Android finally checks sideloaded apps for malware before installs

In response to growing cyber threats, Google has introduced an update to bolster Android security. This enhancement focuses on strengthening malware detection before app installations, ensuring a safer Android ecosystem.

With this update, Google Play Protect now conducts real-time scans at the code-level during the app installation process:

By providing users with immediate feedback about the safety of the apps they are installing, Google empowers its users to make...

Clipper malware found in over 451 PyPI packages

Phylum security researchers have discovered over 451 packages on the Python Package Index (PyPI) that are infected with “clipper” malware.

Clippers replace the contents of a victim’s clipboard with something which benefits the attacker. The most prevalent clippers today look for cryptocurrency addresses and modify them to steal funds.

Starting on February 9th, Phylum was alerted by its automated risk detection platform to a long series of suspicious publications to...

Malware campaign targets official Python and JavaScript repos

An active malware campaign is targeting official Python and JavaScript repositories.

Software supply chain security firm Phylum spotted the campaign. Phylum said that it discovered the campaign after noticing a flurry of activity around typosquats of the popular Python requests package.

Typosquats take advantage of simple typos to install malicious packages.

In this case, the PyPI typos include: dequests, fequests, gequests, rdquests, reauests, reduests,...

Syntax error breaks KmsdBot cryptomining botnet

A syntax error broke an otherwise advanced cryptomining botnet called KmsdBot.

The malware, which could also be used for distributed denial-of-service (DDoS) attacks, was discovered by Akamai Security Research.

Akamai’s researchers witnessed the authors “accidentally crash” KmsdBot after observing the malware stopped sending attack commands after receiving:

!bigdata www.bitcoin.com443 / 30 3 3 100 

The lack of a space between the website and the...

Cyber Security & Cloud Expo: Examining the 2022 malware landscape

Geopolitical tensions and the largest war in Europe for decades have defined the malware landscape in 2022.

Recorded Future has been capturing global threat information from the internet, dark web, and technical sources for over a decade. The firm combines this vast amount of data with AI and human expertise to spot threats early and provide actionable insights to security professionals.

Toby Wilmington, Manager - Sales Engineering at Recorded Future, provided his...

Apple letter urges lawmakers to reject sideloading bill

Apple has written a letter urging lawmakers to reject a bill that would force the company to allow any apps to be installed on its mobile operating systems.

The letter, addressed to Senate Judiciary Chair Dick Durbin and Republican Chuck Grassley, claims the proposed bill will hurt user privacy and security if passed.

In question is the S. 2710 bill that would allow software downloaded from the web or other sources to be “sideloaded” on iOS.

“Sideloading...

Play Store’s AI security blocks almost one million policy-violating apps

Google’s AI-powered Play Store security has blocked almost one million policy-violating apps from reaching users.

In a blog post, Google detailed what it’s been doing to protect the billions of Android users and millions of developers creating apps for the world’s largest mobile platform.

2020 was a year when many of us made sacrifices to our freedoms to protect not just ourselves, but those around us. Unfortunately, criminals sought to take advantage of more...

Report: Developing markets are suffering a mobile malware pandemic

Anti-fraud platform Secure-D has released a report highlighting the mobile malware pandemic that developing markets are suffering.

The report is based on Secure-D’s processing of one billion mobile transactions and service sign-ups for 35 mobile operators in 23 emerging markets, helping to protect a total of almost 840 million users.  

Secure-D detected 46,000 malicious apps; with around one in six (16%) mobile devices in emerging markets carrying at least...

Hackers are using shared Xcode projects to infect Apple developers

Developers for Apple’s platforms are being hacked through importing shared Xcode projects infected with malware.

Researchers from SentinelOne detailed the growing trend after discovering a macOS malware dubbed XcodeSpy.

“Threat actors are abusing the Run Script feature in Apple’s Xcode IDE to infect unsuspecting Apple Developers via shared Xcode Projects,” the researchers explained.

“XcodeSpy is a malicious Xcode project that installs a custom variant...

Microsoft: Over 1,000 developers contributed to SolarWinds hack

According to Microsoft’s analysis of the devastating SolarWinds hack, over 1,000 developers were involved.

The attack was described as “the largest and most sophisticated attack the world has ever seen,” by Microsoft president Brad Smith on US show 60 Minutes.

SolarWinds develops software to help businesses manage their networks, systems, and IT infrastructure. The company’s Orion solution is used by ~33,000 public and private sector customers.

In...