Connect with us

Published

on

Tambir is a spyware app first discovered in October 2023 and uses social engineering tactics to target Android users. Disguised as an ad-free version of an IPTV app, Tambir is able to collect sensitive information from the victim’s device, including SMS messages, contacts, and a list of installed applications.

Moreover, Tambir is equipped with capabilities such as keystroke logger, initiating Virtual Network Computing (VNC) sessions and sending random SMS messages, giving cybercriminals remote access to the infected device.

tambir

tambir Although it is distributed under the guise of an IPTV application, it does not contain any legal functionality related to the platform it imitates. The application gains remote access to the infected device by convincing its owner to grant accessibility permissions. If the application’s accessibility service is enabled, all necessary permissions are obtained automatically. After obtaining all the necessary permissions and enabling the accessibility service, the malware changes the app icon to the YouTube icon so that it does not look suspicious.

The software receives encrypted Command and Control (C2) server addresses from legitimate platforms such as Telegram, ICQ chat invites, and Twitter profile bios by communicating over the WebSocket protocol. Tambir supports more than 30 commands received from the command and control server. Similarities in its target location and use of Telegram for C2 communication are similar to the GodFather malware, which is among the top three mobile malware in the region.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

The Eight Most Common Mobile Threats

We trust our mobile phones with everything, both private and work-related, but we do not pay enough attention to mobile security. Don’t underestimate the issue of mobile threats.

Published

on

We trust our mobile phones with everything, both private and work-related, but we do not pay enough attention to mobile security. Don’t underestimate the issue of mobile threats.

According to a recently released report by Verizon, many people underestimate the issue of mobile threats. Almost half (49%) of users believe that clicking on a malicious link or attachment could only negatively impact their device.

The average user’s SMS phishing The probability of being exposed to attacks is 6-10 times higher than email-based attacks.

People often combine their personal and work lives on a single device. 78 percent of users use their work devices for personal activities, and 72 percent use their personal devices for business activities.

mobile threat

The most common mobile threat topics:

Phishing: Attackers use social engineering techniques to persuade individuals to click on malicious links, share personal information, download malware, or provide account information via email (phishing), SMS (smishing), or calls (vishing).

SIM hijacking: SIM hijacking occurs when an attacker uses personal information they find on the internet to impersonate someone else and contact a telecom provider to redirect your calls or messages to their device, giving them easy access to your data.

Malicious apps: Disguised as legitimate applications, these applications are often accidentally downloaded from unofficial sources such as third-party app stores or websites, or through phishing emails that direct victims to visit these app stores and websites.

Once installed on a device, these malicious apps can perform various harmful actions such as data theft, financial fraud, or acting as spyware.

mobile threat

Fake banking apps: It is a dangerous type of malicious application. If you unknowingly download and install a fake banking app, you could enter sensitive information such as login details, account numbers, and other personal data into the app and unintentionally hand that information over to cybercriminals.

Fake credit apps: Deceptive apps posing as legitimate lenders offering high-interest loans are created by cybercriminals to collect victims’ personal and financial information. They can then use the collected data for identity theft, financial fraud or other malicious activities.

Ransomware: During a ransomware attack, cybercriminals may encrypt your files and demand a payment. They may claim that if you accept their demands, they will give you a decryption key. Unfortunately, this is not always the case.

Poor physical security: Weak authentication methods are a big problem when it comes to mobile threats. Cyber ​​criminals who take over your device can easily access your data or payment information and use it as they wish.

Similarly, if you lose your device and it is not adequately protected, you can jeopardize not only your own cybersecurity but also your company’s cybersecurity.

Unsecure Wi-Fi: If you’re using public Wi-Fi at a hotel or coffee shop, you may be the target of a man-in-the-middle (MITM) attack, in which an attacker can interfere with communications between your device and the website you want to connect to.

Continue Reading

Security

Do Wearable Devices Present a Privacy Risk?

Smartwatches, fitness trackers and other wearable devices have become as commonplace as our mobile phones and tablets. These connected devices do much more than tell the time.

Published

on

Smartwatches, fitness trackers and other wearable devices have become as commonplace as our mobile phones and tablets. These connected devices do much more than tell the time.

While wearable devices are entering our daily lives more than ever before, they are also collecting more data and connecting to an increasing number of other smart systems.

It is useful to understand these potential security and privacy risks in advance. Threatening There are many ways for actors to monetize attacks against smart wearable devices and the related application and software ecosystem.

They can intercept and manipulate data and passwords and unlock lost or stolen devices. There are also potential privacy concerns about secretly sharing personal data with third parties.

wearable devices

Where do wearable device ecosystems fall short?

The device you plug in is only part of the picture. In fact, there are multiple elements, from the device’s software to the protocols it uses to connect to its application and back-end cloud servers. All are vulnerable to attack if security and privacy have not been properly taken into account by the manufacturer. Here are a few of them:

Bluetooth: Bluetooth Low Energy is often used to pair wearable devices with your smartphone. However, over the years, numerous security vulnerabilities have been discovered in the protocol. These vulnerabilities could allow close-range attackers to crash devices, spy on information, or manipulate data.

Devices: Often the software on the device is vulnerable to external attacks due to bad programming. Even the best designed watch is ultimately made by humans and therefore may contain coding errors. These can lead to privacy leaks, data loss, and more. Additionally, weak authentication/encryption on devices can mean that they are subject to interception and eavesdropping. Users should also be aware of shoulder surfers when viewing sensitive messages/data on their wearable devices in public places.

Applications: Smartphone apps connected to wearable devices are another attack route. They can be poorly written and full of security vulnerabilities, revealing access to user data and devices. Another risk is that applications and even users are careless about data. You may accidentally download fake apps designed to look like legitimate apps and enter your personal information into them.

Back servers: As mentioned, providers’ cloud-based systems can store device information, including location data and other details. This presents a tempting target for attackers. There’s not much you can do about this other than choosing a reputable provider with a good track record in security.

wearable devices

Tips for keeping wearable devices safe

  • Be careful to choose reputable wearable device providers.
  • Take a close look at the privacy and security settings to make sure they are configured correctly.
  • Change settings to prevent unauthorized pairing.
  • Turn on two-factor authentication.
  • Password protect lock screens.

Protect your smartphone:

  • Only use legal app stores
  • Keep all software updated
  • Never jailbreak/root devices
  • Limit app permissions
  • Install reputable security software on the device

Protect your smart home:

  • Don’t sync wearables to your front door
  • Take care to keep devices on the guest Wi-Fi network
  • Update all devices to the latest firmware
  • Make sure all device passwords have been changed from factory default settings
Continue Reading

Security

53% of Malware Steals Data!

The share of corporate devices compromised by data-stealing malware has increased by a third since 2020. 21% of employees whose devices were infected ran the malware repeatedly.

Published

on

The share of corporate devices compromised by data-stealing malware has increased by a third since 2020. 21% of employees whose devices were infected ran the malware repeatedly.

An alarming trend has emerged that shows corporate devices are facing a growing threat from information thieves. The share of corporate users compromised by such malware has increased by 34 percent since 2020, according to data from data-stealing malware session files found on the dark web.

By 2023, experts show that one in every two devices (53%) infected with identity-stealing software will be corporate. Data shows that the most infostealer infections are found in Windows 10 Enterprise edition.

malicious

Recommended Steps to Minimize the Impact of Data Leakage

After infecting a single device, cybercriminals can gain access to entire accounts – both personal and corporate. According to Kaspersky statistics, a session file contains, on average, 1.85 corporate web applications containing a login with a corporate email address.

These applications include webmail applications, customer data processing systems, internal portal and more.

To minimize the impact of a data leak caused by phishing activities, we recommend you follow the steps below

  • Immediately change the passwords of compromised accounts and monitor these accounts for suspicious activity;
  • Advise potentially infected users to run antivirus scans and remove malware on all devices;
  • Monitor dark web markets for compromised accounts to detect compromised accounts before they impact the cybersecurity of customers or employees.
  • To detect potential threats and take immediate action security software use it.

For greater protection against skimming infections, develop an employee security awareness program and offer regular training and evaluations.

Continue Reading

Trending

Copyright © 2022 RAZORU NEWS.
Project by V