Earlier this week Amazon took some of the low-budget manufacturer BLU's phones off the retailer's digital shelves, following allegations that BLU had included spyware in its products. It seems to have been a false alarm, though, as today BLU has announced in a tweet that Amazon is back to stocking its phones. Customers looking to pick up a cheap and capable phone can again purchase them at the US' biggest online merchant.
Google is pushing out a new version of the Play Store for Android users around the world. Like most updates to this version, there really aren't any notable changes showing up already, but there are a few interesting things hidden beneath the hood. There are some new features focused on improving security for apps that are updated from unexpected sources and making its security scanner more visible to users. There's also a plan to move notification settings to their own dedicated screen.
Every once in a while, you might wake up and see everyone playing the same new smartphone game/app, much like in The Next Generation. Meitu is a bizarre Chinese photo app, that applies various filters and 'enhancements' to pictures of yourself and others. In just the past few hours, it has received massivecoverageonline. While the app is certainly fun to mess around with, several users have pointed out that the application is sending a massive amount of user details to external IP addresses.
Mobile security is a huge issue, but most consumers tend to think that at least a brand new phone is safe. That assumption may be in error, according to security research firm Kryptowire. In a new report Kryptowire documents the inclusion of software tools collectively called Adups, which allegedly shipped on phones like the Blu R1 HD and other devices sold internationally, including the US market via Amazon and Best Buy.
Last year, there was a rather widely-covered story about a piece of Android malware (rather, an Android malware control suite) called Dendroid. That malware was published for sale on a cybercrime-aligned forum known as Darkode, and it just so happens that the FBI (with assistance from agencies in other nations) just arrested the guy who wrote Dendroid as part of a larger raid on Darkode's operators.
That guy is Morgan C. Culbertson, who has a pretty solid real name, but somehow the most tragically boring and uninventive criminal alias of all time: "Android." Come on, Morgan - you could have done better.
Have you seen Mr. Robot? The show is only three episodes in, but it's already shaping up to be a surprisingly awesome hacking drama. And I don't mean "hacking" in the CSI/NCIS/Scorpion "120WPM and 60 flashing windows" kind of hacking - the protagonist and his Anonymous-style compatriots use real methods and technology, mostly relying on a combination of known vulnerabilities, social engineering, and brute force attacks to play at being cyber-vigilantes. You should check it out - USA has the first three episodes available for free on its website.
The third episode features a pretty cool segment where (extremely mild spoiler alert) the antagonist gains physical access to an Android phone in order to digitally tap it.
Over the last week there have been a rash of reports that folder with labels mentioning the Chinese search engine Baidu have been appearing on phones. The most obvious and prominent examples have been Sony's new Xperia Z3 series of phones and others running KitKat. Many users (and media outlets) jumped to the conclusion that these files were evidence of spyware, perhaps bolstered by recent and more credible reports of digital spying and hacking linked to the Chinese government.
Screenshot credit: Sony Mobile forum poster "Iggyjp"
There were some rather disturbing properties of these files; the "Baidu" folder couldn't be deleted by non-root users (or it simply kept reappearing) and sniffing network activity showed that these phones were pinging servers in China.
According to Google, less than one hundredth of a percent of apps out there are both malicious and capable of evading the built-in defenses in both Android and the Google Play Store. But if you really feel like you need a defense from that one-in-100,000 app, a trusted name in software protection has just entered the fray. Malwarebytes, makers of the popular eponymous Windows software, is now offering its services on Android.
The anti-malware app works on the familiar and relatively ancient principle of a scanner paired to an updated database of naughty apps. According to the company's press release, the app actively scans for "over 200 malware families" in real-time in both apps and general files.
I'll admit it, I'm anal about CPU and RAM usage. I'm the kind of person that goes into MSConfig every 6 months to scrape useless startup processes like barnacles off the hull of a ship to keep boot times down and squeeze every last possible increment of free RAM and CPU that I can (insert "Then you should use Linux" joke here) out of my system. If you're like me, then you probably avoid heavy, suite-ized security solutions like the bubonic plague crossed with bird flu. There's nothing worse than turning on a new Windows laptop and discovering Norton is installed.
Regardless of your personal feelings on the matter, Lookout Labs would have us believe that it finds thousands of threats everyday. In order to help visualize this claim, Lookout released a new app to the Market called Mobile Threat Tracker that shows, in almost real-time, detected infections on Lookout-protected devices across the globe.
Each infection is dramatically flown into the screen and represented by a stream of glowing light that becomes a glowing dot of malware/spyware evil on its respective part of the globe.