Sunday April 21, 2019
Home Lead Story Two New Virus...

Two New Viruses Stealing Data, Quick Heal Reports

The security researchers recommended Android users to avoid downloading apps

0
//
Data Recovery
Organizations figure out the cloud technology and whether it would add value to their operations

Two new sophisticated Android Banking trojan viruses are exploiting mobile users’ behaviour in India to gain access to their confidential data, global IT security firm Quick Heal warned on Tuesday.

Security experts at Quick Heal Security Labs have detected “Android.Marcher.C” and “Android.Asacub.T” — the two trojans that imitate notifications from popular social applications such as WhatsApp, Facebook, Skype, Instagram and Twitter as well as some of the leading banking apps in India.

By gaining access to incoming messages through administrative privileges, these malware also allow hackers to bypass the two-factor OTP authentication typically used for securing online transactions in India, the researchers warned.

“Indian users often download unverified apps from third-party app stores and links sent through SMS and email. This gives hackers a lucrative opportunity to steal confidential information from unsuspecting users,” said Sanjay Katkar, Co-founder and CTO, Quick Heal Technologies Limited.

“The fact that we’ve detected three similar malware in less than six months indicates that hackers are now targeting mobile users, who are far more vulnerable to sophisticated phishing attacks,” he added.

Anti-virus firewall
Anti-virus firewall, Pixabay

While “Android.Marcher.C” uses the Adobe Flash Player icon to look like a genuine app, “Android.Asacub.T” mimics an Android Update icon.

Whenever users access an app on the database of these malware, they are tricked into entering sensitive information such as banking credentials, card details, and login IDs/passwords before they can continue using the app.

This is not the first time that Quick Heal Security Labs has detected such a malware.

The researchers previously raised an alert in January this year about a similar Android Banking Trojan.

Known as “Android.banker.A2f8a”, the malware was distributed through a fake Flash Player on third-party app stores and mimicked more than 232 banking and cryptocurrency apps.

The security researchers have recommended Android users to avoid downloading apps through third-party app stores or through links provided in SMS and email.

“Always keep ‘Unknown Sources’ disabled, and verify app permissions before installing any app from official stores,” the security firm said.

Also read: Hacker who passed US military data to IS arrested

Users must also keep their Google Play Protect service always ‘ON’ and install a reliable mobile security app to detect and block fake/malicious apps, it added.(IANS)

Next Story

Facebook ‘Unintentionally’ Uploaded Emails of Nearly 1.5 mn Users

The social network said the contacts weren’t shared with anyone and are being deleted

0
Facebook, data, vietnam
This photo shows a Facebook app icon on a smartphone in New York. VOA

In a latest privacy goof up, Facebook “unintentionally” uploaded the emails of nearly 1.5 million of its users during the past three years.

A Facebook spokesperson admitted on late Wednesday that emails of 1.5 million people were harvested since May 2016 to help build Facebook’s web of social connections and recommend other users to add as friends.

First reported by Business Insider, the revelation came to light after a security researcher noticed that “Facebook was asking some users to enter their email passwords when they signed up for new accounts to verify their identities”.

“Last month we stopped offering email password verification as an option for people verifying their account when signing up for Facebook for the first time,” the Facebook spokesperson was quoted as saying.

facebook
FILE – A 3D printed Facebook logo is seen in front of a displayed Russian flag in this photo illustration, Aug. 3, 2018. VOA

“We’ve fixed the underlying issue and are notifying people whose contacts were imported,” Facebook said.

The social network said the contacts weren’t shared with anyone and are being deleted, reports CNET.

Also Read- Here’s Why TikTok Ban May Not Give the Desired Results

“People can also review and manage the contacts they share with Facebook in their settings,” said the company.

Facebook is facing the heat over several data scandals, including the massive Cambridge Analytica scandal where personal information of up to 87 million users was leaked. (IANS)