Tekya Clicker Malware Hides in 56 Apps that Downloaded 1 Million Times Worldwide From Google Play

By GURUBARAN S - March 27, 2020 0



Google implements a number of ways to filter the malicious apps getting into the play store, but still, attackers continue to find ways to infiltrate the app store and infect user devices.

Security researchers from Check Point identified 56 malicious apps in play store that aimed to commit mobile fraud with new malware families dubbed ‘Tekya’.

Tekya Malware Play Store

The malware aims to steal user data such as credentials, emails, text messages, and geographical location.

The Tekya malware founded to be hidden with 56 apps that were downloaded more than 1 million times worldwide. Out of 56 apps, 24 of the infected apps targeting apps used by kids such as puzzles to racing games.

Researchers found that “Tekya malware obfuscates native code to avoid detection by Google Play Protect and utilizes the ‘MotionEvent’ mechanism in Android to imitate the user’s actions and generate clicks”.

MotionEvent is a mechanism in an Android device that used to report movements such as a mouse, pen, finger, trackball events.

With this campaign, attackers cloned the legitimate versions of the app and host fake versions with malware embedded.

Once this malware gets installed in the device, a receiver gets registered and multiple actions performed in the device.

The receiver “us.pyumo.TekyaReceiver” get’s registered to perform the following actions

‘BOOT_COMPLETED’ to allow code running at device startup (“cold” startup)
‘USER_PRESENT’ in order to detect when the user is actively using the device
‘QUICKBOOT_POWERON’ to allow code running after device restart


The main goal of the malware is to click on the ads banner from agencies such as Google’s AdMob, AppLovin, Facebook, and Unity.

Here you can find the full list of the infected apps
Package_name Gp Installs
caracal.raceinspace.astronaut 100000
com.caracal.cooking 100000
com.leo.letmego 100000
com.caculator.biscuitent 50000
com.pantanal.aquawar 50000
com.pantanal.dressup 50000
inferno.me.translator 50000
translate.travel.map 50000
travel.withu.translate 50000
allday.a24h.translate 10000
banz.stickman.runner.parkour 10000
best.translate.tool 10000
com.banzinc.littiefarm 10000
com.bestcalculate.multifunction 10000
com.folding.blocks.origami.mandala 10000
com.goldencat.hillracing 10000
com.hexa.puzzle.hexadom 10000
com.ichinyan.fashion 10000
com.maijor.cookingstar 10000
com.major.zombie 10000
com.mimochicho.fastdownloader 10000
com.nyanrev.carstiny 10000
com.pantanal.stickman.warrior 10000
com.pdfreader.biscuit 10000
com.splashio.mvm 10000
com.yeyey.translate 10000
leo.unblockcar.puzzle 10000
mcmc.delicious.recipes 10000
mcmc.delicious.recipes 10000
multi.translate.threeinone 10000
pro.infi.translator 10000
rapid.snap.translate 10000
smart.language.translate 10000
sundaclouded.best.translate 10000
biaz.jewel.block.puzzle2019 5000
biaz.magic.cuble.blast.puzzle 5000
biscuitent.imgdownloader 5000
biscuitent.instant.translate 5000
com.besttranslate.biscuit 5000
com.inunyan.breaktower 5000
com.leo.spaceship 5000
com.michimocho.video.downloader 5000
fortuneteller.tarotreading.horo 5000
ket.titan.block.flip 5000
mcmc.ebook.reader 5000
swift.jungle.translate 5000
com.leopardus.happycooking 1000
com.mcmccalculator.free 1000
com.tapsmore.challenge 1000
com.yummily.healthy.recipes 1000
com.hexamaster.anim 500
com.twmedia.downloader 100
com.caracal.burningman 50
com.cuvier.amazingkitchen 50
bis.wego.translate 0
com.arplanner.sketchplan 0
com.arsketch.quickplan 0
com.livetranslate.best 0
com.lulquid.calculatepro 0
com.smart.tools.pro 0
com.titanyan.igsaver 0
hvt.ros.digiv.weather.radar 0
md.titan.translator 0
scanner.ar.measure 0
toolbox.artech.helpful 0
toolkit.armeasure.translate 0


This shows that attackers still finding ways to bypass the Google Play Store and infiltrate with malicious apps.

Before installing apps users are recommended to check the background of the application and its developer company reputation.

Πώς η τηλεργασία κάνει τους χρήστες πιο ευάλωτους στους χάκερς;

By Hack Unamatata 29 Μαρτίου 2020, 13:30

Ο Κοροναϊός έχει μολύνει περισσότερους από 450.000 ανθρώπους παγκοσμίως και τώρα οι ειδικοί στον τομέα της κυβερνοασφάλειας προειδοποιούν ότι η πανδημία θα μπορούσε να επηρεάσει και τα συστήματα των ηλεκτρονικών υπολογιστών. 

Πολλές εταιρείες που χειρίζονται συνήθως ευαίσθητες και εμπιστευτικές πληροφορίες στα γραφεία τους, συνιστούν στους υπαλλήλους την τηλεργασία, σε μία προσπάθεια να περιοριστεί η εξάπλωση του Κοροναϊού. 

Αυτό όμως μπορεί να τους κάνει πιο ευάλωτους σε χάκερς, ειδικά αν οι εργαζόμενοι περιηγηθούν σε συγκεκριμένα sites που ενδεχομένως να επισκέπτονται όταν δεν βρίσκονται υπό την επίβλεψη των αφεντικών τους, όπως για παράδειγμα τα porn sites. 

Το porn αποτελεί ένα από τα αγαπημένα εργαλεία των χάκερς και μπορεί να γίνει ακόμη πιο αποτελεσματικό εάν οι υπάλληλοι μιας εταιρείας αποφασίσουν ότι αυτό που αποκαλείται NSFW είναι μία ασφαλής επιλογή κατά την τηλεργασία ενόψει της πανδημίας του Κοροναϊού. Στην πραγματικότητα όμως το NSFW δεν είναι ασφαλές.


Σύμφωνα με τον Tyler Moffitt, αναλυτή ερευνητικών απειλών στην διαδικτυακή εταιρεία Webroot, τα sites για ενήλικες ήταν πάντα στις 3 καλύτερες κατηγορίες sites που φιλοξενούν κακόβουλο περιεχόμενο, έτσι είναι πολύ πιθανό να αυξηθούν οι κακόβουλες επιθέσεις, δεδομένου ότι οι άνθρωποι θα έχουν την τάση να επισκέπτονται πιο συχνά porn sites κατά τη διάρκεια της καραντίνας. Άλλωστε οι κυβερνοεγκληματίες εκμεταλλεύονται τις ευκαιρίες που τους παρουσιάζονται, ιδιαίτερα σε κρίσιμες περιόδους όπως η πανδημία του Κοροναϊού.

Το Pornhub, που είναι το πιο δημοφιλές porn site, αναφέρει ότι η επισκεψιμότητα μπορεί όντως να αποδειχθεί επικίνδυνη σε συνδυασμό με την πανδημία του Κοροναϊού.

Αξίζει να σημειωθεί ότι τις τελευταίες δύο εβδομάδες έχουν αυξηθεί σημαντικά οι κυβερνοεπιθέσεις, με στόχο τους Αμερικανούς, καθώς η μεγαλύτερη κοινότητα χάκερς στον κόσμο εκτιμά ότι οι Αμερικανοί εργάζονται τώρα έξω από τα εταιρικά τείχη προστασίας τους.


Σύμφωνα με τον Tom Kellermann, επικεφαλής της στρατηγικής για την κυβερνοασφάλεια στην εταιρεία λογισμικού VMware, δεν είναι μόνο οι επισκέπτες τέτοιων sites που κινδυνεύουν να “χτυπηθούν” από χάκερς, δεδομένου ότι και η τηλεργασία από μόνη της επιφυλάσσει κινδύνους. 

Ο Kellermann επισημαίνει επίσης ότι τα εταιρικά τείχη προστασίας μπορούν να επεκταθούν στα σπίτια των εργαζομένων μέσω εικονικών ιδιωτικών δικτύων (VPNs), που ορισμένες εταιρείες έχουν σχεδιάσει για να εξασφαλίσουν μεγαλύτερη ασφάλεια κατά την εξ αποστάσεως εργασία.


Σύμφωνα με τον Peter Bauer, διευθύνοντα σύμβουλο της Mimecast, σημειώνονται συχνά απάτες που προωθούνται μέσω email παρουσιαζόμενες ως Costco, προσελκύοντας τους ανθρώπους για να προμηθευτούν προϊόντα σε κρίσιμες στιγμές. 

Οι χάκερς σαφώς και δεν θέλουν να πουλήσουν προϊόντα όπως χαρτί υγείας και Purell. Ο Bauer προειδοποιεί επίσης για μηνύματα email που υποτίθεται ότι προέρχονται από την ομοσπονδιακή κυβέρνηση, προσφέροντας επιταγές “ανακούφισης” αρκεί οι χρήστες να δώσουν στοιχεία των τραπεζικών τους λογαριασμών. 

Ο Bauer επισημαίνει ότι ορισμένοι χάκερς μπορεί να δραστηριοποιούνται σε μεγαλύτερο βαθμό τώρα επειδή ίσως αισθάνονται απελπισμένοι. Συγκεκριμένα, υπάρχουν πολλοί χάκερς των οποίων η καθημερινότητα έχει διακοπεί, συνεπώς ξοδεύουν πολύ περισσότερο χρόνο μπροστά από έναν υπολογιστή. 

Ο Bauer προβλέπει ότι οι κυβερνοεπιθέσεις θα συνεχιστούν για τουλάχιστον μερικές εβδομάδες ακόμη.


Ο Andy Ellis, επικεφαλής της Υπηρεσίας Ασφαλείας της Akamai Technologies, τόνισε ότι δεν υπάρχει τέλεια άμυνα για την αποφυγή των χάκερς, ωστόσο οι εργαζόμενοι μπορούν να περιορίσουν τον κίνδυνο εφαρμόζοντας την λεγόμενη “ψηφιακή υγιεινή”.  

Η καλή ψηφιακή υγιεινή μπορεί να περιλαμβάνει την εκκαθάριση παλαιών εγγράφων από το Dropbox ή το Google Drive. Η τακτική αλλαγή των κωδικών πρόσβασης μπορεί επίσης να βοηθήσει ενώ οι εμπειρογνώμονες συστήνουν τη χρήση συσκευών κατάλληλων για εργασία σε επιχειρήσεις, όποτε είναι δυνατόν, καθώς οι προσωπικές συσκευές ενδέχεται να έχουν ασθενέστερη προστασία.

 Μία ακόμη συμβουλή που δίνουν οι ειδικοί είναι οι χρήστες να μείνουν μακριά από porn sites  

https://www.secnews.gr  

13 Free Movie Download Websites — Watch HD Movies Online! Stay Home!!

Wang Wei
 

When you search for free movie download or watch free movies online, search engines serve you a long list of best free movie websites.

But you need to beware, as most free movies files and free movie site could end you up into downloading links to nasty computer viruses. They could infect or, at worst case, take control over your computer.

One more thing I have learned in these years is that most top torrent sites, including Kickass Torrents and Pirate Bay, are illegal as they violate copyright laws. So, before downloading movies, make sure those movies are legal to download.

But, there are hundreds of torrents available on the Internet, which are legal to download.

We receive emails from our readers on a daily basis who ask for legal sites like Tubi TV to download free movies and TV series.

The query is fair enough because it is no easy to get free streaming sites or free movie download websites without breaking laws.


Best Free Movie Download Websites (Legally)
So in the interest of our readers, I have compiled a list of movie sites, where you can download movies.

You can also consider streaming movies for free, instead of downloading them. In fact, you will be able to watch high quality movies if you consider to watch movies online.


To watch movies for free, you need to stream movies from the websites as many times as you like. You can even try out free movie streaming apps if you want to watch free movies online on a mobile device.

Below we have listed some of the best movie download sites and online streaming services that offer a good collection of movies and shows for free:


1) The Internet Archive Movies
The Internet Archive's Movies is one of the oldest and best websites to download free movies. It offers a wide variety of digital movies uploaded by Archive users for free. The categories range from full-length classic films to cartoons and concerts.

You can download movies in different file formats. Your computer's in-built video player supports most file formats, or you can opt for VLC Media Player that supports many video file formats.


2) Public Domain Torrents
Public Domain Torrents is one of a few legal torrent websites that offers a wide collections of movies to download for free.

The movies end up on the public domain when the original creator of a patented movie fails to renew its copyright claim on time.

The categories on Public Domain Torrents range from drama, horror, musical, to westerns. The movies are available in many formats and quality.

The interface is simple and easy. It helps you select a category of movies or find the most popular movies and recently added movies.


3) MoviesFoundOnline
MoviesFoundOnline is a free movie download website that lists free content from around the Internet. It has a long list of free movies, films, documentaries, animations, stand up comedy, drama shows and other media.


MoviesFoundOnline offers 40 genres including action, adventure, comedy, musical, short films, animation, romance, horror, and more. You can browse the site's categories to download movies.


4) Sony CrackleOwned by Sony , Crackle is a great website to watch high-quality movies and TV shows for free. Crackle offers lots of popular movies and TV shows that you won't find for free on other websites.

Crackle offers legal content from big media providers like Universal Studios, Warner Bros and Fox Digital. So, you get lots of movies to watch.

The interface of Crackle is simple and easy to navigate. You need to signup and create a watchlist. Crackle will then recommend you content based on the things you like.

You can browse full library of movies and TV shows including Action, Comedy, Sci-Fi, Romance, Sports, Thriller, Crime, Anime, and Horror. It's all free as long as you are sometimes willing to watch commercials and ads.

Crackle also has Android and iOS apps, making it easy to watch free movies and TV shows while travelling.


5) Popcorn Flix
Owned by Screen Media Ventures, Popcornflix is one of my favorite video streaming websites with nice user interface. Popcornflix lists action, comedy, drama, documentaries, family, horror, romance, and foreign films. It also features web and film school originals.

With a constant flow of new movies, Popcornflix helps you watch movies on your computer, mobile phone, and other supported devices. All completely free, even without need to create any account on the website.

Hit Play button on your chosen movie and enjoy watching.

It's worth pointing out that Popcornflix is ad-supported. So you will have to sit through a few commercial advertisements, which is acceptable for a free, good quality watch.


6) TopDocumentaryFilms
Love watching documentaries? TopDocumentaryFilms (TDF) is one of the best sites for documentaries based on real life.

With the flow of recent films, TopDocumentaryFilms has more than 3,000 films. Some of the best documentaries on the site are under the 60-minute mark.

The website's layout is simple and straightforward. It helps you search by categories based on subject. This includes war, global conflict, and crime, making it easy to find something of an interest.


TopDocumentaryFilms also has a community of users. They provide ratings and reviews for each film. So other users can have an idea of the documentary before they watch.

You can also check out the site's front page for its featured films, or top 100 documentary list to see what people are watching.


7) YouTube
YouTube is the world's largest video-sharing website. Besides movie trailers, YouTube also hosts a sizable collection of full-length movies and TV shows for free.

YouTube also provides movies and TV shows that are its originals. You can enjoy them without paying a single penny.

Finding free movies on YouTube might be quite difficult nowadays. But you can check few popular YouTube channels, like Maverick Entertainment and The Paramount Vault, that feature a long list of films.

Also, there are thousands of films on YouTube that won't show up unless you search for them by typing their names. So if you are looking for a particular movie, especially an older one, perform a quick search on YouTube.

YouTube also offers paid subscription tiers like YouTube Premium and YouTube TV, to watch high quality movies.


8) Vimeo
Like YouTube but may not be as big as YouTube, Vimeo is also a famous video-sharing website for users. You can upload, share and view videos on Vimeo as well.

Vimeo also offers a good collection of free movies and documentaries. You can also find tons of entertaining short movies on the platform.

Vimeo has a pretty decent interface with a high definition playback support and no annoying ads. It also offers an On-Demand video section where users can pay for popular movies and TV shows.


9) SnagFilms
SnagFilms is a video-on-demand website. You can watch hundreds of rare documentaries and independent films that you can't find anywhere else on the Internet.

Founded in 2008, SnagFilms lists more than 10,000 independent documentaries and narrative films. You can search them by genre, most reviewed, newly added, and most popular.

SnagFilms is currently available as a free app for iOS and Android. It is also compatible with Kindles, some Roku devices, and a host of other streaming devices.


10) Yahoo View
If you were a great fan of Hulu's free version, Yahoo View is for you. Yahoo View is another free video-on-demand platform that works almost in the same manner as Hulu worked once.

The clean and easy-to-access interface allows you to select any genre of your interest. It includes popular TV shows from many broadcasting networks like NBC, ABC and FOX. The website also hosts movies trailers, free TV shows, and documentaries.

But, there is one thing you should note—under each video on the site, you will see days remaining before the free version expires. So make sure you complete those episodes in the given time.

Yahoo View also provides many international sitcoms and anime shows which you can enjoy without any episode limit.


11) Pluto TV—Channel
Although it is not as famous as others on-demand video sites, Pluto TV is one of my favorite services on the list.

Pluto TV is a free internet-based TV platform that offers more than 100 channels. They channels divides into movies, TV, news, technology, sports, and other popular sections.

Last year, Pluto TV struck a deal with MGM and Warner Bros to add a huge amount of on-demand movies along with TV shows.

Besides on-demand films, Pluto TV also offers a completely free live-TV streaming service. It hosts content curated from across the Internet. Pluto TV currently features nine live movie channels.

Pluto TV is available for almost all popular platforms. Besides iOS and Android, Pluto TV is also compatible with Apple TV, Amazon Fire TV, Roku devices, and more. So you can enjoy the service on the go.


12) Classic Cinema Online
If you love old, classic movies, Classic Cinema Online is your place. You can find those classic cinemas of the Golden Age of Hollywood which are not easy to find nowadays.

Some of the classic movies include Gregory Peck's Moby Dick, the original Lone Ranger film, the 1952 Mutiny and the 1932 Secret of Dr. Kildare.

If you are looking for something specific, you can search by category, or check out the menu for old films.


13) Retrovision
Retrovision is another free movie download website featuring many classic movies and TV shows. The category includes Adventure, Comedy, Classic TV, Cartoons, Crime, Drama, Horror, and Sci-Fi.

Although not all movies on the site are high-quality—but there are still plenty of good movies to enjoy. The site is well designed that allows users to filter movies based on genre.

Mobile users can download its Android app called Classic UHF so that they can watch movies on the go.


Watch Movies Online: Streaming Services for Latest Movies
Always keep in mind that there is no legal way to download free movies that are still in theaters. For downloading latest movies online to watch them in the comfort of your home, you can try paid websites.

Here's a list of some paid movie download websites and online streaming subscription services that let you watch high quality movies online:


Netflix—It is a leading subscription service for watching movies and TV episodes, and probably one of my favorites. You can either stream to watch movies online or download movies or TV series to watch them on the go. Download option is available only for certain content.
Amazon Prime—It is yet another subscription service that lets you watch and download movies and popular TV shows.
Hulu—Once popular free movie download website, Hulu is now a subscription service. It lets users stream popular TV shows, movies and news online for a low monthly fee. The service is compatible with a long list of devices, including computers and smartphones.  

How to stop trolls from taking over your Zoom call

Zoombombing can be prevented, but it’s not as easy as it should be
By Casey Newton@CaseyNewton Mar 27, 2020, 3:37pm EDT


Photo by Andrew Lichtenstein/Corbis via Getty Images


Zoom is an easy-to-use videoconferencing tool with a generous free tier. With people around the world isolating indoors to protect themselves against the spread of the coronavirus, it has never been more popular.

But its popularity has also attracted trolls. The phenomenon of “Zoombombing,” in which an uninvited guest uses Zoom’s screen-sharing feature to broadcast porn and shock videos, has been on the rise. Most Zoom meetings have a public link that, if clicked, allow anyone to join. Trolls have been collecting these links and sharing them in private chat groups, and then signing on to other people’s calls to cause mischief.

There’s an easy way to stop this from happening, but Zoom makes it needlessly difficult to find. If you schedule a meeting from the web interface, you won’t see the option to disable screen sharing. Instead:
Click on “Settings” in the left-hand menu
Scroll down to “Screen sharing” and under “Who can share?” click “Host Only”
Click on “Save”

Once you save your settings, future meetings that you start will have sharing disabled by default.

If you forget to change the setting before you start your meeting, there’s a way to modify your settings after it starts:
Once your Zoom meeting is running, click the caret to the right of the green “Share Screen” button in the center of the bottom row of icons
Click “Advanced Sharing Options...”
A dialog box will pop up allowing you to switch screen sharing availability from all participants to the host only.

And what if you’re creating a meeting from your mobile device?

To disable screen sharing after you’ve started your meeting:
Tap the More (...) button at the bottom right corner of the screen
Tap “Meeting Settings”
If you’re using an iPhone, scroll down to “Allow Participants to Share” and switch the toggle off.

If you’re using an Android phone, find “Lock Share” and switch the toggle on.

OpenWrt: Σοβαρό σφάλμα επιτρέπει πλήρη πρόσβαση στο σύστημά σας

By SecNews 26 Μαρτίου 2020, 19:15



Ένας ερευνητής ασφαλείας ανακάλυψε σοβαρό σφάλμα στο λειτουργικό σύστημα OpenWrt το οποίο επιτρέπει στους επιτιθέμενους να εισάγουν κακόβουλο λογισμικό στα ευάλωτα συστήματα.

Το OpenWrt είναι ένα λειτουργικό σύστημα βασισμένο στο Linux που χρησιμοποιείται κυρίως σε ενσωματωμένες συσκευές και routers για τη δρομολόγηση του network traffic και υπάρχει σε εκατομμύρια συσκευές σε όλο τον κόσμο.

Το σφάλμα, το οποίο ονομάστηκε RCE, επιτρέπει στον package manager να αγνοεί το SHA-256 checksum, με αποτέλεσμα να επιτρέπει στον εισβολέα να παρακάμψει τον έλεγχο των .ipk πακέτων. Ο ερευνητής Guido Vranken, εξήγησε ότι βρήκε αυτήν την ευπάθεια τυχαία όταν προετοίμαζε ένα task για το opkg.

Για να εκμεταλλευτεί κάποιος το σφάλμα, πρέπει πρώτα να στείλει τα μολυσμένα πακέτα από ένα web server. Στη συνέχεια, πρέπει να δημιουργηθεί επικοινωνία μεταξύ της συσκευής και του downloads.openwrt.org και ο εισβολέας πρέπει να έχει τη δυνατότητα να αλλάξει το DNS Server, για να μπορεί το downloads.openwrt.org να αντιστοιχεί σε έναν server ο οποίος είναι υπό τη διαχείριση του εισβολέα. Στην πραγματικότητα, το opkg του ΟpenWrt επιτρέπει στους επιτιθέμενους να αποκτήσουν πλήρη πρόσβαση σε ολόκληρο το σύστημα.

Κατά τη διάρκεια της επίθεσης, ο hacker πρέπει να έχει ένα έγκυρο και signed package index από το downloads.openwrt.org, ενώ τα κακόβουλα πακέτα πρέπει να έχουν το ίδιο μέγεθός όπως αυτό το οποίο αναφέρεται στο index.

Η ευπάθεια πλέον έχει διορθωθεί και οι χρήστες καλούνται να αναβαθμίσουν το σύστημά τους στην πιο πρόσφατη έκδοση του OpenWrt. Η αναβάθμιση γίνεται με τις ακόλουθες εντολές:cd /tmp
opkg update
opkg download opkg
zcat ./opkg-lists/openwrt_base | grep -A10 "Package: opkg" | grep SHA256sum
sha256sum ./opkg_2020-01-25-c09fe209-1_*.ipk