EFFECTED USERS: Everyone who uses android phone. Also, people who use cryptocurrencies on their smartphones.
Hair of fire 5 of 5
SUMMARY: New report from Trend Micro details how hackers steal your money and your passwords. Learn how to stop them.
Do you like free apps on your mobile phone? I do.
If you are not paying for the product, you *are the product.
Usually that means advertising. Not this time.
Trend Micro report on May 16:
Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys
“We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys. (!!!!)
Because of the number and popularity of these apps — some of them have been installed over a hundred thousand times — we decided to shed some light on what these apps actually do by focusing on some of the more notable examples.
During our recent research into malicious mobile apps, we encountered more than 200 additional apps of the Facestealer spyware in the Trend Micro Mobile AppReputation Service (MARS) database.
The article continued:
One of the apps we found, named Daily Fitness OL, claims to be a fitness app, complete with exercises and video demonstrations. But …… it was designed to steal the Facebook credentials of its users…
After the user successfully logs in to (a Facebook) account, the app collects (a) cookie. The spyware then encrypts all the personally identifiable information (PII) and sends it to the remote server.Trend Micro
And then there’s crypto:
We also found more than 40 fake cryptocurrency miner apps that are variants of similar apps .
Initially, after running tests on one of these new variants, named “Cryptomining Farm Your own Coin,” on our test device, we did not detect any advertisements and requests for sensitive information or payment. However, upon clicking the “Connect Wallet” button in the app, we were prompted to enter a private key (a digital signature used with an algorithm to encrypt and decrypt data), which was enough of a red flag that we decided to look into the app further.
We entered a number of arbitrary private key strings for testing in the “Import by Currency” tab, and the results of the packet capture analysis told us that the stated claims were false: The site not only uploaded an entered private key, but it also did so without any encryption.Trend Micro
- What to do.
- If you only download app from google play – you are not protected. I recommend an antivirus apps:
- Mobile Security & Antivirus from Trend Micro
- If you install android apps for the internet (NOT from Google play, I strongly recommend Trend Micro’s free scan https://mars.trendmicro.com/freescan.html#/
That’s all the time we have!
Don’t forget to check out our sponsor, and home of my day-job: SAFE Classroom, at http://www.thesafe.io
Thanks for listening