One of Checkpoint’s customer’s employee downloaded a malicious app called “EnergyRescue” which consisted of zero day mobile ransomeware (Doxware)from Google Play store. The ransomeware dubbed “Charger” and has appeared to be downloaded by millions of Android users.
The ransomeware infected app gets access to contacts and SMS messages from the user’s device requesting admin permissions appears to be genuine. Once the admin permission is granted, the ransomware locks the device and requests the ransom from the victim for .2 bitcoins which is almost 180$. This amount is pretty high for the same category which has been seen lately.
The ransomware demands the money or else threatens to post the user data online every 30 minutes.
“You need to pay for us, otherwise we will sell portion of your personal information on black market every 30 minutes,WE GIVE 100% GUARANTEE THAT ALL FILES WILL RESTORE AFTER WE RECEIVE PAYMENT. WE WILL UNLOCK THE MOBILE DEVICE AND DELETE ALL YOUR DATA FROM OUR SERVER!TURNING OFF YOUR PHONE IS MEANINGLESS, ALL YOUR DATA IS ALREADY STORED ON OUR SERVERS! WE STILL CAN SELLING IT FOR SPAM, FAKE, BANK CRIME etc… We collect and download all of your personal data. All information about your social networks, Bank accounts, Credit Cards. We collect all data about your friends and family.“
The malware contains a dropper which attracts real malicious components to the mobile device.
Hence the real impact is unknown but this app has infected millions of users worldwide. Recommendation can be found here
After Guardian’s post early on Whats App vulnerability was published last week, security experts from all over the word have been discussing the validity of this vulnerability and intensions behind it. Facebook denied this as a vulnerability going against Guardian and the intension behind it as design decision. However some of the most respected security […] Continue reading →
Its hardly been two weeks since release of iphone 7 and a security researcher claims that he has already jailbroken in less than 24 hours. Motherboard,a online news portal mentioned that “one teenage hacker has already had success in jailbreaking the iPhone 7 running iOS 10. In fact, the 19-year-old developer, Luca Todesco, claims to […] Continue reading →
The two names “Blackhat” & “Defcon” rings the bell as the scariest hacker conference for people around the world. People from various disciplines in security with their best researches are invited to speak at the event with room full of security savy folks. Its often said that these two conferences receive 1000’s of applicants and […] Continue reading →
The Office of Personnel Management and the Department of Defense are analyzing a data breach which has resulted in stealing of around 5.6 million fingerprint records of federal workers. Initial reports put the number at 4.5 million, however the latest report released on Wednesday 23rd September suggests that the number is as high as 5.6 […] Continue reading →
WD My Cloud or Western Digital My Cloud is an efficient Network Attached Storage system. The objective of the WD My Cloud NAS is to provide a cloud storage system for private applications such as home based cloud storage or a small business storage. The data on this private cloud can be accessed by the […] Continue reading →
If you use Google Chrome 45 or any of the older versions, it can crash by simply typing a 16 character URL. The bug was first detected by Andris Atteka who reported it to Google, but he was not rewarded since it is not a security issue but a DOS vulnerability. The issue reported by […] Continue reading →
A malware has always been a major threat to devices, data and user accounts; but the threat increase manifold when a malware is more subtle and deep rooted like the one in an app creation tool! Such threats are real and already exist. XcodeGhost is an example of such malware. The counterfeit Xcode, termed as […] Continue reading →
UT Austin ISO (Information Security Office) has detected a bug in Android 5.x that allows hackers to bypass the locked screen of the phone and access the home screen or other functions of the phone. For the purpose of the attack however the attacker must have physical access to the phone and the screen should […] Continue reading →
Mark Dowd, the head of Australia based Azimuth security has stated that there is a vulnerability in AirDrop, the file sharing service of Apple which allows unauthorized access to the device that can be used for the installation of malware. A user with an AirDrop configuration allowing file sharing with anyone and not merely their […] Continue reading →