Security researchers have discovered a new form of malware designed to infect Android devices and replace legitimate apps with malicious versions that show fraudulent ads.
Analysts at Check Point Research, who have named the malware Agent Smith after a fictional character from the Matrix film franchise, believe the malicious software has already infected as many as 25 million devices across the US and India.
The malware, which disguises itself as a Google-related application, is said to exploit known Android vulnerabilities to automatically replace installed apps with malicious versions that show device users ads selected by hackers who profit financially from their views.
Check Point notes that while the software is currently only being used by cyber criminals to profit from ad views, it could be adapted to steal personal and banking information, or turn Android handsets into remote listening devices.
The online security firm has withheld the identity of the malicious actor behind the malware after passing information to Google and law enforcement agencies.
In a statement, Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies, said: “The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own.
“Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like ‘Agent Smith’.
“In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.”
Earlier this month, CSIS Security Group published information about a separate piece of malware that it claims has infected more than 10 million Android devices made by South Korea’s Samsung.
The bogus Updates for Samsung app, which had been downloaded by millions of users before being pulled from the Google Play store, purported to manage firmware updates that improve and secure the running of Samsung devices.
In reality, the app simply directed users to an ad-packed website that charged for the download of firmware updates.
In a statement, Google said: “Providing a safe and secure experience is a top priority and our Google Play developer policies strictly prohibit apps that are deceptive, malicious, or intended to abuse or misuse any network, device, or personal data. When violations are found, we take action.”
Crooked vendors exploiting flaw in eBay’s feedback system to con buyers into purchasing bogus and dangerous items
Buyers on eBay are being duped into purchasing substandard and counterfeit products due to a flaw in the online auction platform’s seller feedback system, according to an investigation conducted by UK consumer group Which?
The watchdog found that dishonest vendors can take advantage of these flaws by linking positive reviews of genuine products manufactured by companies such as Apple and Samsung to fake and low-quality items.
Which? found that crooked sellers are able to link thousands of positive reviews to eBay listings they have nothing to do with.
The organisation discovered that real reviews can be associated with fake products that are potentially dangerous, such as counterfeit mobile phone chargers that can pose a fire risk.
Sellers are able to do this by using “product IDs” associated with genuine items when adding their products to eBay, subsequently benefitting from the positive reviews those items have attracted.
The system is intended to make the process of listing products on eBay quicker and easier by allowing sellers to pull information from similar items that have a linked product ID.
As part of its investigation, Which? purchased 20 bogus Apple and Samsung accessories such as chargers and USB cables that were supposed to be official and shared the same reviews as products manufactured by the two technology firms
Calling for online ecommerce platforms to be held accountable for flaws in their seller feedback systems that allow dishonest vendors to pull the wool over buyers’ eyes, Head of Home Products and Services at Which? Natalie Hitchins said: “Our investigation has uncovered yet another example of online reviews being manipulated to mislead people.
“eBay’s product review system is confusing for consumers and could even direct them towards counterfeit or dangerous products sold by unscrupulous sellers.
“Online reviews influence billions of pounds of consumer spending each year.
“The [UK Competition and Markets Authority] must now investigate how fake and misleading reviews are duping online shoppers, taking the strongest possible action against sites that fail to tackle the problem.”
Responding to the findings of Which?’s investigation eBay said in a statement: “The research does not fully consider that there are distinctions between product reviews (which provide buyers with a holistic review of the same product), and seller feedback (which can be used to see specific reviews of a seller’s performance and may reflect the item’s condition).”
Earlier this month, Bloomberg reported that US politicians had called on lawmakers to hold ecommerce companies such as eBay and Amazon to account if they fail to prevent third-party vendors selling counterfeit or substandard products on their platforms.
Major ‘lover boy’ prostitution gang broken up by coalition of European law enforcement agencies
A Romanian human trafficking and prostitution network that used the “lover boy” method to entrap young women before forcing them into sex work has been broken up a coalition of European law enforcement agencies.
The lover boy method, also known as the “Romeo pimp” method, involves young men seducing victims with the objective of coercing them into prostitution.
Lover boy traffickers groom their victims to believe they have entered into a serious romantic relationship before using emotional, psychological and sometimes physical abuse to intimidate them into working in the sex services industry.
Investigators from Spain, Romania, the Czech Republic and several other European nations were involved in the operation that resulted in the dismantling of the gang, which is said to have groomed and exploited at least 10 young women by forcing them to work as prostitutes.
The operation resulted in the arrest of 14 people in Romania and Spain, the safeguarding of 10 trafficking victims, and the confiscation of a number of items, including a quantity of cash, jewellery, expensive vehicles and several electronic devices.
In total, the agencies taking part in the effort raided 16 properties in the Czech Republic, Romania and Spain.
Having groomed their victims, Romanian members of the network would develop manipulative dependent relationships with the young women they targeted before forcing them into sex work.
Once under the traffickers’ control, victims would be abused and drugged before being sold onto other members of the network for as much as €6,000 ($6,632) each.
The women would then be moved between locations and countries on a regular basis as part of the gang’s efforts to avoid the attention of police.
Profits made by the network were laundered through the purchase of property, expensive jewellery and high-value cars.
Ongoing investigations into the network’s activities are focussed on the theory that it was working in cooperation with another gang.
Enquires have already resulted in the identification of more than 40 additional women who fell victim to the two criminal organisations.
In a statement, Europol said: “Europol facilitated the information exchange between the participating countries, provided coordination support and analysed operational information against Europol’s databases to give leads to investigators.
“Europol conducted a financial analysis based on the information provided which highlighted the extension of the criminal activity of the group and the presence and flow of illicit profits to other jurisdictions.”
Taking cocaine will not cure people struck down with the coronavirus, French government warns public
Authorities in France have been forced to inform the public that taking cocaine will not cure people infected with the coronavirus.
Taking to Twitter on Sunday, the French Ministry for Solidarity and Health told its followers that cocaine is not only ineffective when it comes to fighting the coronavirus, but is also a highly addictive drug that can cause serious harm to users’ health.
The government department was seeking to counter fake news circulating on social media that taking the drug could cure or prevent the virus, including doctored news stories that appeared to confirm the drug’s effectiveness at fighting the disease.
The ministry’s Twitter post included a link to a government information page that provided further guidance on disinformation circulating about the coronavirus outbreak.
As well as encouraging those worried about the coronavirus to start taking cocaine, online trolls have also suggested that bleach can also help fight the disease.
In a post on Twitter that has attracted many thousands of engagements, @Jordan_Sather_ told his followers: “Would you look at that. Not only is chlorine dioxide (aka ‘MMS’) an effective cancer cell killer, it can wipe out coronavirus too.
“No wonder YouTube has been censoring basically every single video where I discuss it over the last year.”
In August of 2019, the US Food and Drug Administration issued a warning about that dangers of consuming bleach, noting: “Drinking any… chlorine dioxide products can cause nausea, vomiting, diarrhoea, and symptoms of severe dehydration.”
As well as warning about cocaine’s inability to fight the coronavirus, the French government has also told members of the public that spraying bleach or alcohol on their bodies will not neutralise viruses they have already been infected with.
Elsewhere, US Vodka maker Tito’s Homemade was last week forced to urge people not to make DIY hand sanitiser out of its products.
Responding to one of its customers who said they had done just that, the company said on Twitter: “Per the CDC [Centres for Disease Control and Prevention], hand sanitizer needs to contain at least 60% alcohol. Tito’s Handmade Vodka is 40% alcohol, and therefore does not meet the current recommendation of the CDC. Please see attached for more information.”
For its part, the World Health Organisation, which today officially categorised the coronavirus as a pandemic, has published a webpage dispelling misinformation about the disease, noting that the virus cannot be killed of avoided by taking a hot bath or using hand dryers.
- Crooked vendors exploiting flaw in eBay’s feedback system to con buyers into purchasing bogus and dangerous items
- Major ‘lover boy’ prostitution gang broken up by coalition of European law enforcement agencies
- Taking cocaine will not cure people struck down with the coronavirus, French government warns public
- US politicians call for state action against Pornhub over allegations it hosted rape and child abuse videos
- Californian border officers catch Mexican man with enough fentanyl to kill 1.2 million people