Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label App Store. Show all posts
Technology
AI App Store ChatGPT DeepSeek-R1 Microsoft Technology

DeepSeek Under Investigation Leading to App Store Withdrawals

 


As one of the world's leading AI players, DeepSeek, a chatbot application developed by the Chinese government, has been a formidable force in the artificial intelligence arena since it emerged in January 2025, launching at the top of the app store charts and reshaping conversations in the technology and investment industries. After initially being hailed as a potential "ChatGPT killer" by industry observers, the platform has been the subject of intense scrutiny since its meteoric rise. 

The DeepSeek platform is positioned in the centre of app store removals, cross-border security investigations, and measured enterprise adoption by August 2025. In other words, we are at the intersection of technological advances, infrastructure challenges, and geopolitical issues that may shape the next phase of the evolution of artificial intelligence in the years ahead. 

A significant regulatory development has occurred in South Korea, with the Personal Information Protection Commission confirming that DeepSeek temporarily suspended the download of its chatbot applications while working with local authorities to address privacy concerns and issues regarding DeepSeek's data assets. On Saturday, the South Korean version of Apple's App Store, as well as Google Play in South Korea, were taken down from their respective platforms, following an agreement with the company to enhance its privacy protection measures before they were relaunched.

It has been emphasised that, although existing mobile users and personal computer users are not affected, officials are urging caution on behalf of the commission; Nam Seok, director of the investigation division, has advised users to remove the app or to refrain from sharing personal information until the issues have been addressed. 

An investigation by Microsoft's security team has revealed that individuals reportedly linked to DeepSeek have been transferring substantial amounts of data using OpenAI's application programming interface (API), which is a core channel for developers and enterprises to integrate OpenAI technology into their products and services. Having become OpenAI's biggest shareholder, Microsoft flagged this unusual activity, triggering a review internally. 

There has been a meteoric rise by DeepSeek in recent days, and the Chinese artificial intelligence startup has emerged as an increasingly prominent competitor to established U.S. companies, including ChatGPT and Claude, whose AI assistant is currently more popular than ChatGPT. On Monday, as a result of a plunge in technology sector stock prices on Monday, the AI assistant surged to overtake ChatGPT in the U.S. App Store downloads. 

There has been growing international scrutiny surrounding the DeepSeek R1 chatbot, which has recently been removed from Apple’s App Store and Google Play in South Korea amid mounting international scrutiny. This follows an admission by the Hangzhou-based company that it did not comply with the laws regulating personal data privacy.

As DeepSeek’s R1 chatbot is lauded as having advanced capabilities at a fraction of its Western competitors’ cost, its data handling practices are being questioned sharply as well. Particularly, how user information is stored on secure servers in the People’s Republic of China has been criticised by the US and others. The Personal Information Protection Commission of South Korea confirmed that the app had been removed from the local app stores at 6 p.m. on Monday. 

In a statement released on Saturday morning (900 GMT), the commission said it had suspended the service due to violations of domestic data protection laws. Existing users can continue using the service, but the commission has urged the public not to provide personal information until the investigation is completed.

According to the PIPC, DeepSeek must make substantial changes so that it can meet Korean privacy standards. A shortcoming that DeepSeek has acknowledged is this. In addition, data security professor Youm Heung-youl, from Soonchunhyang University, further noted that despite the company's privacy policies relating to European markets and other markets, the same policy does not exist for South Korean users, who are subject to a different localised framework. 

In response to an inquiry by Italy's data protection authority, the company has taken steps to ensure the app takes the appropriate precautions with regard to the data that it collects, the sources from which it obtains it, its intended use, legal justifications, and its storage in China. 

While it is unclear to what extent DeepSeek initiated the removal or whether the app store operators took an active role in the process, the development follows the company's announcement last month of its R1 reasoning model, an open-source alternative to ChatGPT, positioned as an alternative to ChatGPT for more cost-effectiveness. 

Government concerns over data privacy have been heightened by the model's rapid success, which led to similar inquiries in Ireland and Italy as well as a cautionary directive from the United States Navy indicating that DeepSeek AI cannot be used because of its origin and operation, posing security and ethical risks. The controversy revolves around the handling and storage of user data at the centre of this controversy.

It has been reported that all user information, including chat histories and other personal information of users, has been transferred to China and stored on servers there. A more privacy-conscious version of DeepSeek's model may be run locally on a desktop computer, though the performance of this offline version is significantly slower than the cloud-connected version that can be accessed on Apple and Android phones. 

DeepSeek's data practices have drawn escalating regulatory attention across a wide range of jurisdictions, including the United States. According to the privacy policies of the company, personal data, including user requests and uploaded files, is stored on servers located in China, which the company also claims it does not store in the U.S. 

As Ulrich Kamp stated in his statement, DeepSeek has not provided credible assurances that data belonging to Germans will be protected to the same extent as data belonging to European Union citizens. He also pointed out that Chinese authorities have access to personal data held by domestic companies with extensive access rights. 

It was Kamp's office's request in May for DeepSeek to either meet EU data transfer requirements or voluntarily withdraw its app, but the company did not do so. The controversy follows DeepSeek's January debut when it said that it had created an AI model that rivalled the ones of other American companies like OpenAI, but at a fraction of the cost. 

Over the past few years, the app has been banned in Italy due to concerns about transparency, as well as restricted access to government devices in the Netherlands, Belgium, and Spain, and the consumer rights organisation OCU has called for an official investigation into the matter. After reports from Reuters alleging DeepSeek's involvement in China's military and intelligence activities, lawmakers are preparing legislation that will prohibit federal agencies from using artificial intelligence models developed by Chinese companies. 

According to the Italian data protection authority, the Guarantor for the Protection of Personal Data, Hangzhou DeepSeek Artificial Intelligence and Beijing DeepSeek Artificial Intelligence have been requested to provide detailed information concerning the collection and processing of their data. A regulator has requested clarification about which personal data is collected, where the data originates, what the legal basis is for processing, and whether it is stored on Chinese servers. 

There are also other inquiries peopl would like to make regarding the training methodologies used for DeepSeek's artificial intelligence models, such as whether web scraping is involved, and how both registered as well as unregistered users are informed of this data collection. DeepSeek has 20 days to reply to these inquiries. 

As Forrester analysts have warned, the app has been widely adopted — it has been downloaded millions of times, which means that large amounts of potentially sensitive information are being uploaded and processed as a result. Based on DeepSeek's own privacy policy, the company has noted that it may collect user input, audio prompts, uploaded files, feedback, chat histories, and other content for training purposes, and may share these details with law enforcement officials or public authorities as needed. 

Although DeepSeek's models remain freely accessible throughout the world, despite regulatory bans and investigations intensifying in China, developers continue to download, adapt, and deploy them, sometimes independent of the official app or Chinese infrastructure, regardless of the official ban. The technology has become increasingly important in industry analysis, not just as an isolated threat, but as part of a broader shift toward a hardware-efficient, open-weight AI architecture, a trend which has been influenced by players such as Mistral, OpenHermes, and Elon Musk's Grok initiative, among many others.

To join the open-weight reasoning movement, OpenAI has released two open-weight reasoning models, GPTT-OSS-120B and GPTT-OSS-20B, which have been deployed within their infrastructure. During the rapid evolution of the artificial intelligence market, the question is no longer whether open-source AI can compete with existing incumbents—in fact, it already has. 

It is much more pressing to decide who will define the governance frameworks that will earn the trust of the public at a time when artificial intelligence, infrastructure control, and national sovereignty are converging at unprecedented rates. Despite the growing complexity of regulating advanced artificial intelligence in an interconnected, highly competitive global market, the ongoing scrutiny surrounding DeepSeek underscores the importance of governing advanced artificial intelligence. 

As a disruptive technological breakthrough evolved, it became a geopolitical and regulatory hot-button, demonstrating how privacy, security, and data sovereignty have now become a major issue in the race against artificial intelligence. Policymakers will find this case extremely significant because it emphasizes the need for coherent international frameworks that can address cross-border data governance and balance innovation with accountability, as well as addressing cross-border data governance. 

Whether it is enterprises or individuals, it serves to remind them that despite the benefits of cutting-edge AI tools, they come with inherent risks, risks that need to be carefully evaluated before they are adopted. A significant part of the future will be the blurring of the boundaries between local oversight and global accessibility as AI models become increasingly lightweight, hardware-efficient, and widely deployable. 

As a result, trust will not be primarily dependent on technological capability, but also on transparency, verifiable safeguards, and the willingness of developers to adhere to ethical and legal standards in the markets they are trying to serve in this environment. It is clear from the ongoing scrutiny surrounding DeepSeek that in a highly competitive global market, regulating advanced artificial intelligence is becoming increasingly complicated as it becomes increasingly interconnected. 

The initial breakthrough in technology has evolved into a geopolitical and regulatory flashpoint, demonstrating how questions of privacy, security, and data sovereignty have become a crucial element in the race toward artificial intelligence. It is clear from this case that policymakers have a pressing need for international frameworks that can address cross-border data governance and balance innovation with accountability. 

For enterprises and individuals alike, the case serves as a reminder that embracing cutting-edge artificial intelligence tools comes with inherent risks and that the risks must be carefully weighed before adoption can be made. It will become increasingly difficult to distinguish between local oversight and global accessibility as AI models become more open-minded, hardware-efficient, and widely deployable as they become more open-hearted, hardware-efficient, and widely deployable. 

In such a situation, trust will not be solely based on technological capabilities, but also on transparency, verifiable safeguards, as well as the willingness of developers to operate within the ethical and legal guidelines of the market in which they seek to compete.
Read more »
malware
Android App Store Apple Dating App Google iOS malware

Fake Dating Apps Target Users in a New Appstore Phishing Campaign

Fake Dating Apps Target Users in a New Appstore Phishing Campaign

Malicious dating apps are stealing user information

When we download any app on our smartphones, we often don't realize that what appears harmless on the surface can be a malicious app designed to attack our device with malware. What makes this campaign different is that it poses as a utility app and uses malicious dating apps, file-sharing apps, and car service platforms. 

When a victim installs these apps on their device, the apps deploy an info-stealing malware that steals personal data. Threat actors behind the campaign go a step further by exposing victims’ information if their demands are not met.

iOS and Android users are at risk

As anyone might have shared a link to any malicious domains that host these fake apps, Android and iOS users worldwide can be impacted. Experts advise users to exercise caution when installing apps through app stores and to delete those that seem suspicious or are not used frequently. 

Zimperium’s security researchers have dubbed the new campaign “SarangTrap,” which lures potential targets into opening phishing sites. These sites are made to mimic famous brands and app stores, which makes the campaign look real and tricks users into downloading these malicious apps. 

How does the campaign work?

After installation, the apps prompt users to give permissions for proper work. In dating apps, users are asked to give a valid invitation code. When a user enters the code, it is sent to a hacker-controlled server for verification, and later requests are made to get sensitive information, which is then used to deploy malware on a device. This helps to hide the malware from antivirus software and other security checks. The apps then show their true nature; they may look real in the beginning, but they don’t contain any dating features at all.

How to stay safe from fake apps

Avoid installing and sideloading apps from unknown websites and sources. If you are redirected to a website to install an app instead of the official app store, you should immediately avoid the app.

When installing new apps on your device, pay attention to the permissions they request when you open them. While it is normal for a text messaging app to request access to your texts, it is unusual for a dating app to do the same. If you find any permission requests odd, it is a major sign that the app may be malicious.

Experts also advise users to limit the number of apps they install on their phones because even authentic apps can be infected with malicious code when there are too many apps installed on your device.

Read more »
Telegram
App Store Malicious Content Mobile Security Social Media App Telegram

Security Analysts Observe Massive Surge in Telegram App Downloads Following Durov Arrest

 

The arrest of Telegram creator and CEO Pavel Durov in France is beginning to have an influence on the app's popularity and position.

The founder was arrested last month for allegedly allowing illicit practices to thrive on the social media platform by failing to properly monitor posts, particularly in drug trafficking, money laundering, and the spread of child sexual abuse material (CSAM). 

Despite concerns regarding the app's content, Telegram is now experiencing a spike in downloads, propelling it to the No. 2 spot on the U.S. App Store's Social Networking charts and increasing global iOS downloads by 4%. 

After Durov's arrest, Telegram took some time to rise. This might be the case because a lot of individuals found out about the news only after reading the stories they had missed over the weekend, or because third-party sources of app store intelligence take a little longer to report changes in rankings. 

According to Appfigures, an app intelligence company, Telegram didn't rise to the No. 2 spot on the Social Networking charts on the U.S. App Store until 3 a.m. EST on Monday, suggesting that the app is just now starting to gain traction. The app had already fallen to No. 3 in Social in the U.S. as of the time of publication, so it might only be a temporary boost.

However, the app shot to the top of the App Store's Social Networking category and rose to become the third most popular app overall in France, the country where Durov was arrested. After climbing ten spots since Friday, Telegram now stands at No. 8 in the top apps chart (which does not include games). Appfigures stated that this is the highest position it has held here since at least January 1, 2023. Apple often uses a combination of measures, including download velocity and app install count, to determine app store rankings.

Nevertheless, the cliché "any press is good press" appears to hold true, at least in terms of Telegram's exposure on the App Store. As consumers downloaded the app out of curiosity — or possibly to support the founder's views about "free speech" — it began to rise in the rankings.
Read more »
Tech Giant
App Developers App Store Apple Data Breach Digital Services Epic Games Financial Exploit Fortnite Google Tech Giant

Epic Games Wins: Historic Decision Against Google in App Store Antitrust Case

The conflict between tech behemoths Google and Apple and Fortnite creator Epic Games is a ground-breaking antitrust lawsuit that has rocked the app ecosystem. An important turning point in the dispute occurred when a jury decided to support the gaming behemoth over Google after Epic Games had initially challenged the app store duopoly.

The core of the dispute lies in the exorbitant fees imposed by Google and Apple on app developers for in-app purchases. Epic Games argued that these fees, which can go as high as 30%, amount to monopolistic practices, stifling competition and innovation in the digital marketplace. The trial has illuminated the murky waters of app store policies, prompting a reevaluation of the power dynamics between tech behemoths and app developers.

One of the key turning points in the trial was the revelation of internal emails from Google, exposing discussions about the company's fear of losing app developers to rival platforms. These emails provided a rare glimpse into the inner workings of tech giants and fueled Epic Games' claims of anticompetitive behavior.

The verdict marks a significant blow to Google, with the jury finding in favor of Epic Games. The decision has broader implications for the tech industry, raising questions about the monopolistic practices of other app store operators. While Apple has not yet faced a verdict in its case with Epic Games, the outcome against Google sets a precedent that could reverberate across the entire digital ecosystem.

Legal experts speculate that the financial repercussions for Google could be substantial, potentially costing the company billions. The implications extend beyond financial penalties; the trial has ignited a conversation about the need for regulatory intervention to ensure a fair and competitive digital marketplace.

Industry observers and app developers are closely monitoring the fallout from this trial, anticipating potential changes in app store policies and fee structures. The ruling against Google serves as a wake-up call for tech giants, prompting a reassessment of their dominance in the digital economy.

As the legal battle between Epic Games and Google unfolds, the final outcome remains years away. However, this trial has undeniably set in motion a reexamination of the app store landscape, sparking debates about antitrust regulations and the balance of power in the ever-evolving world of digital commerce.

Tim Sweeney, CEO of Epic Games, stated "this is a monumental step in the ongoing fight for fair competition in digital markets and for the basic rights of developers and creators." In the coming years, the legal structure controlling internet firms and app store regulations will probably be shaped by the fallout from this trial.

Read more »
Zero Exploit
Android App Store Data Google malware Safety Security Zero Exploit

Pinduoduo Malware Executed a Dangerous 0-day Exploit Against Millions of Android Devices

 

In accordance with a new report, Pinduoduo, a popular Chinese shopping app, exploited a zero-day vulnerability in the Android operating system to uplift its own privileges, rob personal data from infected endpoints, and install malicious apps. 

 Numerous sources validated the allegations, including cybersecurity firm Kaspersky, which examined "previous versions" of the app that were still being distributed through a Chinese app store and concluded that it exploited a flaw to install backdoors. 

“Some versions of the Pinduoduo app contained malicious code, which exploited known Android vulnerabilities to escalate privileges, download and execute additional malicious modules, some of which also gained access to users’ notifications and files,” Igor Golovin, a Kaspersky security researcher, told Bloomberg.

Google and Android are both not available in China, meaning the Play Store isn’t available there, either. According to ArsTechica, the versions of Pinduoduo available on both the Play Store and the Apple Store are clean. Nonetheless, Google removed it from its app repository last week and advised users to uninstall it if they had it.

According to Bloomberg, the announcement labeled the app "harmful" and alerted users that their data and devices were at risk. PDD, the app's developer, denied any wrongdoing and stated that the apps were clean.

“We strongly reject the speculation and accusation that the Pinduoduo app is malicious from an anonymous researcher,” the company told ArsTechnica in an email. “Google Play informed us on March 21 morning that Pinduoduo APP, among several other apps, was temporarily suspended as the current version is not compliant with Google’s Policy, but has not shared more details. We are communicating with Google for more information.” 

As per Lookout's initial investigation, at least two versions of the app exploited a flaw known as CVE-2023-20963, which was patched about two weeks ago. It's an escalation of privilege flaw that was being exploited before Google made it public.

According to Lookout's Christoph Hebeisen, this is a "very sophisticated attack for an app-based malware. In recent years, exploits have not usually been seen in the context of mass-distributed apps. Given the extremely intrusive nature of such sophisticated app-based malware, this is an important threat mobile users need to protect against.”
Read more »
Twitter
App Store Apple Elon Musk Technology Tim Cook Twitter

Twitter Feud with Apple Boss Resolved, Says Elon Musk


Twitter CEO Elon Musk has recently said that he and Apple boss Tim Cook have “resolved the misunderstanding” over Twitter being possibly removed from the App Store. 

The feud began when earlier this week, Musk, in a series of tweets accused Apple of halting most of the advertisements and threatening to remove the platform from its App Store. He added that this situation had become “a battle for the future of civilization.” 

However, Apple’s chief executive tweeted on Wednesday that “Tim was clear that Apple never consider doing so.” While he did not say whether Apple’s advertising was discussed in the meeting. 

The meeting between the two CEOs as numerous companies have halted spending on advertisements on Twitter, due to concerns over Elon Musk’s content moderation plan. 

This would apparently be a major setback for Twitter since Twitter relies on advertisements for the majority of its aggregate revenue. 

On Monday, the Twitter CEO accused apple of “censorship,” while also criticizing its policies, particularly the levies it imposes on purchases made through its App Store. “Apple has mostly stopped advertising on Twitter. Do they hate free speech in America?” said Musk. 

Later, Musk updated his Twitter followers that he was meeting with Mr. Cook at Apple’s headquarters, adding in his tweet: “Good conversation. Among other things, we resolved the misunderstanding about Twitter potentially being removed from the App Store. Tim was clear that Apple never considered doing so.” Meanwhile, Apple has not made any official comment on the said meeting. 

Weeks after Mr. Musk became the chief executive, Twitter lost at least half of its major advertisers. This estimates a loss of nearly $750 million to the social media giant, as reported by Media Matters, a non-profit watchdog. 

Some of the major advertisers lost included General Mills and Pfizer. Musk as well acknowledged that this defection has resulted in a “massive drop” in revenue, with the company losing $4 million per day. 

Apple, on the other hand, is consistently one of the major advertisers on the social network company, spending over $100 million annually, as reported by Bloomberg.  

Read more »
malware
Android App Store Apple Google iOS malware

Tim Cook Claims Android has 47 Times the Amount of Malware as iOS

 

During a live chat, Apple CEO Tim Cook stated that Android has more malware than iOS and that "sideloading" mobile software is not in the "best interests of users." Sideloading apps entails manually downloading and installing software over the Internet rather than from an app store. Apple's security and privacy would be ruined if it were compelled to enable side-loading programmes, as Android does, he stated on June 16 while speaking remotely at the VivaTech 2021 conference in Paris, France. 

When asked about the planned European law known as the Digital Markets Act (DMA), which attempts to prohibit big digital corporations from monopolizing their market position, Cook stated that Apple opposes it because it would require the company to allow consumers to install apps outside of the App Store. Cook also stated that Android has "47 times more malware" than Apple since iOS is created with a single app store. 

Explaining the reason, Cook added, "It's because we've designed iOS in such a way that there's one app store and all of the apps are reviewed prior to going on the store. And so that keeps a lot of this malware stuff out of our ecosystem, and customers have told us very continuously how much they value that, and so we're going to be standing up for the user in the discussions." 

Cook further claimed that the DMA's present language, which will compel side-loading on the iPhone, will "destroy the security" of the smartphone and many of the App Store's privacy measures. 

DMA targets firms with a huge user base, such as Apple, Google, and Amazon, and encourages them to open up their platforms to competitors. The proposed rule also intends to provide a more level playing field for businesses and individuals who rely on large "gatekeeper" online platforms to sell their goods and services in a single market. 

“We've been focusing on privacy for over a decade,” Cook stated when asked about Apple's commitment to privacy. “We see it as a basic human right. A fundamental human right. And we've been focused on privacy for decades. Steve used to say privacy was stating in plain language what people are signing up for and getting their permission. And that permission should be asked repeatedly. We've always tried to live up to that.”
Read more »
Technology
App Store Apple Apple Store iOS Scams Technology

Is Apple's Monopoly Making Its Security Vulnerable?


It's a well-known fact that Apple’s devices are undoubtedly way safer than any other company’s products, however, in recent research analysis, many reports claimed it to be a myth. 

According to the experts, Apple’s complex process of downloading apps has created a notion of added security but seemingly such is not the case, as revealed in deeper examinations. 

Reportedly, around 2% of the top-grossing iOS apps, are in some way, scams. Customers of several VPN apps, which protect users’ data, have complained against Apple App Store – saying that their devices are contaminated by a virus that tricks them to download and pay for software that they don’t need. 

An illegal QR code reader app that remains for a week on the store tricks users into paying $4.99. Moreover, some apps even mock themselves as being from big global organizations such as Amazon and Samsung. 

Apple always maintained its exclusive command on the App Store and describes this as its policy which is essential for customer’s sensitive personal credentials. Apple has a monopoly in the App market in terms of customer trust. However, some analysts said that this is indeed the biggest problem that there is no competition against this giant in the market, if some companies will come with alternatives then– as a matter of fact – Apple will invest more money in strengthening their security measures. 

“If consumers were to have access to alternative app stores or other methods of distributing software, Apple would be a lot more likely to take this problem more seriously,” said Stan Miles, an economics professor at Thompson Rivers University in British Columbia, Canada. 

As per the statistics, that Apple generates huge profit from the App store; around 30 percent of its revenue is constituted by the App store. 

Apple spokesperson Fred Sainz said in a statement that, “We hold developers to high standards to keep the App Store a safe and trusted place for customers to download software, and we will always take action against apps that pose a harm to users…” 

“…Apple leads the industry with practices that put the safety of our customers first, and we’ll continue learning, evolving our practices, and investing the necessary resources to make sure customers are presented with the very best experience.”
Read more »
Privacy
Amazon Web Services App Store iOS iPhone Privacy

A Bug in iPhone Call Recording App Exposed Clients Data

 

A security vulnerability in a famous iPhone call recording application exposed thousands of users' recorded conversations. The flaw was found by Anand Prakash, a security researcher and founder of PingSafe AI, who tracked down that the aptly named Automatic Call Recorder application permitted anybody to access the call recordings from different clients — by knowing their phone number. 
 This application can track and record calls without an internet connection and can alter the voices of recordings, upload them to Dropbox, Google Drive, or One Drive, and also can translate in up to 50 dialects. All the client information gets stored in the company’s cloud storage on Amazon web services. This cloud storage has somewhere around 130,000 audio recordings that make up almost 300 GB. 

 Security circumstances like this are disastrous. Alongside affecting client's security, these issues likewise debilitate the organization's image and give an additional benefit to the contenders, said Anand Prakash. “This wasn’t just a violation of data privacy but also affected the users physically and at cyber risk, if their recorded conversations carry sensitive personal information. App makers that go wrong in investing in their cybersecurity must accept that the fines they could face for non-compliance with data privacy laws are extremely expensive – not to mention the cost of losing their customers' trust” he added. 

The bug was detected by Anand Prakash on the 27th of the last month when he was able to modify the web traffic and supplant the enlisted telephone number with someone else's number utilizing a proxy site called Burp, which gave him admittance to that person's call records and details. Fortunately, the bug was fixed by Saturday, March 6th, and the glitch-free version was launched in the Apple App Store. 

The call recorder clients were advised to uninstall the previous variant and download the latest rendition that is 2.26 or newer which is accessible on the Apple App Store. The paid variant is $6.99 for 7 days; additionally, they allow a three-day trial period. Their most basic monthly membership costs $14.99, with a 12 months advance, and has a few other options as well.
Read more »
Trojan
App Store Apple iOS Malware malware Trojan

17 Trojan infested apps you need to delete from your iPhone right now!


Just like the ancient Greek story, where soldiers sneak into the gates of troy by hiding inside a wooden horse similarly Trojans sneak in your phone in the face of harmless apps that you voluntarily install. Apple users are being warned about such apps, to check their devices against a list of malware apps and delete them according to a report by Wandera.

Research team at Wandera, a software-as-a-service firm, has identified 17 apps that install malicious Trojan module on iOS devices. Apple says that the infected apps have been removed from the app store but after examination they found that the apps did not contain the claimed Trojan malware. Instead, the apps were removed because of being adware specifically called the "clicker Trojan malware" and included code that enabled artificial click-through of add and made it seem like you viewed an advertisement which is against App Store's guidelines. Apple further said that the protective tools of App Store have been updated to detect such apps.

 Below is the list of infected apps:

RTO Vehicle Information
EMI Calculator & Loan Planner
File Manager - Documents
Smart GPS Speedometer
CrickOne - Live Cricket Scores
Daily Fitness - Yoga Poses
FM Radio PRO - Internet Radio
My Train Info - IRCTC & PNR​ (not listed under developer profile)
Around Me Place Finder
Easy Contacts Backup Manager
Ramadan Times 2019
Pro Restaurant Finder - Find Food
BMI Calculator PRO - BMR Calc
Dual Accounts Pro
Video Editor - Mute Video
Islamic World PRO - Qibla
Smart Video Compressor

The developer of these is AppAspect Technologies, from India with apps for iOS as well as Android. Wandera said that on examining these apps, they didn't contain the clicker Trojan malware but they used too. Covington thinks it's a possibility that they used to contain Trojan but were pulled from the store, and republished after removing the Trojan module, perhaps the bust on Play store made them retreat and focus their attention on iOS.

According to Wandera, the Trojan not only performed adware but also steal information and data to send to external command or controller, create back-doors, performance degradation, battery drain and heavy bandwidth use. The fact that they published on App Store and remained undetected is alone a matter of concern. “We were amazed with this one,” Wandera VP Michael Covington said in a statement to Forbes. “We've seen a couple of issues creep into the Apple App Store over the last few months—and it always seems to be the network element.”

Apple stands it's ground that any such Trojan malware existed, saying there was no danger beyond ad click-through fraud. But the good news is, the problem is solved on deleting the apps and no remains are left behind. “There is no access to special frameworks that might have left something behind,” Covington explained.
Read more »
iPhone Hacks
App App Store App vulnerability iPhone iPhone Contacts iPhone Hacks

iPhone contacts app vulnerable to hack attack, says security firm


Apple has never shied away from boasting about how secure its systems are, but researchers have found that contacts saved on iPhones are vulnerable to an SQLite hack attack which could infect the devices with malware.

SQLite - the most widespread database engine in the world - is available in every operating system (OS), desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite.

Security firm Check Point has demonstrated a technique being used to manipulate Apple's iOS Contacts app. Searching the Contacts app under these circumstances triggers the device to run malicious codes, Apple Insider reported on Saturday.

The vulnerability has been identified in the industry-standard SQLite database.

Documented in a 4,000-word report, the company's hack involved replacing one part of Apple's Contacts app and while apps and any executable code has to go through Apple's startup checks, an SQLite database is not executable.

"Persistence (keeping the code on the device after a restart) is hard to achieve on iOS as all executable files must be signed as part of Apple's Secure Boot. Luckily for us, SQLite databases are not signed," the report quoted the Check Point researchers as saying.

As of now, Apple has not commented on Check Point's report.
Read more »
Hacking
App Store Apps Cyber Crime Cyber Security Fraud Hacking

Apps Generating Untraceable International Phone Numbers ?






Applications that generate international phone numbers that are super difficult to track are being employed by cyber criminals to rip people off.

A recent victim that had called the cyber-crime branch complained that they received a call from two spate numbers one with 001 and the other with 0063 as the country codes.

Per sources the app stores happen to contain 40 to 60 such apps through which cyber-cons could easily get these numbers.

Sources mentioned that allegedly “Dingtone” is an app via which a user can easily sift through a variety of country codes which are absolutely untraceable.

These cases according to the cyber-crime branch aren’t categorized separately but these are surely being registered and deliberated upon.



According to the cyber-security researchers a minimum of 500 cases come into existence per day in India alone with 40 cases pinning on major cities.

The police lack the technological efficiency as well as resources to possibly track the users of such applications. There is also a matter of jurisdiction.

Mostly, the above-mentioned apps are ‘not’ developed by Indian initiators but ironically originated from countries that have strict laws on removal of apps.

Information of the caller could seemingly be obtained by requesting the telecom service providers as such services are always linked together.

However, requesting the details of the callers from a telecom service provider abroad is extremely time-consuming. Besides, the CBI would require Mutual Legal Assistance Treaty with that very country.

As of now, such treaties exist with only 39 countries. In addition some countries could also demand a court order and furthermore the procedure in itself takes six to eighteen months.

Read more »
Subscribe to: Posts (Atom)