Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Android devices.. Show all posts

Over 60K Adware Apps Target Android Devices

Over 60,000 adware apps disguised as cracked versions of popular apps have been discovered, posing a significant threat to Android device users. These malicious apps have been circulating for the past six months, secretly installing adware and compromising user privacy.

The discovery was made by cybersecurity researchers who found that the adware apps were cleverly designed to imitate cracked versions of popular applications, tempting users with promises of free access to premium features. Once installed, these apps exploit their access to the device, displaying intrusive advertisements, redirecting users to potentially harmful websites, and collecting personal information without user consent.

The impact of these adware apps goes beyond annoying ads and pop-ups. They can significantly compromise user privacy and security, as they often have access to sensitive information such as contact lists, location data, and browsing history. Additionally, these apps can drain device resources and slow down performance, causing frustration for users.

The adware apps were distributed through various unofficial app stores and online forums, taking advantage of users' desire to access premium features without paying. Due to their deceptive nature, they managed to evade security measures and make their way onto unsuspecting users' devices.

To protect themselves from these threats, Android device users are advised to follow best practices for app installation. It is crucial to download apps only from official sources such as the Google Play Store, where apps undergo thorough security checks. Users should also be cautious of downloading cracked versions of apps from unauthorized websites or third-party app stores, as these are often breeding grounds for malware.

Furthermore, keeping devices up to date with the latest security patches and regularly scanning for malware using reputable mobile security solutions can help detect and remove any adware apps that may have infiltrated the system.

This incident serves as a reminder of the persistent threats faced by Android users and the need for heightened vigilance when downloading and installing applications. Users must remain cautious, exercise due diligence, and rely on trusted sources for their app needs.


The Exploitation of Rowhammer Attack Just Got Easier




With an increase in the number of hacks and exploits focused solely on fundamental properties of underlying hardware, Rowhammer, is one such attack known since 2012 which is a serious issue with recent generation dynamic random access memory (DRAM) chips which oftentimes while accessing a column of memory can cause "bit flipping" in a contiguous line, enabling anybody to alter the contents of the PC memory.

All previously known Rowhammer attack methods required privilege acceleration, which implies that the attacker needed to have effectively found and exploited a weakness within the framework. Lamentably, that is no longer true as researchers have discovered that you can trigger a Rowhammer attack while utilizing network packets.

Termed as 'Throwhammer,' the newfound technique could enable attackers to dispatch Rowhammer attack on the said focused frameworks just by sending uniquely crafted packets  to the vulnerable system cards over the Local Area Network.

A week ago, security researchers point by point developed a proof-of-concept Rowhammer attack strategy, named GLitch, that uses installed graphics processing units (GPUs) to carry out the Rowhammer attacks against Android gadgets.

Be that as it may, all previously known Rowhammer attack methods required privilege acceleration on a target device, which means that the attackers needed to execute code on their focused machines either by drawing casualties to a pernicious site or by deceiving them into installing a malignant application.



Tragically, this limitation has now been eliminated, at least for some devices.
Researchers at the Vrije Universiteit Amsterdam and the College of Cyprus have now discovered that sending despiteful packets over LAN can trigger the Rowhammer attack on systems running Ethernet network cards outfitted with Remote Direct Memory Access (RDMA), which is generally utilized as a part of clouds and data centres.

Since RDMA-enabled network cards allow computers in a system to trade information (with read and write privileges) in the fundamental memory, mishandling it to get to host's memory in fast progression can trigger bit flips on DRAM.

"We rely on the commonly-deployed RDMA technology in clouds and data centres for reading from remote DMA buffers quickly to cause Rowhammer corruptions outside these untrusted buffers, these corruptions allow us to compromise a remote Memcached server without relying on any software bug." researchers said in a paper [PDF] published Thursday.

Since activating a bit flip requires a huge number of memory accesses to particular DRAM locations within milliseconds, a fruitful  Throwhammer attack would require a very high-speed network of no less than 10Gbps.

In their experimental setup, the researchers achieved bit flips on the said focused server subsequent to accessing its memory 560,000 times in 64 milliseconds by sending packets over LAN to its RDMA-empowered network card.

Since Rowhammer exploits a computer hardware weakness no software fix can completely settle the issue once and for all. Researchers trust that the Rowhammer risk isn't just genuine but also has the potential to cause serious damage.

For additional in-depth knowledge on this new attack technique, the users' can access this paper published by the researchers on Thursday [PDF], titled
 "Throwhammer: Rowhammer Assaults over the System and Resistances"