Malware Alert, Don't Download Android Super Mario Run APK

Be careful: Android Super Mario Run is actually Malware; Do not install it. The game Super Mario Run is loved by all, elders, adults, and young people. The game has been released on iOS, but not on the Android operating system yet. Android device owners have been eagerly waiting for the game to be released so they can enjoy it while on the go. We know that Android users are in abundance all over the world and Super Mario is a game that is popular across borders. Therefore, it is not surprising that when users discovered that the Android game version is now available, they were quick to download it.

But the Android version of Super Mario, which is available in third-party Android apps stores, is actually a fake application containing malware. There are not a single, but diverse applications that float in untrustworthy application stores. One of the applications is called Super Mario; Gets full control of the device after requesting the edit, read and receive/send text messages privileges and go as far as capturing images and videos, along with using the phone's GPS to track your location.

The news was broken by Trend Micro, a Tokyo-based IT security firm, which identified that its security research team has discovered malicious applications of the Super Mario game about 90,000 times in 2016. However, the company claims that Such games applications Super Mario State around since 2012 but, due to the fact that there is news about the Android version of the game release sometime in 2017, the frequency and number of these malicious applications have been doubled.

This is the percentage of users who have downloaded fake applications of Super Mario games on their Android devices:

Indonesia 41%, India 33%, Mexico 8%, Japan 4%, Philippines 3%, United States 2% and other 9%.

The application mentioned above is one of the infected applications that prompts users to install an update called 9Apps, which requests additional rights such as audio recording, access to the SD card and changing calendar entries.

This particular application also offers an imitated version of the actual NES Super Mario Bros., game. However, according to Super Mario analysis, the application also shows "unnecessary icons, pop-ups, banners [and] installs other applications and performs other intrusive activities without any user input."

If you click on any of the ads shown, the applications will redirect you to other websites or adult websites that will try to install other applications on your device. It goes without saying that these new applications will be loaded with other malware that will then request administrative privileges on your device.

It is recommended to avoid downloading any third-party app and just rely on official stores like the Google Play Store. Also on your android device, click Settings and uncheck the box "Unknown sources" if it is enabled.

Remember, this is not the first time cybercriminals are using a famous gambling application to infect informed users. A few months ago, the Pokémon Go application was also used to infect those who were looking for their Android application days before its official launch in the Google Play Store.

Dirty Cow Android Flaw Not included In Google Nov Security Update

Android security November update an update for the bugs and security flaws but "dirty cow" Linux flaw does not include in the update by Google. Last month, the Linux security researcher, Phil Oester, discovered that a Linux kernel bug 9 years old (CVE-2016-5195) "Dirty Cow" is seen infected many android users. Google had to correct this - after all, Android uses the Linux kernel - with its latest security updates, but as it turns out, the search giant has set aside the old important flaw to fix with its security updates dated for November.

Android Security November Update fixes 15 critical flaws associated with the platform, but surprisingly, this vulnerability discovered by Oester has not yet found a solution. The extent of the danger of this vulnerability can be understood by the fact that it can give root access to a device to the attacker in just five seconds.

"The exploit is trivial to run in nature, never failed and probably been there for years - the version I got was compiled with GCC 4.8," said Oester last month. The bug was initially updated 11 years ago, but the update was subsequently canceled in another update.

Threatpost Kaspersky Lab reported that, although the main setting in Android security update for November does not include a fix for the Dirty Cow Flaw, Google released another patch for pixels and Nexus devices. He added that Samsung also launched a solution for its mobile devices. Google will present the Patch for Dirty Cow Android in the Android Security Update of December.

According to the side of this decision, the operation of these errors leaves no trace. This type of disruption makes it still dangerous because the users will not be aware even if their security has been compromised.

Svpeng Android Trojan Hacked 3 Lakh Android Phones Via Google Adsense

Almost 3,18,000 Android phones have been hacked via Google AdSense vulnerability. Kaspersky Lab, an international provider of IT security and antivirus in Moscow and operated by a holding company in the UK, said on Tuesday that they discovered a change in the mobile Svpeng Trojan horse hidden in the AdSense advertising network of Google.

"Since mid-July, Svpeng has been detected in Android devices by about 318,000 users, with infection rates reaching 37,000 victims with the intent of being in a day. The attacker discovered the map information to steal banking and personal data, hackers are using a bug in Chrome for Android. Kaspersky Lab said in a statement that the bug was corrected by Google.

The first known case of an attack of Svpeng android trojan with Chrome Android Bug came in mid-July in a news magazine in Russian, said the antivirus manufacturer, adding that the Trojan virus downloaded itself silentently when an Android user visted a website.

The infecction started from an infected ad placed in Google AdSense. The ad appears "normal" on uninfected phones, the Trojan will only download when the user accesses the page through the Chrome browser on an Android device.

"Svpeng disguised himself as a major upgrade to the browser or the popular application to convince the user to approve the installation.When the malware launches itself, it disappears from the list of installed applications, and asks the user for admin rights. When the malware gains admin rights it becomes more difficult to detect. Kaspersky, adding that the attacker had found a way to avoid some of Google's most important security features for Google Chrome.

Under normal circumstances, when an APK file is downloaded from a mobile device through an external link, the browser displays a warning that a potentially dangerous object is being downloaded. In this case, fraudsters found a vulnerability that allows APK files to be downloaded without notification to users. After detecting the error, Kaspersky Lab reports the problem immediately to Google.

The patch will be released in the next update of Google Chrome for Android, according to the company.

"The Svpeng case reaffirms the importance of collaboration between entreprises.Nous a common goal to protect users from cyber attacks, and it is important that we work together to achieve this objective and thank Google for its quick response. "We also encourage users to avoid downloading applications from untrustworthy sources and be cautious when it comes to what permissions they are asked to give and why," said Nikita Buchka, a malware analyst at Kaspersky Lab.

The Trojan Svpeng Mobile Banking malware is designed to steal credit card information. It also captures call histories, text and multimedia messages, browser bookmarks, and contacts. Svpeng is mainly attacks the Russian-speaking countries, but it has the potential to spread worldwide. Because of the specific nature of the distribution of malware, millions of web sites around the world are in danger as many of them are using AdSense ads network.

A New Malware App is Targeting Mobile Banking and Payment Apps in US and Europe

The latest Android malware applications targeting mobile banking in Europe and the United States. The latest Android malware bugs targeted the 94 different applications of mobile banking and payment apps  including American Express, PayPal and Santander, according to the reports of different media.

Fortinet, a company which produces and markets cyber security software was first to discover the virus that represents as a Flash Player application. The malware in question gains the full administrative rights of an Android phone when you press the activation button of the android malware during installation. The malware then runs in the background and waits until the owner opens the applications of mobile banking and payment.

The bug affects Android smartphones in Europe and the United States.

According to media reports, the malware also targets social media applications such as Facebook, LinkedIn, Twitter and Snapchat. The Trojan can also intercept SMS messages.

HummingBad Malware infected 10 Million Android Phones, Secure Your Android Devices

HummingBad malware: Chinese malware infected 10 million Android devices. Experts estimate that more than 10 million Android devices were infected worldwide by a malicious software of a Chinese company.

Cyber security specialist Check Point, the malicious program called HummingBad followed since its discovery in February and there was an increase in the number of infected devices across the world.

In a new report, Check Point said the malware a multi-stage attack chain and gets infected by two main components, the first malware infection take place when people visited certain websites with their android phones.

"The first component attempts to gain root access to an android device with a rootkit [software] that exploits multiple vulnerabilities. If successful, the attacker gets full access to a device", according to the reports.

"If the root fails, a second component used to upgrade from false notification system, fooling users to gain full system level permission by the HummingBad malware.

According to Check Point, a mobile otherwise legitimate advertising agency based in Beijing Yingmob is responsible for malware.

"Yingmob has several development teams for legitimate displaying and monitoring platforms. The team is responsible for the development of this malware, consisting of four groups with a total of 25 employees", according to the report.

The analysis of cyber security company Yingmob Details used malicious software to generate advertising revenue through fraudulently forced download applications, and click ads. The company is earning as much as $A402,000 per month with the help of this android malware.

"Yingmob can be the first group to which exposed of spreading such type of android malware, but certainly not the last", according to the report.

The good news is that it is probably less than 100,000 android devices in Australia that are infected with HummingBad malware.

How to know if you have infected with HummingBad malware?

Fortunately, the malware is now known to cyber expert and can be protected with the help of a good phone protection software that easily recognizes the malware infection.

Other options include checkpoints app ZoneAlarm, 360 Security AntivirusBoost , Avira Antivirus Security and a variety of other options.

Scanning with antivirus software quickly detects the malware and notify the user of bad pieces of apps in your device.

What to do if you have infected with HummingBad malware?

Although, malware has less than 100,000 infected android devices in Australia but it should be removed soon after infection.

Fortunately, there are some methods to achieve this.

The first option is a bit difficult task of finding the source of malware and remove that manually from the device.

The other option is a little awkward by factory resetting the phone.The factory reset option is the best choice to remore malware and viruses from android devices for those who don't know much about android os or non-tech person.

Amazing Fansmitter malware that steals data from computers without Internet

Amazing Fansmitter malware that steals data from computer without Internet or network connection and steals data via cooling fan of a computer. The researchers of the Negev Ben-Gurion University of cyber-research center created malware, called Fansmitter which hijack a computer with airspaces by manipulating the speed of your CPU and chassis fan sound produce signals that is picked up by a microphone of a smartphone.

This computer malware works in a scenario in which this trick can work requires several preparatory steps, the researchers wrote. Basically what it does is that the malware uses the computer fan to act as a transmitter, while the smartphone acts as a receiver. The researchers said the target machine with air gapped are first affected physically. The researchers cited the Stuxnet attack - when a USB drive was used to deploy malware that attacked machines in an Iranian nuclear site - as an example of how this could be achieved.

The smartphone is expected to be hacked before the attack that you can receive data via smartphone. Moreover, it must be within 24 feet of the target computer.

Then applies the computer the desired data is modulated and waves running emitted from the computer fan transmitted with acoustic sound, created by faster or slower. This information will be "heard" by the hacked smartphone, decoded and transmitted to the remote user.

The binary data modulated and transmitted through these audio signals to a microphone distance." "We show that the software can adjust the speed of the internal fan to control the acoustic signals emitted by a computer," the report says.

The process takes a long time as the fan can only transmit the data at a speed of 15 bits per minute.

Fansmitter malware has been successfully tested in a normal working environment with ambient background noise from an air conditioner, multiple workstations and other people.

Gunpowder new Android malware spreading in android phones

Gunpowder Android malware: A new android version of malware targets non-residents of China people and infects their Android phones. Researchers have discovered a new family of malware for Android that successfully evaded all antivirus products on the VirusTotal Web service. Palo Alto Networks named this family of malware 'Gunpowder' based on the principal name of the malicious android software, and threat intelligence team of Palo Alto Networks Unit 42 found 49 unique samples through three different variants.

This finding highlights the fine line between "adware" which is not traditionally prevented by antivirus and malware products, with its ability to cause harm.

Gunpowder samples have been uploaded to VirusTotal since November 2014, with all antivirus engines reported this malware as "benign" or "adware", that is verdicts existing controls would not prevent the installation of the malware in android.

During the investigation of the sample, the team noted that the unit 42, although it contained many features of adware, and actually incorporates a popular adware inside her library, also a number of openly malicious activities were discovered, researchers believe characterizes this family as malware, such as collecting sensitive information of users; spread via SMS messages; push potentially fraudulent advertising; and the ability to run additional payloads.

Gunpowder targets Android users in at least 13 different countries, including India. An interesting observation found by Gunpoder reverse engineering is that this new Android family only spreads among users outside China.

The Gunpowder android malware includes legitimate advertising libraries within samples. These ad libraries are easily detected and may also include aggressive behaviors. The malware successfully used these advertising libraries to hide malicious behavior detected by antivirus. While antivirus software can flag Gunpowder as adware, not flag as being overtly malicious.

Users who have executed Gunpowder are shown a notice that include ad library and the advertising is legitimate. "We believe that the notice was intentionally added in order to use the library as legitimate scapegoat", the researchers said.

Gunpowder embed malicious code samples in popular Nintendo Entertainment System (NES) emulator games, which is based on a framework of open source game

Palo Alto Networks has seen a trend of malware authors repackaging Android open source applications with malicious code. Gonpoder makes use of this technique, which makes it difficult to distinguish malicious code to perform static analysis.

From the observation it was found that this malicious Samples support online payments, including PayPal, Moneybookers, Xsolla and CYPay. Also Gunpowder steals your browser history, bookmarksand and other private information of the victims.

In addition, Gunpowder collect information about all apps, android packages installed on the device of the victim. Also it provides capabilities for executing payloads. Dynamic code for loading and executing the payload after decoding reside in "com.fcp.a" and components "com.fx.a".

So far, Palo Alto Networks has observed 49 unique samples of Gunpowder family; and he found three different groups of variants within this family. In particular, variants of group 1 (12 samples) can spread via SMS and attract users to make some payments. Variants in group 2 (16 samples) can only attract users to make a payment, and variants of group 3 (21 samples) do not contain the spread of SMS or attract users to make payments. Group 3 was found to be the newest malware variants of Gunpowder.

Vrus help symptoms that your computer is infected

Some symptoms that your computer is infected.

Virus - both real and virtual - have much in common. For starters, the two aspire to catch up. Smallpox, Stuxnet, Conficker or cold - We agree that, regardless of whether they are generally terrible in your body or your PC, the viruses. Second, while both types of viruses can be prevented with proper precautions, you probably choose a precaution in your life. And, finally, as the recognition of a viral infection in your body, if your PC has been infected, it is sufficient to know the symptoms. Just as Internet users concerned with the welfare of the community, we have compiled this list of the symptoms of computer viruses, to help diagnose problems that may occur.

The warning signs that your computer is infected.

Pop-ups

Remember these things? Dear God, so boring back in the day. One minute you mind your own business, talk to your friends with this new stuff online chat, then BAM! Beat informs a window that you are a million visitors to this website, and be sure to click here to take your claim in price!

Fortunately, those days are long gone. Most modern browsers also pop-up blockers robust so that pop-ups should not really be a problem now, if your browser is not current. The pop-up from time to time may still occur when you are clicking around in a shady location, but it is highly unlikely that you will find many of them online today. If you have found a large number of pop-ups while surfing the internet, it's probably just a reconfigure browser. Customize your settings and should disappear.

What you really need to worry if you still pop-ups while your browser is always open. If this is the case, it is very likely that you have a virus on your system. The most common are the ads that say something like "alarm your computer is probably infected with a virus" and offer free software to fix it. Please do not be a mindless and fall for it - just go to download other anti malware.

To get rid of the virus, get your hands on a tool to remove malware. We recommend that you use Spybot Search & Destroy (free) or Malwarebytes Removal ($ 25).

Hijacked accounts and messages you didn’t send

Real life, such as viruses, computer viruses are on a mission to spread and infect as many machines as possible, and best way to do this by using your e-mail, instant messaging or social networking accounts and send messages malware to your contacts. It is sometimes difficult to detect because most of us keep a watchful eye on our mailboxes, but rarely stops to check our shelves. More often than not, these messages ghosts intelligent friends they see in your in-box, account phishy something, and let them know that you have learned may have been hacked. Just keep an eye on the news on all platforms, and do not forget to change your password when you have any doubt or find something odd.

Warnings lock-down

So you are on your PC, do their thing and completion of the most adorable kitten ever GIF button. Suddenly a message on the screen looks official appears and informs you that your computer has been locked because of an illegal activity, you have to pay a fee in order to regain control over them. Do not worry, this type of message complete crap. I did nothing illegal - gif Kitty is not illegal! - Your computer is infected with ransomware.
Sometimes these messages are not yet official looking, but they are so old to say ransom notes. "We have taken control of your computer, paid leave and free" Whatever you do, .. do not enter payment information chances are slim that I control you, the worst thing is that probably will not be able to with a standard anti-virus software to remove the virus either - you need to keep, get a replacement AVG and Kaspersky.

Crashing, freezing and general slowness

Although system failures, frozen screens and slow process can be caused by a misconfiguration, it can sometimes mean that your PC is infected with malicious software. The best way to know if it's one or the other, is the speed at which you badly. If the computer has been getting slower over time and has now reached a point where it stops from time to time reached, it could be just because you were not performing regular maintenance of the system. Check out our guide to speed up your PC in order to help speed things up again.
If the computer was working one day and suddenly lazy, slow and unresponsive at night, then there is a possibility that malware is the cause. Viruses often tasks that require a lot of resources and make your system slower than usual. Try to open the Task Manager to see what works. If this does not work, read on.

The basic functions do not work

Most operating systems have a task manager that is used to see what you do on your PC at any given time. For Windows users, you can click the Control + Alt + Del while Mac users simply open to find Spotlight (Command + Space) / To open the Activity Monitor program. These tools allow you to see what programs are running on your computer, and you should always be able to access it. If for any reason you do not get you to your task manager (or other diagnostic tools) is open, it is possible that your computer is infected with a virus that does not want to see you.

When this happens, run anti-virus program if you can. If you can't (probably because the virus also blocks), then you will probably use it separately to a virus removal tool.

Nothing wrong

Although all rosy and equipment works well, there is always the possibility that your system host malware that you are not even aware of. In general, the most advanced virus, the more likely is an infection occur. Think about it - if you were a world class criminal, is a virus that people can identify and close easily design, and it will take some time to be invisible? Exactly.

Some of the most modern in the world viruses were found to have software that effectively removes other harmful files, to achieve what virus scanners are up send red flags. This doesn't stop cyber criminals to continue their game, it is likely that you will not even notice that your computer has a virus, so keep that in mind, should not always assume that you are not infected, simply because the system works well. At the end of the day, is the best way to give your PC free of malware to have regular checkups with a good antivirus program and always make sure the operating system is updated.

What Is Malware Types and How They Work?

Various types of mal ware and how do they work?

Mal ware is a general term used for viruses, worms, spyware and other malicious programs that are represented on the Internet. Cause in simple terms, a software that is designed to direct or indirect damage to the computer system referred to as malware.

What Is Malware

Some malicious programs cause serious problems, such as the destruction of the system files, making or interruptions in the operation of the computer or the collection of sensitive information, while others may have a slight effect, and redirecting to pornographic users annoyed with pop-ups and banners.

In the routine, we would often malicious program that was known as a virus, but this is not correct! In fact, as mentioned above, there are several programs, where the virus is evil. Now many of you may be wondering to know what is the difference between the two. Well, this article contains information about the different types of mal ware that exist, how they work and how they differ:

Computer Virus:

As we all know, this is the kind of malware that has become very popular and is one of the most discussed topics in the field of computer security. A virus is a computer program in order to control unauthorized access to an infected machine to data or system performance degradation will be damaged.

Mode of Spreading:

Computer virus works by attaching a file or existing replicas and spread from one computer to another. In most cases tend to infect executable files that are part of the legitimate programs. Therefore, if the infected file is executed on a new computer, the virus is active and the game caused the damage or programmed into the system.

A virus can not damage his duties and replication, if they can be executed. Therefore, the virus is often choose an executable file as host and stick to it. Viruses are divided into two main types:


Types of computer virus
 
Nonresident viruses: These viruses are held in conjunction with the host, perform the necessary steps to find and infect other files, if possible, and transfers control to the main program (host). The transaction will be completed by the virus from the host.

The resident virus: For resident viruses when the infected program is executed by the user, the virus is activated, its own replication load module into the memory, and then control returns to the main program. In this case, the virus remains in the memory to find active waiting for an opportunity to infect other files, even after the main program (host) has been completed.

Damage:

Viruses are known to cause the destruction of data and software. In some cases, a virus can do more than just playing. However, they are for the use of a large portion of the system resources, such as CPU and memory, which affect performance.

Remain immune to the virus, you can check out my other post about 12 tips to keep your computer virus free.

Trojan:

A Trojan or Trojan horse called simply. Kind of malicious program that is disguised as something legitimate and useful The main purpose of a Trojan horse is to win the trust of the users from so that you get the permission for the installation. But the back is designed to offer control unauthorized computer to the hacker.

Mode:

A Trojan horse does not depend on the host. Thus, as opposed to a virus, it is not prone to attach to other files. Trojans are often used as video codec software, cracks, keygens and similar programs disguised downloaded from untrusted sources. Therefore, care must be taken taken to untrusted websites offering free downloads.

An example of the poplar DNSChanger Trojan was designed to deflect the victim DNS machine. It was by some dishonest pornographic sites as required video codec to view the contents distributed online.

Damage:

Trojans are known to cause a variety of damage, such as stealing passwords and login data, theft of electronic money, keystrokes, log edit / delete files of user activity monitor, etc.

Worms:

Worms are spread independently to computer programs with malicious intent from one computer to another. Unlike viruses, worms have the ability to work independently and not to bind to a different program.

Mode:

Worms often use a computer network to spread by exploiting the vulnerabilities that exist in the different teams. In most cases, the worms are spread only to operate without any serious change in the computer system.

Damage:

Unlike viruses, worms do not. Damage to the file system and other important programs However, they are responsible for the consumption of bandwidth and expanding network performance.

Spy ware:

Spy ware is a type of malicious software that can collect information about the activities of the target computer without the knowledge of its users. Spy wares such as keyloggers are often used by the owner or administrator of the computer, installed to monitor user activities. This can be a parent tries to his son, who control a company that tries to your employee or someone to spy on your husband / wife has tried to control.

Mode:

Spyware is designed to fully operate in stealth mode, so that their presence is completely hidden by the user of the computer. Once installed monitor all computer activity, including keystrokes, web activities, instant messaging, etc. These log records are kept secret for later access or download online, so that the installer can access spyware.

Damage:

In addition to monitoring, no spyware no. Damage to the equipment But in some cases, the affected computer experience performance degradation.

Adware:

Adware is software that. Automatically displays users without their permission Common examples include pop-ups, pop-unders, and other annoying banners. The main reason for the design of the Adware is to generate revenue for its author.

Mode:

Adware is usually some free services, such as browser toolbars, Video Down loader, etc. If such programs are installed installed, can take over the adware and redirect the user activity appears annoying ads.

Damage:

Adware is harmless in most cases. However, it is known that some spyware that can be used to monitor the browsing habits of users are provided. This can be a threat to the privacy of users.

You can keep your distance ad-ware and mal ware. I hope this article informative and useful. Place your comment.