Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Mobile Application Hacking.. Show all posts

Quick Heal detects 2 banking Trojans targeting Indian Android users


IT company Quick Heal on Tuesday warned that two new banking trojans (malware designed to steal financial data) targeting Android are hitting users in India to access confidential data.

The Trojans, named “Android.Marcher.C" and "Android.Asacub.T", operate by exploiting user behaviour of android mobile users and imitating notifications from leading banking and finance apps in India as well as popular social apps such as WhatsApp, Facebook, Twitter, Instagram, and Skype.

The trojans mask themselves by using misleading icons and names to trick users. “Android.Marcher.C" uses a fake Adobe Flash Player icon and "Android.Asacub.T" mimics an android update icon and the name “update”.

The malwares work by forcing the users into allowing special privileges to the app by clicking “Activate” after it is installed in the device.

Image credits: Quick Heal
Once the malware has this access, it is able to trick sensitive information from the user such as banking credentials, passwords, card details, etc. whenever the user opens one of the apps the trojan is designed to imitate. This is done by displaying a fake window asking for the credit/debit card number of the user without which, the user is unable to access the app.

Sanjay Katkar, Co-founder and CTO of Quick Heal Technologies Limited, said, "Indian users often download unverified apps from third-party app stores and links sent through SMS and email. This gives hackers a lucrative opportunity to steal confidential information from unsuspecting users."

He also said the company has detected three other similar malware in less than six months and that it seems like hackers are now targeting mobile users as they are “far more vulnerable to sophisticated phishing attacks”.

Android users are advised to practice caution when downloading apps and to only download them from trusted sources. Always verify app permissions and install a reliable mobile security app.

French Security Researcher Claims Personal Security Breach Of Users By PM Modi’s Android App.


Since everybody nowadays is more accustomed to do everything digitally rather than manually the usage of applications and other technological shortcuts is very common , but it is still a shocking revelation for any user to come to know that his/her personal data is being transmitted to a third party without their consent, but what’s more distressing here is the fact the  “app” that is held responsible to do so is the Narendra Modi app, the personal mobile application of the Prime Minister of India Narendra Modi.

French security researcher Elliot Alderson has claimed that the app. is allegedly sharing private information of users to a third-party US company Clever Tap without their consent, Alderson shared a series of tweets claiming that when users create profile on Narendra Modi Android app, their device information, as well as personal data, is sent to a third-party domain called in.wzrkt.com., which apparently belongs to the US company.



In order to confirm whether this privacy breach occurred or not, Alt News decided to take a deep dive into this issue and investigated PM Modi’s Android App. They used popular software called Charles, to intercept the data between the phone and the outside world so as to ascertain whether the user’s phone is transacting with a certain website or not.

The software is capable of enabling one to view all the HTTP and SSL/HTTPS traffic between a machine and the Internet.

Alt News, to verify the claim of the researcher, installed the Narendra Modi Android app and proceeded further to create a profile. After successfully registering they got to know that the “app” was transacting data over the Internet which they captured using the Charles software mentioned above. There they saw that personal information such as name, email id, gender, telecom operator type and more was indeed being shared with the website in.wzrkt.com.

Here, the email-id pratik@xyzabc.com that Alt news entered during registration has been sent to in.wzrkt.com.

This is a very consequential happening as security issues related to sharing of personal information  are becoming more and more generic and so to say, this is not the first time that Elliot Alderson has claimed to such an occurrence.