email program is MailDroid, but still not totally secure, due to its juridical placement on USA territory.
For better safety, use a browser and encrypted webmail.
Pity for AquaMail, a good but like Siber Systems Roboform Password Manager, pays its "tribute" to government agencies no local storage of individual emails. If we would make a joke, it seems that NSA pays better than all sold licenses for AquaMail, same as for Roboform Password Manager.
What is funny is that the author is living in Russia.
The list of big deceptions, products claiming respect your privacy and helping you doing it, but only empty words.
Mozilla Firefox browser and Siber Systems Roboform Password Manager. More than a year ago I contacted their managers and developers, they promised local import/export/sync. Nothing yet. Well, both being under USA jurisdictions, it's not a surprise, the USA government dictates (sorry NSA ).
With respect,
Zeno Sloim
http://zenosloim.blogspot.com/2014/10/android-hardening-secure-handling-of.html

VPN and Politics - how secure is it

VPN and Politics - how secure is it
===================================
VPN:
The miracle solution for corporate users on-the-go.
The solution for political disdents and street movements or "freedom fighters".
The solution for watching what Holywood bosses decided you may not see in Europe or somewhere else.
The solution for downloading what you are not allowed to.
And the fancy list continues.
But have you ever thought that everything has a price, nobody gives something for free without thinking of own profit and that physically, you connection and data must pass a certain server somewhere?
But ...who has access to that server?
Which land host it and how the policy and government of that country affects you?
Well... let's take few examples:
1. Chinese disidents in Hong Kong. Well, if they use F-Secure Freedom VPN, it could be quite good.
F-Secure is locate din Finland, it's a pro NATO and USA partner.
For the chinese disident does not matter if american NSA watches them.
2. Islamists in Europe or somewhere else.
Now F-Secure Freedom VPN could be their capital mistake and last program to use before NSA reacts and ...a ticket to Guantanamo is paid by the USA tax-payers.
3. Normal Europe citizen wanting to watch Country music... well, Nashville and Holliwood bosses are quite restrictive and aware of money losses. Now a good VPN program comes handy, but beware for BSA catching you if your VPN goes via an "ally" of USA. Perhaps vpn servers ouside Europe are better...
But beware of own personal data if VPN program comes from East or Far East and your traffic goes same way...
Conclusion: based on who you are, how you are politically situated in respect to major powers of the world, what you want to do..
Then choose you VPN program and with a good firewall and sniffer watch out what the VPN program wants to access more on your device.
Never trust a VPN program, based on its adverts from producer or comments from internet.
Investigate yourself first, and never trust without deep checking.
With respect,
Zeno Sloim
http://zenosloim.blogspot.com/2014/10/vpn-and-politics-how-secure-is-it.html
How secure are in fact VPN or Red Phone
Article inspired by a PM asking about my thoughts on VPN and Red Phone.
"Hello there! Finally someone who cares about security.
Quote:
Originally Posted by iunlock
Greetings, I've been reading some of your posts and all that info is right up my alley. It's hard to find someone who actually cares about this stuff like I do. Anyhow, I have some questions that you may be able to answer for me. A lot of people I've tried to run this by doesn't have any passion for security so I've only received half "" answers, which is not what I'm seeking.
What do you think about this set up.
1. I use a VPN that claims they don't keep logs on my phone. But who knows...better than nothing? Or are these companies compromised? See if I was the big bad wolf, I'd either create VPN companies to give people options to trick them into thinking they have security with a VPN (illusions) and/or pay VPN companies a dollar amount that they can't refuse for a backdoor...ie...easy access any time to the traffic and data. So what if VPN companies lie about their claims...who's going to tell right? $win-$win situation for big bad wolf and the VPN company that couldn't refuse the $ offered. Interesting eh?
2. Tor/Orweb. Hmm....slow as a dead turtle, but does it really work like they claim? I do see some truth to this though with its concept, but going back to what I said above. $ talks?
3. Password managers like last password, 1 Password etc... again if I was the big bad wolf, would I not be able to make $ talk? Make you think.
4. Secure apps...like jitsi, xabber, encrypted stuff...etc. ..
On the flip side of the coin, there are true security nuts who hate the big bad wolf and a lot of these people are the founders of some of these VPN companies and alike. So there's some comfort in knowing that I assume....also open source stuff is good because they are transparent. No messing around there. Anything funny or fishy would be known for any vulnerability in the app etc....
With all that stuff aside, assuming you did trust the VPN, tor etc....what's the best we can do security wise for our phones?
Well I think using a VPN is a must. Next using gpg to encrypt all emails along with encrypted chat clients. Then the use of tor to proxy your connections like mail, chat, fb, twitter etc....
What are your thoughts?
BTW, I don't use Facebook (Cia / prism) buffet....
I think gpg is the only sure way of true security.
In the real world, having the convenience for non important things makes the use of Gmail and other Google apps convenient.
Never do I ever use any real info for any of these accounts lol.
So the question is....will using a VPN, encrypted email, encrypted chat client, and tor do the trick?
How about the use of redphone app with Google voice on VPN since it uses data and not voice tunnel?
A lot of cool stuff....would love to hear your thoughts.
Cheers"
Hi sorry for so late answer.
Please read my posts on my security blog.
As a guide line:
There is no secure VPN or provider, all depends on your "enemies" or whom are you afraid of. It all depends on who "don't care about you".
And what you want to do.
Everything located on US territory will report in case to US authorities. Same goes for Germany, Russia, China.
Also for smaller countries: Canada, New Zealand, Australia - all will report to UK and USA.
Same for Austria, Finland, Sweden - all will report to USA, UK, Germany.
The closed ties in SIGINT cooperation are 100% same in so-called VPN providers/software.
IMHO it's money waste to pay for VPN. If you want to do something against law.
Respect the laws and ignore VPN.
All above is for private persons.
If enterprise, own physically the VPN server and never trust any 3rd part.
With kind regards
Zeno Sloim
Part 2
Red Phone - bogus for naive people
Any product (hardware or software) produced on German territory HAVE backdoor for German state authorities and Germany SIGINT close partners: USA, UK
Any product made on USA territory has back doors for US state authorities.
The whole Apple FBI encryption scandal was bogus for big public, all Apple products have backdoor.
It's a matter of time for how quickly will authorities know and decrypt your private data "travelling on internet".
Best solution is to try to keep it LOCALLY, as much as possible, by controlling anything going out of your phone.
It's not easy for a normal user.
But use only verified by you, apps.
With regards
Zeno Sloim

Free internet for poor and unemployed

Mark Zuckerberg's proposal to provide free, basic Internet service in India has hit an old-fashioned snag: People don't believe they're getting something for nothing. Free Basics plan, which promises to give India's rural poor access to the social network and a limited number of other online services.
   In India, the debate has focused largely on whether Free Basics meets the standards of Net neutrality, the principle that there should be equal access to all types of content and services on the Internet.
For that facebook started a polling through its site and given one toll free number to poll by call, Most Indians want the free service, Facebook claimed, citing a national poll in which 86 percent of respondents supported Free Basics. It also said the service can coexist with Net neutrality.
Facebook created Free Basics to provide Internet services on topics such as news, maternal health, local jobs and local government information. It already provided those services as part of its Internet.org initiative, launched in 2014, in many countries across Asia, Africa and Latin America where online access has been limited or nonexistent. How do you think of this Free Basics How ever the Net neutrality
What's the question?

The top 10 countries with the most phone voyeurs

Do you ever get the feeling that you’re being peeped?
If you live in one of the following countries then your intuition might be right, as there are dozens of snoopers around you!
Cheetah Mobile recently conducted a survey of 10 million phone users all over the world to find out which countries had the biggest phone voyeur problem. The top 10 are Brazil, Mexico, US, Russia, Turkey, Columbia, India, Korea, Italy and Germany!
According to the survey, about 25% of Brazilian users have had problems with people snooping on their phones. Mexica follows with 22%, US 21% and Russia 18%. The average figure among all countries is roughly 13%, which means that wherever you live, your phone privacy is at risk!
Since your phone contains so much sensitive data, such as contacts, account info and payment authentication, how can you possibly protect it from hackers and snoopers?
CM Locker can help. As the highest rated security locker on Google Play, this app provides the world’s safest screen lock for over 20 million users.
What’s the difference between CM Locker and other screen locks?
It makes your phone safer with its Intruder Selfie feature, which takes a photo of anyone that enters incorrect passwords on your phone and sends you an email containing their picture.
Like this feature? CM Locker will surprise you with much more other impressive features!
Click the download icon to get it now!
Kate cheng said:
Do you ever get the feeling that you’re being peeped?
If you live in one of the following countries then your intuition might be right, as there are dozens of snoopers around you!
Cheetah Mobile recently conducted a survey of 10 million phone users all over the world to find out which countries had the biggest phone voyeur problem. The top 10 are Brazil, Mexico, US, Russia, Turkey, Columbia, India, Korea, Italy and Germany!
According to the survey, about 25% of Brazilian users have had problems with people snooping on their phones. Mexica follows with 22%, US 21% and Russia 18%. The average figure among all countries is roughly 13%, which means that wherever you live, your phone privacy is at risk!
Since your phone contains so much sensitive data, such as contacts, account info and payment authentication, how can you possibly protect it from hackers and snoopers?
CM Locker can help. As the highest rated security locker on Google Play, this app provides the world’s safest screen lock for over 20 million users.
What’s the difference between CM Locker and other screen locks?
It makes your phone safer with its Intruder Selfie feature, which takes a photo of anyone that enters incorrect passwords on your phone and sends you an email containing their picture.
Like this feature? CM Locker will surprise you with much more other impressive features!
Click the download icon to get it now!
Click to expand...
Click to collapse
Thread closed, check your messages for my PM.
Droidriven
Forum Moderator

Categories

Resources