BEWARE! This Android Trojan Buys And Installs Apps From Play Store

BEWARE! This Android Trojan Buys And Installs Apps From Play Store

A security firm known as Dr. Web has just discovered a new threat to Android which is able to get the necessary permits or permissions in infected devices to buy and install apps from the Google Play Store.

BEWARE! This Android Trojan Buys And Installs Apps From Play Store

The presence of malware on Android is an increasingly frequent problem that Google, unfortunately, can not seem to control. For more measures, it continues to infect mobile devices, often by the carelessness of users.

A new threat seems to have come to Android, wreaking havoc discreetly and installing applications on the devices. Of course, it does not stop there and also steals user data.

Skyfin, named for this new malware, arrives at Android by the most frequent infection entry point, the out-of-the-way application stores. Once infected, and using a well-known component, Android.Download, your smartphone starts a process of installing applications from the Play Store to give a higher ranking to certain applications.

By committing the Play Store process, this malware can steal Android’s control and is only dedicated to doing these installations, increasing their ranking and bringing them up against Google’s lists.

What’s more curious is that Skyfin does not even install applications on smartphones. It performs the normal purchase and download process of the application, placing only the application in the download folder, but indicating to the Play Store that it has been installed. This behavior allows the user not to give the infection and therefore does not detect Skyfin.

This is not an abnormal behavior in this type of malware. The idea is that periodically new applications are sent to the compromised device, making this part of a network of devices that are dedicated to grow applications in the ranking of Google. It was further discovered that Skyfin can click on advertising banners, again reverting to the attacker.

In addition to this, which is already negative for the smartphone, Skyfin is still stealing user data and sending it to the attacker.

This is one more problem that Google can hardly solve or eliminate. The source of the problem comes from users and applications installing from external stores or APKs they find on the Internet.

Lineage OS Official Builds Coming To 80+ Devices

Lineage OS Official Builds Coming To 80+ Devices

Recently, we all read the news articles that “It’s official, CyanogenMod Is Dead”. But, don’t worry, the new Lineage OS arrived, the CyanogenMod project replacement and its official build coming to 80+ devices.

Lineage OS Official Builds Coming To 80+ Devices

The company Cyanogen Inc. (cyng), responsible for Cyanogen OS, announced that it would shut down all its services and development for Android ROMs (both nightlies versions marked as stable), as from the 31st December 2016.

Wasting no time, a group of programmers and developers have created a fork of CyanogenMod, which they named Lineage OS (Lineage Android OS Distribution). In recent days, some images have been made available.

As a successor appeared Lineage OS which, according to the project managers, will be available for 80 different devices.

Lineage OS is the successor project of CyanogenMod, which is already present in more than 50 thousand devices. For now, the equipment still has unofficial versions but, according to those responsible for the project, the official versions will soon arrive, and the most fantastic thing is that there will be ROMs for more than 80 different Android devices.

Another of the novelties is that these ROMs can have weekly updates. Those responsible for the Lineage OS project also suggest that a clean installation of this system should be done, which means that the device should be formatted.

According to the information, as of this weekend, some official ROMs are already available. Be attend to Downloads portal that is available here.

This Teenager Hacked His Way to Free, Unlimited 4G Data

This Teenager Hacked His Way to Free, Unlimited 4G Data

Need revives the ingenuity of people, and a US operator has found it in all its glory with a teenager who got them out for free and unlimited 4G data. A 17-year-old teenager from the Virginia, United States managed to bypass the 4G LTE network of T-Mobile.

This Teenager Hacked His Way to Free, Unlimited 4G Data

It is very clear that the need revives the ingenuity of people, and a US operator has found it in all its glory with a teenager who got them out for free and unlimited data. Yes, a 17-year-old teenager from the United States was able to discover something curious, as this happened when he found his mobile data getting exhausted.

Yes, now you all might be thinking that what’s interesting in this?
So, what if I say you all that now you all can consume unlimited 4G data for free. Hold on actually this is not the real point, though it may sound really interesting. The real point is that the 17-year-old teenager from the United States, known as Jacob Ajit who actually managed to hack the 4G LTE network of a leading telecom company known as T-Mobile and used unlimited data without paying a cent.

However, T-Mobile allowed Jacob Ajit to connect to its captive portal, where he was asked if he wanted to renew their prepaid plan. “I played around with this portal for a while, clicking on links and trying to escape. Some links failed, and some worked, somewhat randomly” said 17-year-old Jacob Ajit.

While Jacob Ajit checking whether the random apps would connect to the internet or not interestingly he realized that the Speedtest application (An app to evaluate the speed of your connection) is still working without any active data plan and that gave him an idea with which he managed to keep surfing on his mobile and use the data connection without paying hard earned money.

Hacked 4G Data SpeedTest

The 17-year-old teenager from the United States, Jacob Ajit stated that “I was onto something, or was I? I assumed they must be whitelisting Speedtest-affiliated servers in some way, perhaps using the official list?”.

In this test with the known tool Ookla SpeedTest Jacob told how the mobile was able to download data at 20 Mbps, demonstrating that somehow it was possible to continue to access the Internet. After connecting the phone to his Mac and use the program MITM proxy from which he managed to discover how it was actually happening.

Hence, Jacob Ajit came to know that T-Mobile was simply allowing the folders named /speedtest. So, Jacob hosted some files on his page with a folder named /speedtest and he was able to watch all the videos that he uploaded without any active data plan.

Heroku Proxy Script Tool

Jacob Ajit creates a proxy server on Heroku using a tool known as Glype proxy script. The idea was very simple: as he used that proxy as a homepage, through which he could enter any URL to use that configuration fault of T-Mobile and continue browsing even without data.

However, the young boy showed the problem that existed and contacted with T-Mobile to solve the problem. The solution, he says, is simple, and simply review their whitelist to disable this type of URLs. Currently there has been no response from the operator, but of course, the discovery again shows the ingenuity of some developers as well as the honesty.