Category Archives: Google

Google is the leader on the Internet. The world's best-known search engine has many security search programs.

Android: The Joker is back on the Google PlayStore

Recently security teams discovered on the online app store of Google Play Store, the presence of one of the most dangerous malware that threatens Android users.

This malware is nothing but the famous Joker, a program used by hackers to empty victims' bank accounts by subscribe to illegal and very expensive subscriptions without their knowledge.

This article will also interest you: Google's Play Store to test 24,000 unreliable apps

In a sense the Joker is considered to be one of the most popular malwares of cybercrime. It makes its first appearance in 2019. Its main feature is to subscribe users to paid services and this, without their knowledge. During the year 2020, he would have been seen several times on the play store. Before being eliminated by Google's security services. Unfortunately this is only for now as it reappears in April of this year. It was first seen in AppGallery, the app store of Chinese giant Huawei. Yesterday, security researchers from the American company McAfee discovered Google's app store. The software would be incorporated into more than 8 applications. These apps are still available on the Google Play store.

Looking closely at these applications alone, there are more than 700,000 downloads. Which is not insignificant in itself. The same modus operandi as the Joker was clearly observed two years ago. The operators behind this malicious program can not only hijack SMS messages, but also use them to make purchases that are not authorized by the user himself. The McAfee researcher claims to have been able to break into the hacker server behind these 8 applications. As a result, they were able to discover a fairly large number of the personal trainings belonging to the victims. Information includes phone numbers, personal text messages, IP addresses or geographic location. On the operator's server, there were also automatic renewal subscriptions. "The malware hijacks the Lister Notification to steal incoming SMS messages as the Android Joker malware does, without the SMS's permission to read," the researchers explained.

According to the information we have, Google has already removed C8 application from its catalog. "It's important to pay attention to apps that ask for SMS and notification permissions. Simply put, legitimate photo editing and wallpaper applications do not require these permissions because they are not necessary to operate them. If a request seems suspicious to you, don't allow it," says McAfee researchers.

We'll give you a complete list of the applications affected by this security issue:

– Studio Keypaper 2021;

PiP Editor Camera;

– My Favorites up Keypaper;

Super Color Hairdryer;

– Pip Hit Camera;

– Daynight Keyboard Wallpaper;

– Super Star Ringtones;

– Photo Editor app;

Now access an unlimited number of passwords:

Check out our hacking software

A malicious program hide behind a fake Android system update

Since last week, computer security specialists have discovered a traffic malware whose spread is quite special.

Indeed this malware takes the form of a system update. It attacks Android devices and can cause serious damage when it hits smartphones. In particular, it is against the possibility for the hacker to take remote control of the terminal. There is also the ability to steal personal information from users running Android.

This article will also interest you: Android: 37 vulnerabilities fixed by Google

The malware in question was discovered by computer security researchers at Zimperium. Like the other one who attacked Google's system, Twitter and Facebook, they are among those malwares that have frightened users over the past week.

According to the descriptions made by the specialists they discovered, this malware camouflages itself behind an application that takes the name "System Update" or "System Update" in English. This program can only be installed through an external APK file. Indeed it is not available on the Google PlayStore. From the moment it is installed on the smartphones of its victims, it automatically takes control of them to then steal their data. In addition, this spy program offers its operator the opportunity to access contacts, messages, browser favorites, search history… In short the total. It can also record calls and make audio recordings, taking photos, all the time depending on the location of users of corrupted smartphones.

"This is by far the most sophisticated malware we've seen to date. I think it took a lot of time and effort to create this application. There are certainly others of this type and we are doing our best to detect them as quickly as possible. explains Zimperium's CEO. According to the latter, this malware would be part of a targeted cyberattack campaign.

The hackers behind this spyware have not yet been identified. While there is a companion of targeted computer attacks in progress, the targeted victims have not yet been identified. "We are starting to see an increasing number of RATs (Remote Access Trojans) on mobile devices. And their level of sophistication tends to increase. It seems that the hackers have realized that this type of device contains a wealth of information. Much less protected than traditional terminals, they are therefore easier to hack," said the first Zimperium official.

It should be noted that the Android system has been under severe strain for some time. Indeed, the end of March is very challenging for users of the systems when they have to deal with Bugs and malware that keeps being discovered more and more.

Now access an unlimited number of passwords:

Check out our hacking software

Google introduces a set of 11 Zero Day security vulnerabilities

Google's team of security vulnerability search specialists Project Zero has been on the run for some time to decrypt a set of computer hacks that have compromised several mobile and computer operating systems during the year 2020.

Namely Android, Windows and iOS. Of this vulnerability detected by Project Zero researchers, 3 of these security vulnerabilities could offer hackers the opportunity to benefit from actions through the iOS safari browser or Google Chrome. They are in their wake nearly 4 critical security flaws that were described by the researchers.

This article will also interest you: A zero-day flaw discovered on Google's Chrome browser

It was at the beginning of the year that these researchers decided to begin explaining this security flaw. This follows an observation of a wave of computer attacks on several operating systems at once. First of all, it started with the explanation of 4 critical security flaws at the base of this computer attack chain namely:

– CVE-2020-6428 (TurboFan in Chrome);

– CVE-2020-0938;

– CVE-2020-1020 (Font in Windows);

– CVE-2020-1027 (WindowsCSRSS).

Recently, Google researchers have been explaining the other flaws:

"Vulnerabilities cover a fairly broad spectrum of problems, from a modern JIT vulnerability to major cache problems related to police bugs," said Google Project Zero security researcher Maddie Stone, "Overall, each of these exploits has been the subject of a thorough understanding work." She added: "Of the last 7 flaws analyzed, CVE-2020-15999 has been particularly formidable, using a feat method never before observed by Google's research team using a variety of edcialization methods that have taken a long time to understand. ».

Among the vulnerabilities discovered were those that were later screened by the specialists of the American giant in 4 colors. These include:

– CVE-2020-17087 (Windows buffer overflow in cng.sys);

– CVE-2020-16009 (Chrome TurboFan type confusion);

– CVE-2020-16010 (Overshooting Chrome buffer for Android);

– CVE-2020-27930 (reading/writing in Safari's arbitrary stack via Type 1 fonts);

– CVE-2020-27950 (disclosure of iOS XNU Kernel core memory in mach messages);

– CVE-2020-27932 (iOS type confusion at the core level).

In their investigation, Google's computer security discovered that there were two servers that allowed hackers to activate their exploit through an attack called watering hole. The first one, which was active over a week, focused primarily on Windows and iOS systems.The second, operational attack, which lasted 36 hours, was exclusively aimed at Android systems.

"In total, we collected: 1 complete attack chain targeting Windows 10 fully corrected with Google Chrome, 2 fully corrected partial attack chains targeting 2 different Android 10 devices with Google Chrome and the Samsung browser, and RCE exploits for iOS 11-13 and a privilege-escalation feat for iOS 13," says Maddie Stone. "The iOS, Android and Windows devices were the only ones we tested while the servers were still active. The absence of other operating channels does not mean that these channels did not exist," she adds.

Now access an unlimited number of passwords:

Check out our hacking software

Google's security key, "Titan" was hacked by two hackers

This key, which was supposed to help with dual-factor authentication, had a reputation for being inviolable.

It is inviolability that has given her this reputation and the success she has enjoyed. Yet two French hackers have managed to prove that it is as vulnerable as any computer hardware.

This article will also interest you: Google's USB stick in support of passwords

As a reminder it must be said that these tools have been on the market for 2 years now. Their basic features are to maximize connections by making it impossible for users to hack. It's a USB-A/NFC key, lined with a second Bluetooth key. If in practice it has long proven that it can be useful to secure the connection, its invulnerable character has unfortunately been broken thanks to the discovery of the French. The problem is that the physical tokens used for authentication can be cloned. This was discovered by Thomas Roche and Victor Lomne, computer security researchers, of NinjaLab, a company based in Montpellier.

The researchers after analyzing the Google key, they felt that similar to other keys of this kind, their use has many advantages for the security of connections and for dual factor authentication. This means is beautiful and of course. But not infallible. For any hacker who gives himself the means, it is clear that he will succeed in finding a security flaw. "The flaw in the Google Titan security key is the NXP chip in its small plastic case, which is much harder to open than it looks, making it impossible to close without damage. Once the key is opened and the chip is accessible, the hacker can carry out a side-channel attack that you will understand can only be implemented if physically accessed to the object. explains the ninja lab researchers.

In order to be able to explore the security flaw, the French researchers had to notice electromagnetic radiation emissions after several analyses. Programs that strongly coincide with the digital signature issued apart from the chip. Using more than 6,000 operations that used the NXP chip references, our two researchers were able to reconstruct the private key through ECDSA encryption. With all the resources at their disposal and then it is possible for them to create their own key.

The operation is difficult to put into practice it should be noted. Whether it is for the extraction of information or the reintegration of the chip, it is to be expected to put at least 4 hours of time. It will then take 6 hours of well-run time to have sufficient information to initiate the hacking of a specific account. To finish what makes things even more difficult, the hacker needs to have access to the key. To separate a user from his Titan key from Google, it is difficult to do so in a fairly natural way, unless the hacker anticipates the progress of the burglary. For a single account, it will take 10 hours of time in total. When you reach both accounts it takes about 16 hours of time and 10pm for 3 accounts to hack. But one thing will be remembered after this analysis of the two French hackers: the key cannot be hacked remotely. On this occasion it is Google who is right.

Now access an unlimited number of passwords:

Check out our hacking software

Google focuses on trade protection on its messaging app

The Mountain View company recently announced in an official announcement on November 19 that Google Messages would soon adopt end-to-end encryption.

Good news for app users in that this security mode has become literally standard in the areas of messaging applications. The American giant promises a gradual shift towards this encryption which will take the form of an additional layer of protection. The goal of course and to provide users with a higher degree of privacy in their exchanges. Conversations will now be inaccessible to anyone outside the exchanges.

This article will also interest you: Alert! A new virus pretends to be popular Android messaging

End-to-end encryption has been a huge success since whistleblower Edward Snowden's revelations in 2013. Faced with the manoeuvring of state agencies, act particularly by collecting information from different users of digital services, to better spy on them, the issue of privacy has become something imperative. Encrypting user conversation has become a standard for instant messaging publishers, even becoming a business argument.

The alignment of Google in this dynamic for its messaging application and a good thing for those millions of users who are often forced to use it as a preinstalled application in the smartphone running Android. In this way Google Messages fit in line with these famous messaging software already in the bath, including WhatsApp, Signal, iMessage, Viber, Wire. Not to mention those that offer it as an alternative i.e. Skype, Messenger or Telegram.

"End-to-end encryption ensures that no one, including Google and third parties, can read the content of your messages when they move between your phone and your correspondent's," the Mountain View giant wrote.

However, you will have to be patient because, this switching will not be done in two steps three movements. Because Google estimates that end-to-end encryption to be inserted into its messaging app by 2021. And according to a well-defined pattern. Indeed there will first be the application on beta software. Then, once deployed on the application in general, encryption can only apply to 2-page conversations for a period of time. And around November 2021, it will be possible to consider group exchanges.

"Your eligible conversations will be automatically upgraded to be encrypted end-to-end. End-to-end encryption is only available when you and your caller have installed Messages and enabled chat functions," the US giant said. The idea is whether users will finally be able to see Google messages as a classic exchange application like any other. Because in fact, the company with 4 colors comes a little behind on this field.

Also it is important to emphasize is important. Google decides to opt for the Signal protocol. A protocol already used on several famous applications such as WhatsApp, Skype, Facebook Messenger, or Signal. In the various documents provided by the Mountain View giant on its orientation for its encryption protocol, it is clear that this choice was motivated by the good reputation around this protocol not to mention that it is already used by several others. A story of being able to easily meet the needs of the moment and the trend. Moreover, it will not be denied that this encryption protocol has a very good reputation because of the praise that Edward Snowden and several rights and freedoms organizations have made with regard to the mother application. Some computer security experts Christopher Soghoian, the first leader of the famous project "freedom of expression, privacy and technology" initiated by the American Union for Civil Liberties also praised this encryption protocol.

With this announcement, Google tries to reassure users and further confirms its desire to always a real for their security. The adoption of end-to-end encryption in its messaging app and an important point in its policy. We will have to wait until 2021 to take advantage of this new feature that perhaps promises to give a boost to Google messaging messages.

Now access an unlimited number of passwords:

Check out our hacking software