news – PSafe Blog

Joker Malware is Back (And It’s No Joke)

PSafe Newsroom — Mon, 20 Sep 2021 22:17:38 +0000

Old malware never dies — it just morphs into something more devious and dangerous — and this pattern is playing out with “Joker” malware, which was first identified in 2016. In 2021, it’s back and more diverse and devious than ever.

During the past few months, Joker has become one of the most active Android malware infections. Joker rides on the coat-tails of seemingly legitimate apps, then covertly signs up users for pricey subscription services. It can also steal SMS messages, contact lists, and device information.

Joker variations seem to arrive in batches, with a fresh batch leeching onto dozens of apps as recently as September.

Joker Infiltrates The App Store

“One of the best ways to avoid malware and trojan apps is to use Google’s sanctioned app store,” says Emilio Simoni, PSafe’s dfndr lab Research Director, “but unfortunately, Joker has managed to disguise itself and mutate so profusely, that it has found its way on to several apps within the official Google Play marketplace. Of course third party app stores are also offering Joker-tainted apps — so the best protection is going to be a strong security app that sniffs out malware-tainted apps immediately, like our dfndr security Pro.”

Google removes the offending apps as soon as they’re reported — but the high rate of variation and concealment with this particular trojan keeps bringing new specimens on board.

Delay Tactics

“Part of what makes Joker so effective is that it waits to take effect,” Simoni remarks. “After the trojan-app is downloaded (many of these are knockoffs of better-known apps) it waits to drop a very small packet of code, it then reaches out to the server that loads the malware that does all the dirty work.”

What Can You Do To Stay Safe?

Good hygiene with your digital devices includes:

Installing only the apps that you need and use. Loading up your device with as many apps as you can imagine using is a hazardous path.
Being wary. Look for apps from developers you know and trust. Do a little background checking and make sure that cool new app is coming from a known and trusted provider.
Cleaning house periodically. To keep the number of apps you use to a minimum, do a periodic review of the apps on your phone and delete the ones you’re not using.

“Good security habits are always the first step,” Simoni observes, “but we can see that with truly devious malware like Joker, personal vigilance may not be enough. When a piece of malware is mutating on a monthly basis, you need a dedicated security solution to help keep you safe.”

The Best Defense Begins BEFORE Dangerous Apps Are Downloaded

An excellent way to protect yourself is to use a security application like dfndr security Pro, which has a dedicated Safe App Installer that can tell you if the app you’re about to install has been identified as malware. This is exactly what the Safe App Installer does: it AUTOMATICALLY protects you from malware and apps known to compromise your data — before you even install them.

More Protection for Your Digital Life

Safe App Installer is only one of the key features dfndr security Pro offers. It also comes with a full suite of security capabilities that can protect you not only from digital threats, but from thieves “IRL” as well.

Beyond Safe App, there are four additional features dfndr security Pro offers to protect you and make your digital life easier:

Anti-theft protection: Protects against physical loss that leads to data loss: in case of theft or loss of your device, you can lock it down remotely, find the phone on a map; or, activate a loud alarm to find it nearby. You can also get a picture of the thief, and wipe the phone of your personal data.

Privacy Protection: You can locate on a map where your app data is going and how it might be used by third-parties.

Unlimited Identity Theft Reports: These reports provide “perimeter defense,”looking out for privacy vulnerabilities beyond your own device. These reports reveal if any of your information has been leaked, with a one-click check of a database with over 10 billion compromised credentials.

Ad-Free: As an extra bonus, Pro is totally ad-free.

Get The Protection You Need Today

Click here to download dfndr security and free trial dfndr security Pro to put all of these features to work securing your phone, your data, and your digital life. dfndr security Pro offers a full suite of protection, constantly updated, to make sure “you’re safe out there.”

StrandHogg 2.0 Steals Data From Real Apps

PSafe Newsroom — Thu, 04 Jun 2020 21:45:02 +0000

Named after the Norse term for an ancient Viking technique for coastal raids, StrandHogg 2.0 is a nefarious new update to an earlier trojan-like malware. Its particular way of working undercover and seizing user data is notable. The relentless inventiveness of hackers is very much on display with this latest threat.

Strandhogg 2.0: Worse Than The Original

“StrandHogg 1.0” used Android’s task affinity to hijack applications—by matching the packageName of any other app, then allowing “TaskReparenting,” the StrandHogg app would be launched, undercover, in place of the target app — then share the information with the attacker and the targeted app (to go unnoticed).

Image Source: Promon

Emilio Simoni, research director at dfndr lab explains: “Using this method, you would see (for one typical example) what looks like a fully legitimate Gmail icon on your phone, with the usual login dialogue — just exactly as it would appear when you’re logging back into your account. But once you enter your credentials, you’ve unknowingly shared them with the attacker too. To shield its intervention, your info is also sent to Gmail (or whatever other legitimate application has been hijacked), continuing your transaction and leaving no signs you’ve been compromised. The malware comes on board in the form of innocent looking game apps — one named SuperHappyFunGame — but it does its worst work undercover.”

StrandHogg’s 1.0 weakness was the presence of sketchy task affinity codes in the Android Manifest. Scouring for the 1.0 version required simply scanning the Google Play store for these problematic taskAffinity declarations. But StrandHogg 2.0 doesn’t require any special settings, because the attacking code isn’t necessarily present on the Play Store. Instead, the attacker just downloads the attack code later, once the trojan app or game has taken up residence.

StrandHogg 2.0 also hijacks additional data via app permissions: so contacts, photos, and it can even victim’s movements and location are compromised. Simoni advises: “With the right permissions, StrandHogg 2.0 can even siphon off entire text message conversations, which can enable hackers to defeat two-factor authentication protections.”

The Norwegian security firm Promon, the firm that gave the malware its name, suggests that updating Android devices with the latest security updates — out now — will fix the vulnerability. Users are advised to update their Android devices as soon as possible.

“However,” Simoni warns, “the key is protecting yourself from the next StrandHogg. For that, you need a front line of defense.”

Protecting Your Devices and Data From Unsafe Apps

You should always count on a extra layer of security for your phone. dfndr security, for example, has a Safe App Installer feature that can operate as your advance-line of defense against apps like SuperHappyFunGame, and the next generation of trojans StrandHogg uses. Safe App Installer will also keep you protected from all other malicious apps. “The feature lets you know if an app is unsafe before you even install it,” Simoni advises, “and our team does the work to constantly update our database of malicious apps.” With Safe App Installer, every app you consult before installation will be rated for trust.

There are two levels of alert if Safe App Installer discovers an issue:

Security Alert: If the app is malware.
Privacy Alert: If the app already experienced a data breach

An app is rated as Trusted only if the app is not malware or has never experienced a data breach.

dfndr security also offers Anti-Theft Protection for your device, and Identity theft protection for you. “Our PRO package has been very thoroughly thought out to provide users with the full suite of protections they need,” Simoni concludes.

We’ll continue to provide updates here on the PSafe blog for new malware that could compromise your security and safety — stay tuned!

The End of an Era: It’s Time to Say Goodbye to Yahoo

Carolina Franco — Thu, 05 Oct 2017 01:00:14 +0000

Once a force on the World Wide Web, Yahoo is now coming to an end. After being acquired by Verizon in a $4.48 billion deal, Yahoo is on it’s way out. Out with the old, and in with the new, as they say, after two decades of this site being one of the biggest email service providers.

After this recent acquisition, Verizon announced that they plan to combine Yahoo’s operating business with AOL, which was purchased in 2015. This merger will form a new division called Oath, which will act as a division of Verizon. It will house over 50 media and technology brands. These will include household names such as HuffPost, Tech Crunch, and Tumblr. Because of Yahoo’s enormous reach, Verizon plans to leverage the audience to compete with sites like Facebook and Google in terms of advertising.

Unfortunately, this merger is accompanied by the possibility of a lot of layoffs. Verizon noted that they plan to layoff more than 2,000 employees, which will be the equivalent of 15 percent of the division’s new workforce. Yahoo’s CEO, Marissa Mayer, will be resigning from the company, receiving a not-too-shabby $23 million severance package. Verizon wished her luck in her future endeavors, according to a company statement.

This news comes on the heels of Yahoo recently disclosing two huge security breaches, affecting more than a billion users. Yahoo was forced to cut their price tag to $350 million and to split the cost of legal liabilities with Verizon as a result of the breaches.

This also comes after Yahoo has spent years struggling to find relevance on the web. The company went through multiple CEOs, and attempted to regain popularity through large-scale acquisitions — it even passed up the chance to buy Facebook. Yahoo also hired personalities like Katie Couric in an attempt to reach a greater audience as well as a younger demographic.

They felt the need to compete with other sites and mobile apps, but sadly, their efforts did not do much to turn around Yahoo’s business. Many of those who worked for Yahoo in its earlier and more popular days have already moved on to other tech companies such as Slack, WhatsApp, and LinkedIn.

While it’s sad to see Yahoo come to an end, it’s exciting to see what will come next for the acquisition in the creation of Verizon’s new division, Oath. Stay tuned to see how things unfold and to enjoy what comes next in the world of technology!

Snapchat’s New Update that Can Search for Stories

PSafe Newsroom — Wed, 27 Sep 2017 00:00:23 +0000

On April 1st — no, this wasn’t an April Fools day prank — Snapchat began to roll out a new search option for its stories. As is always the case with the Internet, while a majority of people have good intentions, there can be some dangers. Most Stories come with advertisements, and it’s always best to be careful when leaving a trusted site and venturing out onto the web.

How the Snapchat Stories Update Works
In this introductory video, Snapchat details how to go about it. After swiping over to your Stories, you can plug anything you’d like to see (Snapchat suggests sports games, local bars, or puppies), and Snapchat will pull up the public Story corresponding to it. It may seem like more of the same from Snapchat — How does this differ from their offering already? — but it’s actually a huge step forward. It differentiates them from sites that have begun to copy their “My Story” model, such as Instagram and Facebook.

Classic Snapchat stories are done by your friends and will show you what they did throughout the day, and it’s that model that both Instagram and Facebook picked up on. Snapchat Stories (of the searchable variety) are a whole different beast. Instead of focusing on a person’s individual experience, Snapchat Stories can capture a time or event from a group perspective.

A sports event may be interesting to watch on TV, but with a Snapchat Story curated by multiple individuals, the experience becomes more diverse and immersive. Maybe someone right next to the hoop captures a particularly impressive shot, while someone else captures the crowd’s reaction, and a third person catches a man spilling his soda as he stands up to cheer. This is the sort of moment no individual person could capture, and it can be delivered to you in nearly real time.

Snapchat uses a few techniques to sort its publicly-posted Stories into their individual feeds. After you submit a Story publicly, Snapchat scours it for text in the captions, as well as location information, to try to sort it into the appropriate Story. It can also use computer learning to recognize common shapes in a picture. Using machine vision and learning, artificial intelligence is able to recognize the shape of a puppy and place it within the puppy Story.

What You Need To Know About Twitter’s New Privacy Policy

PSafe Newsroom — Sun, 17 Sep 2017 21:00:04 +0000

Everyone loves Twitter. You can write whatever you want in 140 characters or less, tweet out links to articles, share memes and GIFs, and learn more about what people think. You might even become a viral hit. Yet, have you ever thought about its privacy policy?

When Twitter announced changes to its privacy policy this past May, most people probably didn’t pay much mind or felt it was too confusing to look at. If you were one of the curious people, but couldn’t quite make it out, here are some of the basics you should know about the latest update, which was put into effect on June 18, 2017.

30-Day Collection of Off-Twitter Web Browsing
With the update, Twitter can use the information it collects on people’s off-Twitter web browsing for up to 30 days after it accessed it. This means that they can hold onto the information about which sites you click on. Before the update, there was a 10-day maximum set. The new policy would enable Twitter to effectively target key audiences for certain ads, reversing its struggling ad revenue decline.

Transparency
Twitter also added a new section to the settings menu on its site and in mobile apps that details how Twitter picks which users to target with certain ads. It also allows users to deselect certain individual interest categories, and request a list of companies that use Twitter’s Tailored Audiences option to target them with ads based on information from information like email addresses, Twitter handles, or which users look at the advertiser’s site and used its mobile app.

No More “Do Not Track”
The update also led Twitter to remove the Do Not Track feature, which allowed users to ask every website not to track their behavior in order to target them with ads. Back in 2012, Twitter refused to remove the Do Not Track feature. However, the trend for most ad-supported platforms is to opt out of the feature entirely.

Disabling Ads
However, there are still options for users who want to disable the information that is collected for targeted ads. Users can pull up Twitter’s settings menu, click on “Privacy and Safety,” then “Personalization and Data,” and turn off “Personalize Ads.” There is also an option to disable Twitter from the ability to see when users visit a site that features a tweet button or embedded tweet, and an option to prevent Twitter from sharing user data, using location-based data to personalize content, and connecting that data across different devices.

Who is Responsible For May’s Ransomware Attacks on the NHS?

PSafe Newsroom — Sat, 16 Sep 2017 13:00:16 +0000

Massive global ransomware attacks are not only becoming more common, but far more dangerous, too. In order to protect your devices from these types of threats, make sure that your software is always up to date, and that you install all security patches. You should also regularly scan your device for hidden malware to catch any threats before they become an issue. Click here to use the full virus scan feature to check your device for security threats:

What Was the Ransomware Attack in May?
In May 2017, the WannaCry ransomware attack targeted computers that were running an outdated and unpatched version of Microsoft Windows as their operating system. The hackers encrypted the data so that users could no longer access their data. The hackers then demanded payment through Bitcoin because it’s untraceable. Once the payments were received, the hackers then flipped the “kill switch” for the ransomware and essentially removed it from that device.

The WannaCry malware infected over 230,000 computers worldwide. The most critical part of the ransomware attack infected over 70,000 computers in the United Kingdom’s National Health Service (NHS). This was an emergency situation because all of the patients’ data was stored in the computer system, which sent the NHS into chaos. Many of their computers, MRI scanners, and even blood-storage refrigerators had been affected by the ransomware and were compromised by the attacks. The NHS had to start turning away non-critical emergencies, and even some ambulances were diverted.

How WannaCry is Linked to North Korea
After the malware attack had been taken care of, the NSA and the British Security Group investigated the Wannacry ransomware attack. They found that the ransomware was being shared in a way that had similar code to an earlier malware hack that was associated with a North Korean threat group. Once that connection had been made, the NSA kept finding links between the May attack and the 2014 Sony Pictures hack, which was carried out by the Lazarus Group. The 2014 Sony hack released the film The Interview, which focused on a plot to assassinate the North Korean leader.

These connections mean that WannaCry was similar enough to the other Lazarus Group hacks that the NSA and the National Security Centre have linked it to the North Korean hacking group.

Possible Motivations
According to many intelligence experts, North Korean hackers may be working for the government under their intelligence agency. The hackers will earn money from the ransomware attacks by charging people Bitcoin to remove the ransomware. The proceeds from these attacks will then be redirected towards the funding of the North Korean military strategies. This is one of many “self-funding” strategies that North Korea’s intelligence agency uses.

These Are the Best Apps for Spam Protection

PSafe Newsroom — Wed, 26 Jul 2017 01:00:14 +0000

Receiving spam on your mobile device is always irritating, and it seems to be happening more and more as time goes on. From emails, to text messages, to phone calls, it’s certainly an unnecessary annoyance in your life, and troublesome to experience on your phone or tablet. Thankfully, there’s a wide range of apps designed specifically to block these irritations from popping up on your devices. Keep reading to learn our favorites of the bunch and the most effective options.

Truecaller

This app has achieved over 100 million installations on both the Android and iOS platforms. It is one of the best call-blocking applications to offer spam protection. This program can even be used as a replacement for your actual phone app on your device, as it uploads your contact list and tells you when your friends are free to talk. Most notably, this program’s database has an extensive list of spam and unsolicited numbers, meaning it can warn callers against a spam call as they are coming in. This is a well-rounded and highly reliable app to help avoid spam calls.

Mailwasher

This app is available for Android users, and it’s definitely worth looking into. This app works to diminish the amount of junk emails you receive. It effectively detects suspicious spam emails, and helps you to delete them before they are ever downloaded onto your device or computer. This app also has a feature that allows you to create a friend list so that emails from any known sources will be hidden, allowing you to clearly view spam mail as it appears, and also giving you the option to bounce these emails back to their senders, giving them a taste of their own medicine.

Truemessenger

From the makers of the above-referenced app Truecaller, this is another effective way to block spam from your phone, this time in the form of text messages. This app serves to identify message senders, even if they’re not on your contact list, allows you to block numbers from texting you, and identifies and blocks spam messages in accordance with the community’s feedback. You are also able to report numbers as malicious or spam through this app, which helps them build their database and further protect customers.

Take advantage of technology and ensure that your devices don’t get spammed, creating an unnecessary security risk for you. Download these apps to have a clean and safe device — irritation free!

Introducing dfndr Assistant: Protection With One Tap

PSafe Newsroom — Sun, 23 Jul 2017 01:04:18 +0000

PSafe Technology, one of the foremost providers of security and optimization solutions for Android, is enhancing our flagship dfndr security app, with a new dfndr Assistant feature. Instead of multiple notifications clogging your home screen, tap on the dfndr icon and receive a summary of the security of your phone and its performance.

This indispensable dashboard will provide options to scan for malware or virus threats, ways to maximize phone storage, and suggestions to increase battery life — all in one handy control center.

Whether it’s apps that are slowing down your phone, files that need cleaning out, or suspicious links that could compromise your personal information, the dfndr Assistant feature has your back on safety and performance. Also, it’s easy to use.

Additional Benefits For You

With this new release, the ads-free version of our core DFNDR security app is also available. Ads-free dfndr is a direct response to your valuable feedback for a premium version without ads. At only $4.99, Ads-free dfndr is a comparable cost for the same standout security and performance features you’ve come to rely on, without ads popping up. To upgrade, simply navigate within the dfndr app to complete your purchase.

In Brazil, we help 3 million users reclaim an average of 6MB of storage per day with WhatsApp Cleaner. In the U.S., we recognize that Facebook Messenger is more widely used so we’ve added a Facebook Messenger Cleaner to help U.S. Android users free up more space for the photos, videos, and apps they really care about.

The Changing Landscape of Security

2016 saw a rise in malware attacks on Android phones after findings from the University of Michigan were published, along with Google releasing patches to fix 108 vulnerabilities alone in July of 2016. This disturbing trend is growing with new malware being discovered at alarming rates.

Criminal networks don’t just focus on compromising laptops or computers any longer, but also your smartphone. Your device contains immense amounts of sensitive information, such as credit card numbers, passwords, photos, and other personal details.

As technology morphs, controlling your car or the temperature of your home will be monitored from all the devices you own, including smartphones. While these developments are exciting, the slew of undetected vulnerabilities for thieves or hackers to infiltrate every aspect of your life is not fictional.

PSafe Technology’s increased efforts in intelligent security with accessibility is a vision we re fulfilling and the dfndr Assistant feature is only the beginning of leading-edge protection.

These robust additions to our popular dfndr security app are now available worldwide. Activate features dfndr Assistant or Facebook Messenger Cleaner and enjoy total protection and optimal performance:

Keep Your Home Secure While On Vacation with Technology

PSafe Newsroom — Thu, 20 Jul 2017 13:00:18 +0000

Your smartphone is a huge asset to have while you’re away. There are many apps, devices, and gadgets out there that can provide a “window” into your home, no matter where in the world you may be located. To keep your phone safe while you’re out and about, take advantage of DFNDR’s Anti-Theft tools, which are designed to protect your personal data even if your phone is lost or stolen.

While you’re away on vacation this summer, the last thing you want to worry about is whether your home is safe from harmful predators (such as robbers) or from a natural disaster. While this could certainly be a source of stress for travelers, it doesn’t have to be, thanks to the technology we have available to us. Explore different ways to leverage technology to ensure that your home is safe while you’re away, so that you have the peace of mind you need.

Read More: Use DFNDR’s Anti-Theft Tools When Your Phone is Stolen

Ring Video Doorbell
If people approach your front door while you’re away, this gadget immediately alerts you and also shows you who is there, even if you’re not physically home. You can even use the app to speak to whoever is at the door, which is helpful because it gives off the idea that you are present, even if you’re thousands of miles away. This device has features such as HD video recording, movement detectors, and instant mobile alerts.

Maximus Smart Security Light
This is not your average motion-trigger light. Wherever it is placed around your home, it’s two-way speaker and Wi-Fi enabled camera send real-time alerts to your smartphone as soon as movement is detected, which allow you to see who is there and speak to them, too. The other perk to these lights is that they come in a wide range of styles, so they’ll fit in with virtually any home!

Vivitar Deluxe Home Automation Starter Kit
This three-piece kit has what it takes to keep watch of the inside of your house while you are away. This kit comes equipped with a two-way microphone, motion detection, and night vision multi-angle cameras. The kit also consists of a Smart Plug, which allows you to control your appliances remotely. Gone are the days of worrying about whether or not you turned off that stove! The Smart Light Bulb fits in any standard socket and allows you to monitor motion and temperature via your smartphone. Talk about a kit that does it all!

How Do Companies and Governments Find the Best Hackers?

PSafe Newsroom — Mon, 03 Jul 2017 00:00:38 +0000

Big name companies like Facebook, Apple, and Microsoft have all hired hackers — after those same individuals got caught hacking someone else! While this practice has become normalized, that doesn’t mean that the rest of the country wants hackers to gain access to their devices to point out poor cybersecurity behaviors. If you want to quickly improve your cyber awareness, be sure to regularly scan your device for security threats. Click here to run a quick Security Scan on your phone:

This recruitment technique might seem like a risky one, but it actually comes with a distinct advantage. For instance, say you hear about a hacker who successfully breached Twitter’s security system, like 17-year-old Michael Mooney did in 2009. That person has shown a more impressive display of his hacking skills than a resume ever could.

In Michael Mooney’s case, he created two worms that infected more than 200 Twitter accounts, plus produced another 10,000 spam tweets. What was his punishment for these wrongdoings? Well, Mooney got offered a job at exqSoft Solutions, a web development company. Of course, hacking is still illegal in the United States and this criminal behavior can’t be endorsed. But this discussion does bring us to the topic of ethical hackers and how companies, governments, and other institutions are hiring them for “bug bounties.” Keep reading below to find out more about this increasingly common practice.

Ethical Hackers and Their Bug Bounties

You’ve probably heard of “black hat” hackers before. They’re the hackers who infiltrate security systems and databases for malicious purposes. But what about “white hat” hackers? Also known as “ethical hackers,” white hats are hired by companies and governments, under the request that they attempt a data breach on their security systems.

If the hacker is successful at finding a flaw in their system, they are rewarded with a so-called “bug bounty.” These sums of cash can be pretty lucrative, too, depending on who’s writing the check. Indeed, back in 2015, Apple offered a bug bounty of $1 million to anyone who could infiltrate their mobile operating system. Pretty decent payday, right? In these cases, white hat hackers often work together in small clusters, making them not so different from an office’s IT team.

After all, it’s a common misconception that all hackers have criminal intentions. Many are IT security experts, who relish the challenge of trying to crack into a company’s security system. These days, companies and governments are encouraged to hire ethical hackers, since data breaches can costs them thousands of dollars in losses. So, in the long run, paying an ethical hacker saves them money.