Terrifying malware on Google Play Store BREAKS through advanced security

By: Dion Dassanayake

ANDROID users have been put on alert about a terrifying new piece of malware found on the Google Play Store that can break through advanced security.

Android fans are being warned about new malware discovered on the Google Play Store which can bypass advanced security measures.

Android is one of the most used pieces of software in the world, with more than two billion devices running the Google mobile OS each and every month.

But Android users are no strangers to security alerts, with some recent widespread threats being circulated via apps found on the Goole Play Store.

Six Android apps that were downloaded a staggering 90million times from the Google Play Store were found to have been loaded with the PreAMo malware.

While another recent threat saw 50 malware-filled apps on the Google Play Store infect over 30million Android devices.

And now Android fans are being warned about a terrifying piece of malware that can bypass the advanced 2FA security protection.

Two-factor authentication (2FA) gives an extra layer of security, with users having to enter their password and a unique, one-time code.

The latter is sent via an SMS message or email, but this newly discovered malware can obtain this unique password – even without SMS or email permissions.

More: https://www.express.co.uk/life-style/science-technology/1143651/Android-warning-malware-Google-Play-Store-security-June-23

SS7 exploited to intercept 2FA bank confirmation codes to raid accounts

By: Robert Abel

Cybercriminals are exploiting flaws in SS7, a protocol used by telecom companies to coordinate how they route texts and calls around the world, to empty bank accounts by intercepting messages sent for two-factor-authentication(2FA).

The exploit can allow threat actors to track phones across the planet and intercept text messages and phone calls without hacking the phone itself.

While known that intelligence agencies and surveillance contractors could carry out these kind of attacks, Motherboard reported confirmation of financially-motivated criminal organizations using the technique to empty accounts at the U.K.’s Metro Bank in a recent attack.

“At Metro Bank we take our customers’ security extremely seriously and have a comprehensive range of safeguards in place to help protect them against fraud,” a Metro Bank spokesperson told Motherboard in an email. “We have supported telecommunication companies and law enforcement authorities with an industry-wide investigation and understand that steps have been taken to resolve the issue.”

Customers at other banks have also been victims of these attacks and the spokesperson went on to say that those affected at their bank represent only a small percentage of those affected.

The attacks highlight the issued of the SS7 network not authenticating who sends requests so SS7 will treat the commands of whoever gains access to the network all the same regardless of the validity.

More: https://www.scmagazine.com/home/security-news/cybercriminals

Database Misconfiguration Leaks 26 Million SMS Messages

By: Kacy Zurkus

A San Diego, California–based communications provider, Voxox, exposed a database containing at least 26 million text messages, including password reset links, two-factor authentication (2FA) codes and shipping notifications. The database was not password protected, which lead to the exposure of the personal information, phone numbers and 2FA codes in near real time.

“Unfortunately, these 26 million 2FA codes, password reset links and delivery tracking details leave the exposed individuals easy targets for threat actors engaged in account hijacking,” said Mark Weiner, CMO, Balbix“A basic misconfiguration like the one that caused this exposure should never occur; implementing a password is a simple but crucial first step in securing data.  The organization and its customers might still be secure if they had early visibility into vulnerabilities across their entire attack surface –including passwords – and been able to correct it shortly after launching the service.

“It is mathematically impossible for humans to conduct the continuous monitoring of all IT assets and infrastructure needed to stay ahead of attack vectors. Security platforms developed with artificial intelligence and machine learning are essential to support security teams and proactively manage risk.”

The latest exposure raises questions about whether organizations have become too reliant on passwords and 2FA to verify user identities and whether user credentials can ever be fully secured.

“In this latest example, the use of a simple two-factor authentication method – a one-time passcode sent over SMS – could be easily intercepted in near time, eroding any possibility of establishing a level of trust,” said Keith Graham, chief technology officer of SecureAuth. “As organizations seek to prevent credential-based breaches, they must move beyond password and simple two-factor authentication methods, which are no longer enough to safeguard against today’s attacks.”

More: https://www.infosecurity-magazine.com/news