1. Linto988's Avatar
    Recently revealed "Cloak & Dagger" Android attack uses overlays and accessibility services to deceive users

    New and new security issues reported in android. How much safe is BlackBerry android against these new threats. How can such a vulnerable OS become most popular OS in this world

    Posted via CB10
    05-26-17 01:50 PM
  2. thurask's Avatar
    How can such a vulnerable OS become most popular OS in this world
    Maybe it's vulnerable because it's popular?
    05-26-17 01:53 PM
  3. conite's Avatar
    Read further.

    "Google Play Protect is able to detect and prevent the installation of applications that might try to use such exploits."

    Case closed.
    05-26-17 02:08 PM
  4. Apple Aya's Avatar
    Not not closed, just like google's security. https://www.forbes.com/sites/thomasb.../#6c8c8fae7807



    Thomas Fox-Brewster , FORBES STAFF
    I cover crime, privacy and security in digital and physical forms.

    Play Video
    Google has thrown more than 40 apps out of its Play store after it emerged they were quietly forcing Android users to click on ads. As the apps been downloaded as many as 36 million times, security researchers said it appeared to be the biggest ever case of ad fraud perpetrated via Google Play and probably the most successful malware in terms of installs from the official store.

    Security firm Check Point revealed the campaign Thursday, claiming a South Korean company, Kiniwini, hid an illegitimate ad clicking function inside 41 apps, most of which were games. Google's Bouncer, a technology designed to keep such so-called "adware" out of its store, wasn't able to pick up on the feature as it was downloaded after installation.

    Once the rogue code was added to the apps, they would secretly open webpages in the background, via software that imitated a PC browser. "Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure," Check Point explained. The Korean company would then receive funds for every ad click. Check Point estimated the firm was making millions from the ad clicks, in the region of $300,000 per month.

    Check Point also noted that various Kiniwini apps would display "a large amount of advertisements, which in some cases leave users with no option but clicking on the ad itself." And it claimed the oldest version of the malware, which it dubbed "Judy", dated from April 2016, indicating it avoided detection for at least a year.

    Android app adware found by Check Point Check Point
    Check Point claims adware was hidden by South Korean developers inside more than 40 Android apps.

    Kiniwini, which also goes by the name ENISTUDIO corp, did not return a request for comment. A post on the company's website reportedly recognizes Google's action to remove the apps. But the company plans to re-release their games once the code has been updated.

    Google had not returned a request for comment at the time of publication.

    Growing Android fraud problem

    According to Android security expert Sergio de los Santos, Judy was symptomatic of a wider problem with such ad fraud targeting Google's platform. "This clicking malware hides very well. They have been undetected for years now, and even now anti-virus products are still not detecting them," said de los Santos, a researcher with Telefonica's ElevenPaths Android security team.

    "The reason is because they are not dangerous by themselves in Google Play, but when they are installed they download the payload. This is very tricky and makes all detection techniques fail. And, besides, the only permission they need is access to the internet... it's quite intelligent."
    05-26-17 02:31 PM
  5. conite's Avatar
    Not not closed, just like google's security. https://www.forbes.com/sites/thomasb.../#6c8c8fae7807



    Thomas Fox-Brewster , FORBES STAFF
    I cover crime, privacy and security in digital and physical forms.

    Play Video
    Google has thrown more than 40 apps out of its Play store after it emerged they were quietly forcing Android users to click on ads. As the apps been downloaded as many as 36 million times, security researchers said it appeared to be the biggest ever case of ad fraud perpetrated via Google Play and probably the most successful malware in terms of installs from the official store.

    Security firm Check Point revealed the campaign Thursday, claiming a South Korean company, Kiniwini, hid an illegitimate ad clicking function inside 41 apps, most of which were games. Google's Bouncer, a technology designed to keep such so-called "adware" out of its store, wasn't able to pick up on the feature as it was downloaded after installation.

    Once the rogue code was added to the apps, they would secretly open webpages in the background, via software that imitated a PC browser. "Once the targeted website is launched, the malware uses the JavaScript code to locate and click on banners from the Google ads infrastructure," Check Point explained. The Korean company would then receive funds for every ad click. Check Point estimated the firm was making millions from the ad clicks, in the region of $300,000 per month.

    Check Point also noted that various Kiniwini apps would display "a large amount of advertisements, which in some cases leave users with no option but clicking on the ad itself." And it claimed the oldest version of the malware, which it dubbed "Judy", dated from April 2016, indicating it avoided detection for at least a year.

    Android app adware found by Check Point Check Point
    Check Point claims adware was hidden by South Korean developers inside more than 40 Android apps.

    Kiniwini, which also goes by the name ENISTUDIO corp, did not return a request for comment. A post on the company's website reportedly recognizes Google's action to remove the apps. But the company plans to re-release their games once the code has been updated.

    Google had not returned a request for comment at the time of publication.

    Growing Android fraud problem

    According to Android security expert Sergio de los Santos, Judy was symptomatic of a wider problem with such ad fraud targeting Google's platform. "This clicking malware hides very well. They have been undetected for years now, and even now anti-virus products are still not detecting them," said de los Santos, a researcher with Telefonica's ElevenPaths Android security team.

    "The reason is because they are not dangerous by themselves in Google Play, but when they are installed they download the payload. This is very tricky and makes all detection techniques fail. And, besides, the only permission they need is access to the internet... it's quite intelligent."
    One thing you omitted:

    "Infection numbers for Android devices remain low. In a recent report, it said that the end of 2016 just 0.05% of all Android devices that only downloaded from Google Play were infected with what it calls a "potentially harmful application" (PHA)."

    And that's only "potentially" harmful. And most of that are just ads - not security or privacy violations.
    05-26-17 02:39 PM
  6. Apple Aya's Avatar
    One thing you omitted:

    "Infection numbers for Android devices remain low. In a recent report, it said that the end of 2016 just 0.05% of all Android devices that only downloaded from Google Play were infected with what it calls a "potentially harmful application" (PHA)."

    And that's only "potentially" harmful. And most of that are just ads - not security or privacy violations.
    "Just ads"....sounds like a case of lowered expectations.
    05-26-17 02:42 PM
  7. conite's Avatar
    "Just ads"....sounds like a case of lowered expectations.
    No. It's differentiating between security violation and nuisance.
    BigAl_BB9900 likes this.
    05-26-17 02:43 PM
  8. Ment's Avatar
    AC did an article yesterday on the Cloak and Dagger vulnerability. As noted upthread there is minimal risk in the Playstore.

    Cloak & Dagger exploit: What you need to know | Android Central

    You can check yourself on what apps use draw overlay.

    1: Open Android Settings.
    2: Scroll down and tap on Apps.
    3: Tap on the Menu or Cog icon.
    4: Find and tap on Special access. It's usually under the "Advanced" heading.
    5: Tap on Draw over other apps. These are the apps that can create overlays using the above permission.
    6: Disable any apps you don't recognize.

    The other vulnerability with ads is a bigger long-term problem with Google as it doesn't control other ad networks and if it clamped down there could be anti-trust issues. If you sideload Android apps on BB10 its basically free Willy because there is no way to control or detect this since it only uses internet permissions and webview which are basic app functions and Google can't kill Android apps on BB10.
    05-26-17 03:01 PM
  9. bb10adopter111's Avatar
    I'm curious if any of those apps were from well known reputable companies.

    Anyone who downloads an app from a developer without a real, legally established business with named officers and a physical address should appreciate that he or she is taking a risk.

    Posted with my trusty Z10
    05-26-17 03:14 PM
  10. Troy Tiscareno's Avatar
    I'm curious if any of those apps were from well known reputable companies.
    If you read the story, you'd know that it was virtually all apps (games) from one company, who put this in intentionally to make themselves money by gaming the ad system. Since that violates Google's TOS, I wouldn't be surprised if they end up losing their developer account and the ability to collect money going forward.
    Uzi and PantherBlitz like this.
    05-27-17 02:45 AM
  11. ZeBB45's Avatar
    This sort of thing really highlights the reason why you should only install the popular apps from by known developers from the Play Store. Just use common sense.

    Posted via CB10
    05-27-17 07:25 AM
  12. Emaderton3's Avatar
    There is no need to over-react. These reports come out every month yet Android phones are not getting infected at a pandemic rate.

    Posted via CB10
    05-27-17 07:44 AM
  13. BigBadWulf's Avatar
    How can such a vulnerable OS become most popular OS in this world
    [sic] Windows
    05-27-17 08:37 AM
  14. Emaderton3's Avatar
    [sic] Windows
    Exactly. Majority are never effected. These are typically potential threats that get fixed.

    Posted via CB10
    Troy Tiscareno likes this.
    05-27-17 10:46 AM
  15. app_Developer's Avatar
    How many criminals do you think spend time and money trying to find exploits for MeeGo?

    Or if you're a university or white hat researcher which operating systems would you spend all of your time analyzing?

    Hint: answers are the operating systems that most people actually use.
    05-27-17 11:21 AM
  16. neeraj121y's Avatar
    Recently revealed "Cloak & Dagger" Android attack uses overlays and accessibility services to deceive users

    New and new security issues reported in android. How much safe is BlackBerry android against these new threats. How can such a vulnerable OS become most popular OS in this world

    Posted via CB10
    1.Every popular os is vulnerable.

    2. Android is dangerous, not even android every OS on this earth is dangerous.
    Recently on apple app store lots of vulnerable was founded, was hacking userdata and security.
    Even BlackBerry 10 also, because android app also run on bb10. I doubt on those people who says that bb10 is most secure not most secure, extremely secure os, how a os can be secure which can run unverified apk. Even play store also suffering from vulnerable apps, and Google is busy to verify them.
    One of biggest data hacker is Google.


    3.The conclusion is that no any os can escape you from cyber criminal, only your understanding and your knowledge and brain would escape you.
    Belive on yourself.



    Posted via CB10
    BigBadWulf and app_Developer like this.
    05-27-17 11:50 AM
  17. BigBadWulf's Avatar
    only your understanding and your knowledge and brain would escape you.
    Belive on yourself.



    Posted via CB10
    05-27-17 11:57 AM
  18. Linto988's Avatar
    1.Every popular os is vulnerable.

    2. Android is dangerous, not even android every OS on this earth is dangerous.
    Recently on apple app store lots of vulnerable was founded, was hacking userdata and security.
    Even BlackBerry 10 also, because android app also run on bb10. I doubt on those people who says that bb10 is most secure not most secure, extremely secure os, how a os can be secure which can run unverified apk. Even play store also suffering from vulnerable apps, and Google is busy to verify them.
    One of biggest data hacker is Google.


    3.The conclusion is that no any os can escape you from cyber criminal, only your understanding and your knowledge and brain would escape you.
    Belive on yourself.



    Posted via CB10
    Legacy BlackBerry os was once popular os but was not as vulnerable as android or IOS. BlackBerry then and now had their security aspect in every product they release.

    BB10 is definitely secured company to android or IoS bcoz of its features. it's ones preference that they should use android apps in their BB10 or not. More over it is a plus point that BB10 is capable of running Android apps which no other “major os” is capable of.

    Posted via CB10
    05-27-17 01:41 PM
  19. conite's Avatar

    BB10 is definitely secured company to android or IoS bcoz of its features.

    Posted via CB10
    How so?
    05-27-17 01:45 PM
  20. Linto988's Avatar
    How so?
    https://help.blackberry.com/en/black...929673982.html

    Posted via CB10
    05-27-17 02:20 PM
  21. conite's Avatar
    That's old.

    Compare now to BlackBerry Android Nougat, or Samsung Nougat Knox.

    DTEK60 / Z30
    05-27-17 02:29 PM
  22. Linto988's Avatar
    That's old.

    Compare now to BlackBerry Android Nougat, or Samsung Nougat Knox.

    DTEK60 / Z30
    If new android versions are safe like BB10 why it's getting monthly security patches? Samsung Knox also had severe security issues


    https://www.theinquirer.net/inquirer...rol-of-devices

    Posted via CB10
    05-27-17 02:38 PM
  23. conite's Avatar
    If new android versions are safe like BB10 why it's getting monthly security patches? Samsung Knox also had severe security issues


    https://www.theinquirer.net/inquirer...rol-of-devices

    Posted via CB10
    BlackBerry themselves say that BlackBerry Android Nougat is on par with BB10.

    Monthly security patches are part of what makes the OS secure. Almost every exploit that is fixed never saw the light of day, and were discovered either theoretically, or on a test bench somewhere.
    05-27-17 02:45 PM
  24. BigBadWulf's Avatar
    LoL! The irony
    Attached Thumbnails New security threats reported in Android-help-blackberry.jpg  
    05-27-17 02:48 PM
  25. thurask's Avatar
    If new android versions are safe like BB10 why it's getting monthly security patches?
    I never understand this argument. The patches are part of the security: when vulnerabilities are found in something as complex as an entire operating system, they get fixed up in the monthly rounds of patches and distributed to OEMs and then end users. To construct a general purpose operating system (i.e. not the embedded system that someone will invariably chime in with later) without a single bug means poring through every single line of the Linux kernel, every single device driver, every single userspace service, all continuously as changes are made from contributors spread across dozens of companies and countries. Mistakes are found and fixed, instead of being left to fester.
    john_v and app_Developer like this.
    05-27-17 02:50 PM
46 12

Similar Threads

  1. Error -106 in we chat
    By Rajusa24 in forum BlackBerry 10 OS
    Replies: 3
    Last Post: 10-02-18, 12:53 PM
  2. (Almost new) Onyx Samsung Galaxy S7 Edge for KeyOne or Cash
    By snowsquirrel in forum Buy, Sell, Trade - Sold / Archived
    Replies: 14
    Last Post: 07-29-17, 01:20 PM
  3. Wife lost iphone, Wife bought New phone, Insurance claim send new phone.
    By dareld Meyers in forum General BlackBerry News, Discussion & Rumors
    Replies: 1
    Last Post: 05-26-17, 01:03 PM
LINK TO POST COPIED TO CLIPBOARD