Lukáš Štefanko Archives – Gridinsoft Blog https://gridinsoft.com/blogs/tag/lukas-stefanko/ Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Mon, 25 Jan 2021 16:53:30 +0000 en-US hourly 1 https://wordpress.org/?v=77583 200474804 New worm for Android spreads rapidly via WhatsApp https://gridinsoft.com/blogs/new-worm-for-android-spreads-rapidly-via-whatsapp/ https://gridinsoft.com/blogs/new-worm-for-android-spreads-rapidly-via-whatsapp/#respond Mon, 25 Jan 2021 16:53:30 +0000 https://blog.gridinsoft.com/?p=5030 ESET security researcher Lukas Stefanko reported a new malware: he said that a new worm for Android automatically spreads through WhatsApp messages. The main purpose of malware is to trick users into adware or subscription scams. The link to the fake Huawei Mobile app redirects users to a site that is very similar to the… Continue reading New worm for Android spreads rapidly via WhatsApp

The post New worm for Android spreads rapidly via WhatsApp appeared first on Gridinsoft Blog.

]]>
ESET security researcher Lukas Stefanko reported a new malware: he said that a new worm for Android automatically spreads through WhatsApp messages.

The main purpose of malware is to trick users into adware or subscription scams.

The malware spreads through the victim’s WhatsApp app by automatic replies to any WhatsApp messages containing a link to the malicious Huawei Mobile app,Stefanko said.

The link to the fake Huawei Mobile app redirects users to a site that is very similar to the Google Play Store. Once installed on a device, a malicious application requests access to notifications, which it uses to carry out an attack. In particular, it is interested in the WhatsApp Quick Reply feature, which is used to reply to incoming messages directly from notifications.

In addition to reading notifications, the app also requests permissions to run in the background and draw on top of other apps – overlapping any other app running on the device with its own window, which can be used to steal credentials.

In its current version, the malicious code is only able to send automatic replies to the victim’s WhatsApp contacts, but in future versions, it may be possible to send replies in other applications that support the quick replies feature in Android.says Lukas Stefanko.

Although the message is sent to the same contact only once an hour, the message content and the link to the application are retrieved from a remote server, which means that malware can be used to spread other malicious sites and applications.

According to the researcher, it was not possible to establish how the initial infection occurs. It should be noted, however, that worm malware can spread incredibly quickly from multiple devices to many others via SMS, email, social media posts, channels/chat groups, etc.

It should also be noted that more than 30 million WhatsArp users have recently abandoned the messenger since the beginning of the year. This was reported by the British edition of The Guardian.

The ongoing massive leave of users from WhatsApp is associated with a poorly prepared update of the terms of service on this platform, journalists say. Many saw in them the upcoming cancellation of the confidentiality of correspondence, which is associated with the provision of data by the messenger to its parent company Facebook, whose management lost trust of the users.

As we said, Facebook gives US lawmakers the names of 52 firms it gave deep data access to.

As you know, initially, changes in the policy for providing WhatsApp services were supposed to take effect on February 8. However, due to the beginning of a rapid decline in the number of users, their introduction was postponed to 15 May.

The post New worm for Android spreads rapidly via WhatsApp appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/new-worm-for-android-spreads-rapidly-via-whatsapp/feed/ 0 5030
Google recruits a team of experts to find bugs in Android applications https://gridinsoft.com/blogs/google-recruits-a-team-of-experts-to-find-bugs-in-android-applications/ https://gridinsoft.com/blogs/google-recruits-a-team-of-experts-to-find-bugs-in-android-applications/#respond Mon, 05 Oct 2020 16:32:38 +0000 https://blog.gridinsoft.com/?p=4387 ZDNet reports that a number of new positions have been added to Google’s job list. The fact is that Google appears to be recruiting a team of Android security experts that will be looking for vulnerabilities in critical applications from the Google Play Store. According to Sebastian Porst, software development manager for Google Play Protect,… Continue reading Google recruits a team of experts to find bugs in Android applications

The post Google recruits a team of experts to find bugs in Android applications appeared first on Gridinsoft Blog.

]]>
ZDNet reports that a number of new positions have been added to Google’s job list. The fact is that Google appears to be recruiting a team of Android security experts that will be looking for vulnerabilities in critical applications from the Google Play Store.

According to Sebastian Porst, software development manager for Google Play Protect, the products that the new team will focus on include COVID-19 contact tracing apps as well as election-related apps.

“As a Security Engineering Manager in Android Security […] Your team will perform application security assessments against highly sensitive, third party Android apps on Google Play, working to identify vulnerabilities and provide remediation guidance to impacted application developers”, — says a new Google job listing posted on last week

In fact, Google experts will continue the job what independent researchers are currently doing as part of the bug bounty of the Google Play Security Reward program.

Let me remind you that this initiative encourages the search for bugs in third-party applications from the Google Play Store, and Google experts accept bug reports and pay rewards on behalf of the application owners.

At the same time, the existing bug bounty program is limited to applications with more than 100,000 users. However, applications that work with confidential data, as well as those related to critical tasks, do not always meet the conditions of the Google Play Security Reward, which means they are unlikely to be checked by bug hunters.

ZDNet asked Lukáš Štefanko, a mobile malware analyst from the Slovak information security company ESET, to comment on these Google actions.

“Definitely it was a good move. Finding serious security issues is not easy and takes a lot of time and experience”, — said Lukáš Štefanko, while being asked to describe Google’s latest efforts.

According to the expert, having a dedicated team ensures that information security professionals will do their best to find applications that may go unnoticed and may ultimately be exploited by cybercriminals with devastating consequences.

So far, however, it is not clear if Google expects plan completely close the Google Play Security Reward program in this way, or will simply add to it new features.

Let me remind you that recently Researcher Earned $10,000 by Finding XSS Vulnerability in Google Maps.

The post Google recruits a team of experts to find bugs in Android applications appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/google-recruits-a-team-of-experts-to-find-bugs-in-android-applications/feed/ 0 4387