10 million Samsung users have downloaded a fake “update” app that could swindle them out of money.
The app, which can be downloaded for free on the official Google Play Store is called “Updates for Samsung – Android Update Versions”.
Created by a brazen trickster, the app was named that way to attract people looking for updates on their Samsung phone.
Free software updates for Samsung can be downloaded easily through the handset’s settings.
“‘Updates for Samsung’ does not seem to offer users much of value besides a lighter wallet,” said Aleksejs Kuprins, malware analyst at CSIS Security Group, who discovered the app.
“During our tests, we too have observed that the downloads don’t finish, even when using a reliable network,” he wrote.
Users are then asked to install the $34.99 premium package to download files.
It uses its own payment system, breaking Google’s rules and leaving your payment data open to hackers.
For users who don’t know where to find Samsung phone updates then gets conned out of cash.
Here’s the official advice from CSIS Security Group to avoid Samsung Scam Updates
- “We recommend users to follow Samsung’s designed procedure for downloading firmware updates.
- “That is, by opening the “Settings” application on your Android device and navigating to the “About phone” -> “Software Update” menu.
- “These updates are guaranteed to come directly from the vendor and are free of charge.”
To prevent malware on your Android smartphone, here are some tips:
Download apps only from reliable sources
Password protect your phone
Install OS updates instantly
Avoid viewing sensitive information on public Wi-Fi
Try installing a mobil security app
Do not install anything if unaware of it
Uncheck the “install from unknown sources” option
Read the permissions carefully
Make use of a virus scanner
In a press release earlier today (11 July), Kaspersky revealed that its experts have uncovered new versions of the advanced malicious surveillance tool ‘FinSpy’. The new implants work on both iOS and Android devices, can monitor activity on almost all popular messaging services, including encrypted ones, and hide their traces better than before.
The basic functionality of the malware includes almost unlimited monitoring of the device’s activities: such as geolocation, all incoming and outgoing messages, contacts, media stored on the device, and data from popular messaging services like WhatsApp, Facebook messenger or Viber. All the exfiltrated data is transferred to the attacker via SMS messages or the HTTP protocol.
The latest known versions of the malware extend the surveillance functionality to additional messaging services, including those considered ‘secure’, such as Telegram, Signal or Threema. They are also more adept at covering their tracks, noted Kaspersky.
For instance, the iOS malware, targeting iOS 11 and older versions can now hide signs of jailbreak, while the new version for Android contains an exploit capable of gaining root privileges – almost unlimited, complete access to all files and commands – on an unrooted device.
Based on the information available to Kaspersky, in order to successfully infect both Android and iOS-based devices, attackers need either physical access to the phone or an already jailbroken/rooted device. For jailbroken/rooted phones there are at least three possible infection vectors: SMS message, email, or push notifications.
According to Kaspersky telemetry, several dozen mobile devices have been infected over the past year.
“The developers behind FinSpy constantly monitor security updates for mobile platforms and tend to quickly change their malicious programs to avoid their operation being blocked by fixes. Moreover, they follow trends and implement functionality to exfiltrate data from applications that are currently popular,” said Alexey Firsh, security researcher at Kaspersky Lab.
“We observe victims of the FinSpy implants on a daily basis, so it’s worth keeping an eye on the latest platform updates and install them as soon as they are released. Because, regardless of how secure the apps you use might be, and how protected your data, once the phone is rooted or jailbroken, it is wide open to spying,” he added.
To avoid falling victim to FinSpy, Kaspersky researchers suggest users to practise the following measures:
Do not leave your smartphone or tablet unlocked and always make sure nobody is able to see your pin-code when you enter it.
Do not jailbreak or root your device since it will make an attacker’s job easier.
Only install mobile applications from official app stores, such as Google Play.
Do not follow suspicious links sent to you from unknown numbers.
In your device settings, block the installation of programs from unknown sources.
Avoid disclosing the password or passcode to your mobile device, even with someone you trust.
Never store unfamiliar files or applications on your device, as they could harm your privacy.
Download a proven security solution for mobile devices, such as Kaspersky Internet Security for Android.
For the full report, click here.
Enjoy P2P file-sharing with complete anonymity and blazing fast speeds with Ivacy VPN. With a lifetime subscription to this highly-reviewed service, you can unblock and enjoy buffer-less HD streaming of your favorite movies, TV shows, and sports events. Defeat geo-restrictions and embrace Internet freedom by connecting to more than 450+ servers in 100+ locations worldwide! Official partners with National Cyber Security Alliance, Ivacy VPN promotes cybersecurity and privacy education and awareness.
TrustPilot: “Great VPN app with great features at the most competitive price out there!”
Lock down your browsing w/ powerful 256-bit encryption
Enjoy fast uninterrupted P2P file-sharing with complete anonymity
Quick-connect to 450+ servers in 100+ locations across 50+ countries
Get a dedicated VPN add-on for Kodi
Protect yourself against hackers, spyware, & government surveillance
Anonymize your online activity against spammers & identity thieves
Overcome ISP speed throttling & port blocking
Access region-blocked content anywhere in the world
Enjoy amazing Ivacy features on a range of compatible devices
Log in on 5 devices simultaneously
Strict No Logging Policy
The browser is the weakest link to the internet and can be easily exploited. Common folders like Download and Temp are standard folders all hackers will look for. Although you cannot change your Temp folder where all materials of a web page is downloaded, cookies and your history files are located, there are ways to protect your Download for by renaming it in your browser. Make it harder for would be hackers to know what they are against. Your cache can be manipulated to activate java, not many know how to do it. I will not give hackers a field day. Clear all your temp files including cache by
<Start><Run><Temp>delete all files.
<Start><Run><%Temp%>delete all files.
File Folder <Windows><SoftwareDistribution>delete all files(This is where your Windows Update files contain.
Use Windows Cleanup.
Use a VPN service. Windows has a default service but you need to manually set it up, connection by connection, on every site you visit.
For Andriod you can also use a VPN service by downloading from Google Play. Most of them do not give you full protection from a free service and the connection is extremely slow. Better go for a paid service.
Never use your credit/debit card on the internet. Especially those sites that does not hide your credit card details. You do not want to suddenly find your money missing by fraud. My recommendations is to use Paypal as a service, add your credit/debit card details and have peace of mind. Do not expect high compensation from insurance companies, if part of the reason is you did not take basic steps to protect yourself.
How your mobile phone can be attacked. 1) The attack your VTAP touch on your mobile. 2) Your keystroke, tap and brush can be monitored. 3) They can activate the Airplane mode. 4) They can dim your Display 5) Your messages and voice can be monitored. 6) They can activate and launch apps on your mobile.
Your USB and USB-C has no protection against hacking to retrieve your data.
Your network you chose to connect to the internet is the weakest link especially in Public Wifi and the ISP you chose. Remember your ISP has access to all your information online including history, software or apps you use and all your payment details.
Only Whatsapp communications are encrypted, everything else is open.
Fake deals offered by websites that are too incredible to be true. What they want is you details and credit /debit card info.
Do not download any software from sites you do not trust as you are opening up your PC and mobile for attacks.
There are logs in your activity details on the different platform you use. If you detect any unauthorised activity, immediately change your password. Especially for your payment/banking account, turn on two-step verification.
Use Last Pass to remember your master password and let the software manage all the different passwords to different websites. Do not use a common password for different websites as who knows the admin who has access to your info can use it to access your other accounts. I do not follow my own rules as I am able to setup a trojan horse and trace and identify who has hacked into my account and get back at them.
If you are concerned about your privacy you must know that Windows 10 track all your activities and Facebook and Youtube track all your likes, comments and subscriptions so as to give you a better experience with relevant advertisements. You can decide not to accept cookies, browse incognito and turn off the privacy setting in windows.
I know so much because I have been attacked by so many different methods online and offline for more than 10 years and once I know the methods used, I will develop ways to counter it.
PS : Today FB is down because more than a hundred million people accessed my webpage when I uploaded all the videos of future technologies that will come true. You can create fake statistics on every website but I know exactly what is happening in the world and nobody can tell me lies.
Lies, Lies, and more Lies I am getting from my family members and the entire world trying to learn all my secrets but for more than 10 years they cannot find it anywhere, even trying to develop technologies to read my brain but everyone failed miserably because the time is not yet ripe. Make me angry and I will become a hermit and leave this entire world. The mastermind of all these nonsense is my mom who wants me to prove to the world and see if I can create tons of money but I am not so stupid to conform. I will never forgive her and I have prepared a place in hell for all her sins of greed, selfishness and the love of money.
Donald Trump, the issue is not about Huawei, everything on the internet is not secure and can be intercepted, unless you encrypt everything with an unhackable key or use a private VPN.
Contributed by Oogle.