Showing posts with label NEWS. Show all posts
Showing posts with label NEWS. Show all posts

Is your android infected with Agent Smith? Here is how to check.


Agent Smith is a malware that effects smartphone, tablets, and other android based devices. According to the report by the checkpoint, this malware has affected about 25 million devices while users remain unaware of the malware.

Check Point believes that the ‘Agent Smith’ malware originated in China via an internet firm that helps Chinese Android app developers to localize and publish their apps in foreign markets. It’s spread through a third-party app store called 9Apps that is popular in Asian markets.

The malware gained its name because it mimics the famous Matrix character, as it hacks apps and forces them to show more ads and then siphons the ad revenue by taking credit for ads already shown

Agent Smith has mainly infected devices in India, Pakistan, and Bangladesh. However, around 303,000 devices have been infected in the US and further 137,000 devices in the UK. Some of the apps that ended up being infected include
  • WhatsApp
  • lenovo.anyshare.gps
  • mxtech.videoplayer.ad
  • jio.jioplay.tv
  • jio.media.jiobeats
  • jiochat.jiochatapp
  • jio.join
  • good.gamecollection
  • opera.mini.native
  • startv.hotstar
  • meitu.beautyplusme
  • domobile.applock
  • touchtype.swiftkey
  • flipkart.android
  • cn.xender
  • eterno
  • truecaller
Agent smith's Attack flow

Check Point also says that the malware’s operator seems to have attempted to expand into the Google Play Store. It managed to turn up in 11 apps on the Play Store, all of which included code related to a simpler or previous version of the Agent Smith malware. The report notes that the malware remained inactive or dormant, with Google removing all of the apps deemed ‘infected’ or ‘at risk’.

Also Read: Russian spy whale saves a woman's iPhone


 The core reason this app has spread is due to a vulnerability that was patched several years ago within Android but relied on developers updating their apps to add the protection. It’s clear that many have not done so according to these reports. It reiterates the importance of both app updates and Android security patches.

Does your phone still contain this malware?

Check Point says that it has informed Google about what it found on Agency Smith and that Google has cleaned the Play store to remove the apps that were infected with it. "So far, the primary victims are based in India through other Asian countries such as Pakistan and Bangladesh have also been impacted. Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store," the company notes.

But it is possible that your Android phone may have it. If you are getting too many ads on your phone, particularly sleazy or dubious ads, scan your phone with a good anti-virus app. At the same time, always follow good security practices. These are:

-- Don't download apps from third-party app stores like 9Apps. it's not worth it, even if you are getting an APK of a paid app for free. If it's free, do understand someone somewhere is benefitting from it. Always download apps from the official Google Play store.

-- If you suspect your phone is infected with Agent Smith, delete data of popular apps like WhatsApp and Flipkart by going into settings and reinstall these apps. Or rather do a factory reset.

-- Update your apps regularly via Google Play

-- Ideally, avoid sleazy apps or gaming apps from unknown sources.

-- While installing an app, carefully look at the permission it is asking for. Ideally, a gaming app should not ask for camera permission or photo app should not ask for network permission. Don't install an app if it seems dubious.

Russian Spy Whale Saves Woman's iphone


When you travel by boat to watch a whale and accidentally you slipped your phone into the ocean. What are your chances of getting it back? Let me guess 0%, Right!!

But that's her lucky day!!

Ina Mansika was sailing in waters in search for the beluga whale. She brought her iPhone along, hoping to catch a video of the whale.

She laid down on the dock to appear at it to get a chance to touch it. But she forgot to close the jacket pocket and her iPhone fell in the ocean.

Also Read: Netflix used a real mall built in the '80s as a location for the show 

she taught that her iPhone is gone forever, till the whale dove back down and came back a couple of moments later with her iPhone in its mouth.

This incident happened on May 5th, 2019.

Apparently, the beluga whale has lately defected from Russia. The Whale was initially spotted by a neighborhood fisherman, who removed a tight harness, most likely utilized for securing the camera gear.

The whale was most likely not informed of Apple's repair policy, nor did it comprehend the telephone was bricked from water harm. To Maniska, that is beside the point. The sort gesture was extremely a great deal appreciated.


<

Americans want to invade Area 51 to see Aliens


If you watch more Hollywood you might have heard about Area 51. If you watched Independence day movie by will smith you can get an idea what I am talking about. Everyone will have a little curious to take a peek of aliens inside of Area 51 which is common, but it is a highly restricted area for the public. People think that there are aliens in the site which is kept hidden by the USA Government.

There is a funny campaign going on right now on Facebook. More than 450k people wants to raid the Area 51 site in Nevada. Just to see what's inside the Area 51. Unfortunately, the campaign is fake but the memes that are coming to this event is hilarious.

Some enthusiast planed a strategy to Invade Area 51


Here are few hilarious memes about Area 51 capturing...

Foldable smartphone from Google has multiple pages


The foldable smartphone is the subject of 2019. Many manufacturers are currently working on the development of this new type of telephone with a flexible display. This also ensures completely new designs, so the Samsung Galaxy Fold and Huawei Mate X, announced earlier this year, have a totally different appearance. Another leading manufacturer that has a folding phone in development is Google.


Read More here

Yuvraj Singh Announces Retirement


Today in a press meet Yuvraj Singh announced retirement from all forms of cricket. "It's time to say goodbye and walks away. It was a beautiful story, but it has come to an end," says Yuvraj Singh in a short film played at the Mumbai event.

The all-rounder, accompanied by his wife and mother, told reporters of his decision at a city hotel close to the Wankhede Stadium where India lifted their last 50-overs World Cup title in 2011.  My next focus in life is to help cancer patients and underprivileged kids.

After 25 years in and around the 22 yards and almost 17 years of international cricket on and off, I have decided to move on. This game taught me how to fight, how to fall, to dust off, to get up again and move forward: Yuvraj Singh after announcing retirement from international cricket.

 It has been a lovely journey...see you on the other side Yuvraj Singh

 Watch Video here





We always remember your six sixes


SamSam Ransomware Attacks Extorted Nearly $6 Million


Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example.

New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started distributing the malware in the wild.

Researchers at Sophos have tracked Bitcoin addresses owned by the attackers mentioned on ransom notes of each SamSam version and found the attackers have received more than $5.9 million from just 233 victims, and their profits are still on the rise, netting around $300,000 per month.
"In total, we have now identified 157 unique addresses which have received ransom payments as well as 89 addresses which have been used on ransom notes and sample files but, to date, have not received payments," the new report by Sophos reads.

What makes SamSam stand out from other forms of ransomware is that SamSam is not distributed in an unplanned way via spam email campaigns; instead, attackers choose potential targets and infect systems manually.

Attackers first compromise the RDP on a targeted system—either by conducting brute force attack or using stolen credentials purchased from the dark web—and then attempt to strategically deploy SamSam ransomware throughout the network by exploiting vulnerabilities in other systems.

Unlike other well-known ransomware like WannaCry and NotPetya, SamSam does not include any worm-like or virus capabilities to spread by itself. Instead, the ransomware relies on the human attacker to spread it.


Once they're on the entire network, the ransomware then encrypts the system's data and demand a huge ransom payment (usually more than $50,000 which is much higher than normal) in Bitcoin in exchange for the decryption keys.

"A multi-tiered priority system ensures that the ransomware encrypts the most valuable data first, but eventually it also encrypts everything else that isn’t in a very short list of Windows system-related files."

"This method has several benefits. As a manual attack, it poses no risk of spreading out of control, attracting unwanted attention. It also allows the attacker to cherry pick targets, and to know which computers have been encrypted."

SamSam Ransomware Chooses Its Targets Carefully



Since December 2015, SamSam has significantly targeted some large organizations, including the Atlanta city government, the Colorado Department of Transportation, several hospitals and educational institutions like the Mississippi Valley State University.

So far, the largest ransom paid by an individual victim is valued at $64,000—a significantly large amount compared to most ransomware families.

Since the SamSam victims do not see any other option to restore their encrypted files, a significant percentage of victims are paying the ransom, making the attack more effective.

According to Sophos, 74 percent of the known victim organizations identified by the security firm is based in the United States, and others are distributed in Canada, the UK, and the Middle East.

To protect against this threat, users and organizations are recommended to keep regular backups, use multi-factor authentication, restrict access to RDP(on port 3389), and always keep systems and software up-to-date.