Malicious adware infects 20,000 apps for Androids, almost impossible to eradicate


Security researchers have found a new type of Android adware, which can trojanize itself into some of the most popular apps, such as WhatsApp and Facebook. More than 20,000 apps are said to be at risk overall and once embedded, the adware is almost impossible to remove.

The adware advertises itself as legitimate apps that are extremely popular with Android users. These apps can be downloaded from third-party app stores. Many of these apps are fully functional, but they also hide a nasty secret as the adware embeds itself into the operating system.

By creating adverts, it makes money for the adware creators, however, the malware is almost impossible to remove, the tech security firm Lookout Security has discovered. If downloaded, the only way to get rid of the adware is to buy a new device, as even resetting its factory settings will not help.

“Adware, which has traditionally been used to aggressively push ads, is now becoming trojanized and sophisticated,”Lookout wrote in a blog post. “This is a new trend for adware and an alarming one at that.”


Lookout Security say they have discovered three different families of trojanized adware, which are interconnected. These are known as Shuanet, Kemoge and Shudun and are responsible for more than 20,000 apps being infected with adware.enterprise security app. However, they are not looking to obtain any data, rather they are just happy to make money from generating as many adverts as possible, much to the annoyance of the users.

The US, Germany, Russia, Mexico, Jamaica, Brazil, Iran, Sudan, India and Indonesia are the countries that have been most affected by the adware, while experts are saying the best way to keep one’s smartphone safe is to download apps only from Google Play and to avoid any alternative Android app stores.

It appears that antivirus apps have been left alone by the adware, which Lookout says was deliberate by its creators in order not to raise suspicion about its actions. The security firm also said that the developments could be just the tip of the iceberg.

“We believe more families of adware trojanizing popular apps will emerge in the near future and look to dig [their] heels into the reserved file system to avoid being removed,” Lookout’s Michael Bentley said on the company’s blog.

NSA blames Snowden for ISIS changing phones

Published on Nov 4, 2015

NSA Deputy Director, Richard Ledgett, recently sat down with the BCC. During the interview, he blamed Edward Snowden’s leaks for members of ISIS changing from Apple phones to Android ones. Ledgett said, in no uncertain terms, that Snowden is responsible for enabling terrorists to circumvent the NSA’s ability to keep us safe by spying. The Resident discusses. Follow The Resident at

fuck the nsa. hate that company

The NSA goes against the Constitution.   So, they are the problem.

NSA = Gustapo….. Now if you tell the TRUTH and don’t embrace being gay or being a lesbian or amending are constitution/ 2nd amendment.. your a criminal ! Snowden has more of a following than ever before.

The only thing I fear is my own Government.

Got to be one of the funniest reports ever to come out the US. Just adds proof how so many americans are beyond retardment. NSA stupidity is beyond belief.

Hackers can steal your fingerprint data from Android devices


Android devices equipped with a fingerprint sensor are vulnerable to hacker attacks. They can not only bypass the biometric authentication, but even steal the fingerprint data itself, security researchers told a hacker conference.

Tao Wei and Yulong Zhong from the cybersecurity firm FireEye Inc. reported their findings on Wednesday to the Black Hat conference in Las Vegas.

The researcher devised four vectors that hackers could use to target fingerprint sensors. One of them allows for “remotely harvest fingerprints on a large scale,” without the user ever noticing it. Considering that unlike passwords fingerprints can’t be easily altered and are used for identification in many venues, a compromised phone may leave its user with a lifetime of their data being misused.

The speakers said the HTC One Max and Samsung Galaxy S5 were confirmed to be vulnerable to such attacks. Hey added that affected vendors were alerted and have since provided patches.

Zhong noted that Apple devices used different methods for storing fingerprint data and were quite secure against theft attempts.

READ MORE: Giant security flaw makes 950 million Android phones vulnerable to texting hack

Flaws in AndrAoid devices are frequently exposed. Just last week, Zimperium uncovered one that allows devices to be hacked by simply texting them. The victims don’t even need to be tricked into downloading or opening a bad file – attackers only need to send them a text message for the malware to take hold.

Android is by far the most dominant smartphone operating system in the world, with about 80 percent of smartphones worldwide running it.



Comey went ballistic on Apple and Google’s decision to make everything more private

Everyone is stoked that the latest versions of iOS and Android will (finally) encrypt all the information on your smartphone by default. Except, of course, the FBI: Today, its director spent an hour attacking the companies and the very idea of encryption, even suggesting that Congress should pass a law banning the practice of default encryption.

It’s of course no secret that James Comey and the FBI hate the prospect of “going dark,” the idea that law enforcement simply doesn’t have the technical capability to track criminals (and the average person) because of all those goddamn apps, encryption, wifi network switching, and different carriers.

It’s a problem that the FBI has been dealing with for too long (in Comey’s eyes, at least). Today, Comey went ballistic on Apple and Google’s recent decision to make everything just a little more private.

“Encryption isn’t just a technical feature; it’s a marketing pitch … it’s the equivalent of a closet that can’t be opened. A safe that can’t be cracked. And my question is, at what cost?” Comey said. “Both companies [Apple and Google] are run by good people, responding to what they perceive is a market demand. But the place they are leading us is one we shouldn’t go to without careful thought and debate.”

In a tightly moderated speech and discussion at the Brookings Institution—not one technical expert or privacy expert was asked to participate; however, several questions from the audience came from privacy-minded individuals—Comey railed on the “post-Snowden” world that has arisen since people began caring about their privacy.

Comey’s speech and thinking was out-of-touch and off on many levels: He continually referred to potential “bad guys” as the only ones using encryption, and suggested that, with default encryption, people who are wrongly arrested won’t be able to unlock data within their phones that could exonerate them.

Comey also said, in all seriousness, that the FBI has “FOMO” on catching predators, just like the kids.

“With Going Dark, those of us in law enforcement and public safety have a major fear of missing out—missing out on predators who exploit the most vulnerable among us … kids call this FOMO,” he said.

Comey kept referring to the “debate” and “national conversation” that needs to be had regarding widespread encryption. That conversation, in Comey’s mind, should stop and start with the idea that there must be a “front door” means for the FBI, NSA, and other law enforcement agencies to blast through encryption. In other words, companies should be “developing [law enforcement] intercept solutions during the design phase,” a proposition that, beyond making encryption useless, is potentially not even technically feasible.

“Congress might have to force this on companies,” he said. “Maybe they’ll take the hint and do it themselves.”

Comey repeatedly noted that Apple and Google are simply responding to the “market” and consumer demand, as any good capitalist company would do. But he noted that encryption is not really what people should want, lest the “bad guys” win.

“If the challenges of real-time interception threaten to leave us in the dark, encryption threatens to lead all of us to a very dark place,” he said. “Perhaps it’s time to suggest that the post-Snowden pendulum has swung too far in one direction—in a direction of fear and mistrust.”

It’s absolutely worth noting that this out-of-control pendulum has so corrupted the thinking of the people that Congress has found it prudent to not pass a single law, not do a single thing, to reign in government mass surveillance, despite Comey’s goal of real-time interception essentially amounting to the ability to peek into anyone’s phone as they use it.

“It might be time to ask: Where are we, as a society? Are we no longer a country governed by the rule of law, where no one is above or beyond that law?,” he said, without irony. “Are we so mistrustful of government—and of law enforcement—that we are willing to let bad guys walk away?”

It also might be time to ask: Are the people chosen to run our law enforcement agencies so out of touch with the American people that they believe that only “bad guys” want privacy?




Do you own an Android device? Is it less than three years old? If so, then when your phone’s screen is off and it’s not connected to a Wi-Fi network, there’s a high risk that it is broadcasting your location history to anyone within Wi-Fi range that wants to listen.

This location history comes in the form of the names of wireless networks your phone has previously connected to. These frequently identify places you’ve been, including homes (“Tom’s Wi-Fi”), workplaces (“Company XYZ office net”), churches and political offices (“County Party HQ”), small businesses (“Toulouse Lautrec’s house of ill-repute”), and travel destinations (“Tehran Airport wifi”). This data is arguably more dangerous than that leaked in previous location data scandals because it clearly denotes in human language places that you’ve spent enough time to use the Wi-Fi. Normally eavesdroppers would need to spend some effort extracting this sort of information from the latititude/longitude history typically discussed in location privacy analysis. But even when networks seem less identifiable, there are ways to look them up.

We briefly mentioned this problem during our recent post about Apple deciding to randomize MAC addresses in iOS 8. As we pointed out there, Wi-Fi devices that are not actively connected to a network can send out messages that contain the names of networks they’ve joined in the past in an effort to speed up the connection process.1 But after writing that post we became curious just how many phones actually exhibited that behavior, and if so, how much information they leaked. To our dismay we discovered that many of the modern Android phones we tested leaked the names of the networks stored in their settings (up to a limit of fifteen). And when we looked at these network lists, we realized that they were in fact dangerously precise location histories.

Aside from Android, some other platforms also suffer from this problem and will need to be fixed, although for various reasons, Android devices appear to pose the greatest privacy risk at the moment. 2

In Android we traced this behavior to a feature introduced in Honeycomb (Android 3.1) called Preferred Network Offload (PNO). 3 PNO is supposed to allow phones and tablets to establish and maintain Wi-Fi connections even when they’re in low-power mode (i.e. when the screen is turned off). The goal is to extend battery life and reduce mobile data usage, since Wi-Fi uses less power than cellular data. But for some reason, even though none of the Android phones we tested broadcast the names of networks they knew about when their screens were on, many of the phones running Honeycomb or later (and even one running Gingerbread) broadcast the names of networks they knew about when their screens were turned off.4

Response from Google

When we brought this issue to Google’s attention, they responded that:

“We take the security of our users’ location data very seriously and we’re always happy to be made aware of potential issues ahead of time. Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release.”
Additionally, yesterday a Google employee submitted a patch to wpa_supplicant which fixes this issue. While we are glad this problem is being addressed so quickly, it will still be some time before that fix gets integrated into the downstream Android code. And even then, Android fragmentation and the broken update process for non-Google Android devices could delay or even prevent many users from receiving the fix. (We hope Google can make progress on this problem, too.)

Protective Steps You Can Take Today

With that said, a workaround is available (for most devices) for users who want to protect their privacy right now: go into your phone’s “Advanced Wi-Fi” settings and set the “Keep Wi-Fi on during sleep” option to “Never”. Unfortunately this will cause a moderate increase in data usage and power consumption—something users shouldn’t have to do in order to keep their phone from telling everyone everywhere they’ve been.

Unfortunately, on at least one device we tested–a Motorola Droid 4 running Android 4.1.2–even this wasn’t sufficient. On the Droid 4, and perhaps on other phones, the only practical way to prevent the phone from leaking location is to manually forget the networks you don’t want broadcast, or disable Wi-Fi entirely whenever you aren’t actively connecting to a known Wi-Fi network.5 You can also find apps that will do this automatically for you.

Location history is extremely sensitive information. We urge Google to ship their fix as soon as possible, and other Android distributors to offer prompt updates containing it.

Revealed: How governments can take control of smartphones

Revealed: How governments can take control of smartphones

‘Legal malware’ produced by the Italian firm Hacking Team can take total control of your mobile phone. That’s according to Russian security firm Kaspersky Lab and University of Toronto’s Citizen Lab(which also obtained a user manual).

Operating since 2001, the Milan-based Hacking Team employs over 50 people and offers clients the ability to “take control of your targets and monitor them regardless of encryption and mobility,” while “keeping an eye on all your targets and manage them remotely, all from a single screen.”

It’s the first time Remote Control Systems (RCS) malware has been positively linked with mobile phones and it opens up a new privacy threat potential to mobile phone users.

“Our latest research has identified mobile modules that work on all well-known mobile platforms, including as Android and iOS,” wrote Kaspersky researcher Sergey Golovanov.

“These modules are installed using infectors – special executables for either Windows or Macs that run on already infected computers. They translate into complete control over the environment in and near a victim’s computer. Secretly activating the microphone and taking regular camera shots provides constant surveillance of the target – which is much more powerful than traditional cloak and dagger operations.”

Police can install the spy malware directly into the phone if there is direct access to the device, or if the owner of the phone connects to an already infected computer, according to Wired.

Various softwares can also lure users to download targeted fake apps.

Once inside an iPhone, for instance, it can access and activate all of the following: control of Wi-Fi, GPS, GPRS, recording voice, e-mail, SMS, MMS, listing files, cookies, visited URLs, cached web pages, address book, call history, notes, calendar, clipboard, list of apps, SIM change, live microphone, camera shots, support chats, WhatsApp, Skype, and Viber.

While the malware can be spotted by some of the more sophisticated anti-virus software, it takes special measures to avoid detection – such as “scouting” a victim before installation, “obfuscating” its presence, and removing traces of its activity.
Hacking Team has maintained that its products are used for lawful governmental interceptions, adding that it does not sell items to countries blacklisted by NATO or repressive regimes.

Wired reported that there have been cases where the spying apps were used in illegal ways in Turkey, Morocco, and Saudi Arabia.

Citizen Lab discovered spying malware hiding in a legitimate news app for Qatif Today, an Arabic-language news and information service that reports on events in Saudi Arabia’s eastern Qatif region. It also argued that circumstantial evidence pointed to Saudi Arabia’s government using the spying malware against Shia protesters in the area.

“This type of exceptionally invasive toolkit, once a costly boutique capability deployed by intelligence communities and militaries, is now available to all but a handful of governments. An unstated assumption is that customers that can pay for these tools will use them correctly, and primarily for strictly overseen, legal purposes. As our research has shown, however, by dramatically lowering the entry cost on invasive and hard-to-trace monitoring, the equipment lowers the cost of targeting political threats for those with access to Hacking Team and Gamma Group toolkits,” Citizen Lab said in its report.

Hacking Team controls the spying malware remotely via command-and-control servers. Kaspersky has discovered more than 350 such servers in more than 40 countries. A total of 64 servers were found in the US – more than in any other country. Kazakhstan came in second, with a total of 49 servers found. Thirty-five were found in Ecuador and 32 in the UK.