Old Joker🃏..New Tactics

The malware operators always keep finding new ways to target and spy on victims. Joker, one of the most prominent malware families active right now, has been targeting Android users for quite some time. Recently, the malware was observed using Github to hide its payload.

A new variant of the Joker malware has been discovered on Google Play, which uses Github pages and repositories to evade detection. This particular version was observed to be targeting mobile operator users in Thailand.

The app laden with Joker promised wallpapers in HD or 4K quality. This app was downloaded over a thousand times.
The app injects malicious code into a new location, instead of application class or launcher activity.

The victims may be unaware of any compromise initially because the malware has a functioning app.After infection, the malware subscribes users to a WAP service without their consent.

To counter attackers’ new approach, experts suggest having an updated anti-malware application on a smartphone, paying closer attention to what the apps are actually doing, and always using official sources to download apps.

Wroba (☣️)Mobile Trojan

Kaspersky this week said its threat-monitoring systems had detected malware known as the Wroba Trojan, which targets Android and iOS device owners in the US with a fake package-delivery notification.

Android device users who click on a link in the notification are taken to a malicious site with an alert that warns users about their mobile browser being out of date and needing to be updated. Users tricked into clicking “OK” to download the purported browser update end up installing the malware on their device instead.

The download does not work on iPhones. So, users of iPhones who fall for the fake package-delivery notification are instead sent to a phishing page designed to look like Apple’s login page, which attempts to steal their Apple ID credentials.

Once Wroba is installed on a device, it can carry out a variety of malicious activities, according to Kaspersky. This includes sending fake SMS messages, checking installed packages, accessing financial transaction data, stealing the user’s contact list, and serving up phishing pages for stealing credentials, including those associated with bank accounts.

Wroba is not unlike other mobile malware — like its distribution via SMS. “But it utilizes some unusual techniques to hide its communication with its command-and-control [C2] server, like using MessagePack format and DES encryption to send the data.”

Wroba also has the ability to update its list of C2 servers with the help of information in social media accounts. The C2 information, for example, might be stored in encrypted form in the “Bio” or similar field in a social media account, Eremin says.

Kaspersky has described Wroba as being part of a broader mobile malware campaign called “Roaming Mantis.” Earlier versions of the malware were distributed via DNS hijacking. The operators of the malware basically hijacked DNS settings on home routers and redirected users of those routers to malicious sites.

The latest Wroba campaign is another sign of the growing threat that mobile users and organizations face from malware, adware, and other unwanted software on smartphones and other mobile devices. Thirty-nine percent of more than 875 mobile security professionals surveyed for the 2020 edition of Verizon’s Mobile Security Index said their organizations had experienced a security compromise involving a mobile device in the past year. Two years ago, only 27% reported such a breach. Two-thirds of those who experienced a mobile-related breach described the impact as major.

PUBG Banned 🚫 ! India on a verge of banning china

Cybersecurity concerns reportedly prompted India to ban more than 100 mobile apps with links to China on Wednesday, according to TechCrunch. The banned apps include popular mobile game PUBG, along with VPN for TikTok and WeChat Work.

The full list of apps appears in a press release reportedly from India’s Ministry of Electronics and Information Technology, which said the ministry had received complaints about the apps’ data handling.

“Several reports about misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting users’ data in an unauthorized manner to servers which have locations outside India. The compilation of these data, its mining and profiling by elements hostile to national security and defense of India, which ultimately impinges upon the sovereignty and integrity of India,”.

India banned wildly popular Chinese video-sharing app TikTok and 58 others — including WeChat and Weibo — in June after a border clash between troops from both countries left at least 20 Indian soldiers dead.

Blocked Apps till now

  • APUS Launcher Pro- Theme, Live Wallpapers, Smart
  • APUS Launcher -Theme, Call Show, Wallpaper, HideApps
  • APUS Security -Antivirus, Phone security, Cleaner
  • APUS Turbo Cleaner 2020- Junk Cleaner, Anti-Virus
  • APUS Flashlight-Free & Bright
  • Cut Cut – Cut Out & Photo Background Editor
  • Baidu
  • Baidu Express Edition
  • FaceU – Inspire your Beauty
  • ShareSave by Xiaomi: Latest gadgets, amazing deals
  • CamCard – Business Card Reader
  • CamCard Business
  • CamCard for Salesforce
  • CamOCR
  • InNote
  • VooV Meeting – Tencent Video Conferencing
  • Super Clean – Master of Cleaner, Phone Booster
  • WeChat reading
  • Government WeChat
  • Small Q brush
  • Tencent Weiyun
  • Pitu
  • WeChat Work
  • Cyber Hunter
  • Cyber Hunter Lite
  • Knives Out-No rules, just fight!
  • Super Mecha Champions
  • LifeAfter
  • Dawn of Isles
  • Ludo World-Ludo Superstar
  • Chess Rush
  • PUBG MOBILE Nordic Map: Livik
  • PUBG MOBILE LITE
  • Rise of Kingdoms: Lost Crusade
  • Art of Conquest: Dark Horizon
  • Dank Tanks
  • Warpath
  • Game of Sultans
  • Gallery Vault – Hide Pictures And Videos
  • Smart AppLock (App Protect)
  • Message Lock (SMS Lock)-Gallery Vault Developer Team
  • Hide App-Hide Application Icon
  • AppLock
  • AppLock Lite
  • Dual Space – Multiple Accounts & App Cloner
  • ZAKZAK Pro – Live chat & video chat online
  • ZAKZAK LIVE: live-streaming & video chat app
  • Music – Mp3 Player
  • Music Player – Audio Player & 10 Bands Equalizer
  • HD Camera Selfie Beauty Camera
  • Cleaner – Phone Booster
  • Web Browser & Fast Explorer
  • Video Player All Format for Android
  • Photo Gallery HD & Editor
  • Photo Gallery & Album
  • Music Player – Bass Booster – Free Download
  • HD Camera – Beauty Cam with Filters & Panorama
  • HD Camera Pro & Selfie Camera
  • Music Player – MP3 Player & 10 Bands Equalizer
  • Gallery HD
  • Web Browser – Fast, Privacy & Light Web Explorer
  • Web Browser – Secure Explorer
  • Music player – Audio Player
  • Video Player – All Format HD Video Player
  • Lamour Love All Over The World
  • Amour- video chat & call all over the world.
  • MV Master – Make Your Status Video & Community
  • MV Master – Best Video Maker & Photo Video Editor
  • APUS Message Center-Intelligent management
  • LivU Meet new people & Video chat with strangers
  • Carrom Friends : Carrom Board & Pool Game-
  • Ludo All Star- Play Online Ludo Game & Board Games
  • Bike Racing : Moto Traffic Rider Bike Racing Games
  • Rangers Of Oblivion : Online Action MMO RPG Game
  • Z Camera – Photo Editor, Beauty Selfie, Collage
  • GO SMS Pro – Messenger, Free Themes, Emoji
  • U-Dictionary: Oxford Dictionary Free Now Translate
  • Ulike – Define your selfie in trendy style
  • Tantan – Date For Real
  • MICO Chat: New Friends Banaen aur Live Chat karen
  • Kitty Live – Live Streaming & Video Live Chat
  • Malay Social Dating App to Date & Meet Singles
  • Alipay
  • AlipayHK
  • Mobile Taobao
  • Youku
  • Road of Kings- Endless Glory
  • Sina News
  • Netease News
  • Penguin FM
  • Murderous Pursuits
  • Tencent Watchlist (Tencent Technology
  • Learn Chinese AI-Super Chinese
  • HUYA LIVE – Game Live Stream
  • Little Q Album
  • Fighting Landlords – Free and happy Fighting Landlords
  • Hi Meitu
  • Mobile Legends: Pocket
  • VPN for TikTok
  • VPN for TikTok
  • Penguin E-sports Live assistant
  • Buy Cars-offer everything you need, special offers and low prices
  • iPick
  • Beauty Camera Plus – Sweet Camera & Face Selfie
  • Parallel Space Lite – Dual App
  • “Chief Almighty: First Thunder BC
  • MARVEL Super War NetEase Games
  • AFK Arena
  • Creative Destruction NetEase Games
  • Crusaders of Light NetEase Games
  • Mafia City Yotta Games
  • Onmyoji NetEase Games
  • Ride Out Heroes NetEase Games
  • Yimeng Jianghu-Chu Liuxiang has been fully upgraded
  • Legend: Rising Empire NetEase Games
  • Arena of Valor: 5v5 Arena Games
  • Soul Hunters
  • Rules of Survival

Strandhogg ! It’s serious Android hijacker

StrandHogg 2.0 vulnerability in Android lets hackers hijack apps to steal victims’ data

Researchers at a Norwegian cybersecurity firm have discovered a vulnerability in Android that can be exploited by malicious apps to steal user data such as passwords, files and text message conversation logs.

The vulnerability, dubbed StrandHogg 2.0, affects the 2018 Android Pie release and all earlier versions, which power about 90% of mobile devices that run on Google’s operating system. The latest Android 10 release is not affected. Hackers who manage to sneak a malicious app onto a handset could exploit StrandHogg 2.0 to place a data-stealing overlay on top of legitimate apps and intercept input entered by the user.

“By exploiting this vulnerability, a malicious app installed on a device can attack and trick the user so that when the app icon of a legitimate app is clicked, a malicious version is instead displayed on the user’s screen,” Promon researchers detailed in a blog post. “If the victim then inputs their login credentials within this interface, those sensitive details are immediately sent to the attacker, who can then login to, and control, security-sensitive apps.”

Login credentials aren’t the only type of data that may potentially be at risk from StrandHogg 2.0-based cyberattacks. Malware can generate a deceptive overlay when a legitimate app requests operating system permissions, say to view the user’s photos or location, and hackers can then hijack those permissions to gain broader access to the user’s data or Android installation.

StrandHogg 2.0 is named after a similar flaw in Android that was spotted last year. This latest vulnerability is believed to be more dangerous because, unlike its namesake, it can be exploited without requiring that the user grant a malicious app any operating system permissions. Moreover, it’s harder for security tools to detect.

Update you Android phone with May 2020 update , rolled out recently