Category Archives: Google

Google is the leader on the Internet. The world's best-known search engine has many security search programs.

The bug on the Camera of Android smartphones. A security issue that continues to cause uproar

For some time, it has been revealed in the press that there is a defect on the cameras of some brands of smartphones running Android.

This same problem that had been discovered during the month of July and corrected since then would still be relevant. Is there an explanation for the problem?

as you may have learned, there would be a design flaw on the Google camera app, which would allow anyone interested or ill-intentioned to "hijack your Android camera to spy on you". The flaw was discovered by a company specializing in cybersecurity specifically software security, called Checkmarx.

This article will also interest you: xHelper, the Virus for Android Terminals that makes people talk about it

She published it in a post posted online on November 19. So the famous question was asked by several users "So, do you have to put a piece of duct tape on the front and back of your smartphone now, in order to avoid misuse of one of the two cameras? The answer is simple even if the question seems rather ironic.

There is no need to use the adhesive in this case, as a security fix had been issued for this problem since last July, a fix made available to all smartphones that had been affected by the defect. however, the question arises as to how does a fixed flaw continue to persist? Especially when you know that it is a loophole that could have been exploited for malicious purposes. According to Checkmarx's description, the defect that starts from here allows you to "control the app to take photos and/or record videos via a dishonest application that does not have permission to do so."

This legitimized the Fact of the Israeli security company and the American firm behind Google Camera, that is, Google of course, spoke throughout July to find a solution to this problem. Google automatically took this find made by the Israeli company seriously, because not only did it classify this flaw as a moderate-level alert, but also raised it to a higher level. the exchanges made it possible to discover, of course, that the security vulnerabilities also affected Google smartphones, thus the pixel 2 and pixel 2 XL. On the side of third-party manufacturers using the Android operating system, the suspicion of the Israeli security company was confirmed by Google Following an analysis conducted during the beginning of August.

From there, various manufacturers were warned of the security flaw. Of all the companies, only Samsung has confirmed that it has been affected by the vulnerability. The security fix didn't last until Google made it available to affected smartphone models. According to the company's spokesperson: "The concern has been addressed on impacted Google devices via an update to the Google Camera app on the Play Store in July 2019. A patch has also been made available to all partners."

But to publish its discovery, the Israeli cybersecurity firm had to wait for the green light from Google and Samsung. The authorization that was given to him only during the month of November. It is for this reason in part that this case is so topical. Second, some people own the smartphones affected by the security breach, and have so far not had the idea or benevolence to execute the recommendation to update their system. That's why the vulnerability still persists in their smartphones.

Now access an unlimited number of passwords:

Check out our hacking software

The American giant's list for the security of its Google Play Store

Google to ensure optimal security of its app store, has partnered with several companies specializing in computer security.

These include ESET, Lookout and Zimperium. this clearly demonstrates that Google alone is not able to protect the thousands of apps it hosts on the Play Store. But it also shows in another sense the will of the American giant not to be caught by surprise.

This article will also interest you: Apps on Google Play Store are starting to get infected with porn and malware

However, several media outlets do not hesitate to criticize the mountain firm view, describing it as helpless and incapable. however, the American firm does not detract from it and continues to rely on its IT security partners to help him continue securing its platform. Hence the implementation of the " "Defense Alliance App," which brings together Google – Zimperium – ESET – Lookout, whose purpose is to form the PlayStore's defense shield against malware or software with illegal purposes.

We know that in the early days Google was busy protecting its platform with its Play Protect tools, which analyzed several applications every day, which were hosted, to make sure that none of them worked abnormally. There are about 50 billion scanner applications per day, which is a huge number for a single security program. this explains why, sometimes malware manages to escape the cracks. And on this subject the examples are legion. almost every year, hundreds of or even hundreds of applications are discovered on Google's Play Store and are infected or are being infected by malware.

From 2016 to 2019 through 2017 and 2018, several times, cases of infected applications were detected on Google's platform, forcing the U.S. company to intervene after the fact to try to clean up its store. We know that there are quite many examples and that all this must motivate and hasten Google to review its anti-malware policy. and without trying to extrapolate the issue, this fight is really significant. indeed, by simply limiting ourselves to official figures, we know that Android is an operating system existing on about 2.5 billion smartphones worldwide. not to mention other technologies based on this basic system such as smartwatches, connected cars, tablets and even televisions. we realize that Google alone is not big enough to ensure the safety of all this ecosystem that is expanding more and more.

That's when we see, the importance of the intervention of being a partner of Google in the field of security. Google's goal through this partnership is no longer simply to fight malware, but simply to prevent them from crossing the line of its app store. "The sharing of knowledge and industry collaboration are important aspects to protect the world from attack," Google says, trying to explain its new strategy: "We know there are others who do a good job of finding and protecting against attacks. (…) We believe that working together is the best way to get ahead of malicious third parties. The Union is strong. ».

Now access an unlimited number of passwords:

Check out our hacking software

xHelper, the Android terminal virus that makes people talk about it

Recently, a new virus has just passed the celebrity cybersecurity mark.

It is a program that is qualified by its peculiarity, quite special anyway. this feature allows it to reinstall itself even after a reset of the factory settings of the terminals it has infected. which would make it a malicious computer program that cannot be erased.

But what is it really for? What does his publishers earn to go to such great times to create such an exceptional program? This malware, once your device is infected with it, will subscribe to paid services without you even consenting to it. And the major problem is that it is difficult to exterminate.

This article will also interest you: The Vietnamese student who was behind a dangerous Android adware

If its ability to relocate after a factory reset impresses a lot of people in the it security sector, it must be admitted that it is still smart to force its victims to subscribe to paid services.

Moreover, that this virus has been raging for quite some time, and last March it was counted more than 32,000 victims, observed after only 5 months of operation. this number has now risen to 45,000 infected Android devices.

For the security solutions company Symantec computer, "xHelper infects 131 new smartphones every day. (…) Compared to other malwares, the threat posed by xHelper is quite limited given the slow pace of its deployment, but its dangerous nature based mainly on the fact that it cannot be uninstalled. »

one knows that in practice the contamination of this computer program malevolent is perceived by the fairly regular appearance of several ads advertising and spam notification on the terminals that are mostly phones. it was noticed in some cases that infected smartphones were literally unusable. This process virus allows its publishers to generate profit.

It is also known that the virus has easily spread through application redirect pages. the majority of its victims were affected by downloading apps outside the Google Play Store. Because, the virus was hidden in the code of its applications, such works a Trojan horse. Once the app is downloaded and installed on the terminal, the virus detaches from its original application and spreads to the smartphone system. This means that even when the original app is uninstalled, it stays in the phone. and it should be noted that everything that happens without the phone user's knowledge until it is too late.

So far no effective parade has been found accounts for this computer virus, other than prevention. Smartphone users have been advised all the time to avoid downloading apps from safe sources such as the Play Store. Researchers are working to find a solution because viruses are a mystery to the entire community.

Now access an unlimited number of passwords:

Check out our hacking software

Google Chrome: Google's vulnerable browser

The American giant Google, has just discovered that its "Chrome" far browser had two critical security flaws.

Its flaws were detected earlier this week, but some argue that it was discovered rather. In addition, these vulnerabilities would be very actively used by hackers to gain control of infected terminals. It is therefore in a hurry that Google recommends to all actors using Chrome, to update it as soon as possible, if not their browser at the risk of putting the personal data naked.

This article will also interest you: A group of Asian hackers is using a Chrome extension to corrupt the systems of its victims

The discovered and 0-day type flaw. Earlier this week, the US giant announced on its official website that it had become aware of two vulnerabilities. they were discovered by cybersecurity researchers from the Russian company Kaspersky. discovered vulnerabilities allow hackers to grant themselves administrator privileges and also control the PC remotely. In other words it will be possible for the hacker to control your computer remotely without you even realizing it. "An attacker could install programs, view, edit or delete data; or create new accounts with full user rights," said the Center for Internet Security.

And this is possible if by bad luck you visit a page corrupted web. Google what does this technique mean to be used now? by several hackers.

For the time being, the American company has preferred not to divulge too much more technical information about the various flaws until users of its browser have yet to protect themselves "Access to the details of the flaws is restricted until a majority of users were able to install the update with a fix" explains Google in the report it publishes.

in any due diligence Google has deployed a security patch to plug the two safety branches. As a result, we listen massive users to install the security fix 78.0.3904.87 as soon as they can on different media such as Windows Linux or Mac. Users are even advised to consider activating the update automatic: "About Google Chrome" later check "Update Chrome automatically for all users.

as a reminder we can count the third time in less than 6 months that the American company, discovers a flaw. that's why it's asking its users to update its software to fill a security gap. moreover, it has not been mentioned anywhere that these security vulnerabilities Discovered, there is nothing to do with those discovered previously during the month of January or that of March that were so well filled by the Mountain View firm.

Now access an unlimited number of passwords:

Check out our hacking software

The Vietnamese student who was behind a dangerous Android adware

Thanks to the company's research cybersecurity specialist ESET, the person responsible for several malware which had infected terminals nearly 8 million times under the system Android, has finally been found.

In fact it was a Vietnamese student. He was located alive in Hanoi. apparently it would be the origin of about 42 Android apps that would have been downloaded from Google's official store, the Play Store. All the software he would have created has been installed about 8 million times. And they all contained, according to ESET experts, a strain of Android malware that they dubbed "Ashas" (for Android/AdDisplay.Ashas).

This article will also interest you: Apps on Google Play Store are starting to get infected with porn and malware

The cybersecurity company also pointed out that not all of these counted applications are highly aggressive advertising-type malware. Apparently the program would have been incorporated much later after the creation of its applications.

The publisher in question had decided to switch to the development of advertising application instead of this legitimate application that it had begun to develop. This is where the latter began to update its existing applications on the Play Store with the Ashas advertising program. And its program worked by allowing ads to be displayed on the screen across open apps.

But the cybersecurity company acknowledges that this young developer still did a good job. indeed it was able to hide the origins of the advertisements thus preventing it from being traced back. apparently the program works in such a way that the advertisements appeared 24 minutes after coming into contact with the infected app. In addition, the ads appear under the banner of other applications that suggest that it came from it. The cybersecurity company's investigation showed that since July 2018, the young programmer had managed to create and download these 42 apps from the Google Play Store accompanied by his Ashas program, 21 of which would still be in a position to be downloaded from Google's store. "We reported the apps to Google's security team and they were quickly removed (…) However, apps are still available in third-party app stores. »

What surprised the ESET team, however, was that the young student had not taken care to conceal his identity. which explains how did the company's experts locate it so easily. this is surely due to the fact that he first started publishing applications specific to him at a time when he had no intention of switching to illegality. As a result, he did not hide his identity before publishing it. and once the updates were initiated in order to introduce the malware code, it failed to make itself anonymous. it was already too late. and so the cybersecurity company to easily link the emails it had registered for advertising domains and other personal accounts on Github, Facebook and YouTube.

But beyond this, there is a good chance that there is no real legal problem against this young student. Indeed, it is rare for small advertising fraudsters to be prosecuted by the authorities who see this as a waste of time.

Now access an unlimited number of passwords:

Check out our hacking software