Millions of Android Phones Attacked
Google has taken increasingly sophisticated steps to keep malicious apps out of Google Play. But a new round of takedowns involving about 200 apps and more than 10 million potential victims shows that this longtime problem remains far from solved—and in this case, potentially cost users hundreds of millions of dollars.
Most non-Apple phones use the Android operating system.
Researchers from the mobile security firm Zimperium say the massive scamming campaign has plagued Android since November 2020. As is often the case, the attackers were able to sneak benign-looking apps like “Handy Translator Pro,” “Heart Rate and Pulse Tracker,” and “Bus – Metrolis 2021” into Google Play as fronts for something more sinister. After downloading one of the malicious apps, a victim would receive a flood of notifications, five an hour, that prompted them to “confirm” their phone number to claim a prize. The “prize” claim page loaded through an in-app browser, a common technique for keeping malicious indicators out of the code of the app itself. Once a user entered their digits, the attackers signed them up for a monthly recurring charge of about $42 through the premium SMS services feature of wireless bills. It’s a mechanism that normally lets you pay for digital services or, say, send money to a charity via text message. In this case, it went directly to crooks.
NSA Mobile Device Best Practices
Users of mobile devices desire to take full advantage of the features available on those devices. Many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information. The information contained in this document was developed in the course of NSA’s Cybersecurity mission.
Threats to mobile devices are more prevalent and increasing in scope and complexity.
DO NOT install new apps offered to you. If you want a new app, search for its developer and install from there.
Disable location services when not needed.
DO NOT bring the device with you to sensitive locations. Power the device off and on weekly.
DO NOT have sensitive conversations on personal devices, even if you think the content is generic.
DO NOT open unknown email attachments and links. Even legitimate senders can pass on malicious content accidently or as a result of being compromised or impersonated by a malicious actor. Unexpected pop-ups like this are usually malicious. If one appears, forcibly close all applications.
Only use original charging cords or charging accessories purchased from a trusted manufacturer.
DO NOT use public USB charging stations.
Never connect personal devices to government computers whether via physical connection, Wi-Fi, or Bluetooth®.
Update the device software and applications as soon as possible.
Consider using Biometrics (e.g., fingerprint, face) authentication for convenience to protect data of minimal sensitivity.
Use strong lock-screen pins/passwords: a 6-digit PIN is sufficient if the device wipes itself after 10 incorrect password attempts. PINs containing both numbers and letters, allowed on many phones, are very much more secure.
Set the device to lock automatically after 5 minutes.
Install a minimal number of applications and only ones from official application stores. Be cautious of the personal data entered into applications.
Close applications when not using.
DO NOT install TikTok.
DO NOT jailbreak or root the device.
Disable Bluetooth® when you are not using it. Airplane mode does not always disable Bluetooth®.
DO NOT connect to public Wi-Fi networks. Use your much safer 4G data connection instead.
Disable Wi-Fi when unneeded.
Delete unused Wi-Fi networks.
Maintain physical control of the device.
Avoid connecting to unknown removable media. Never connect a flash drive you find discarded.
Cover the camera when not using. Your camera may still be watching you.
DO NOT have sensitive conversations in the vicinity of mobile devices. Your microphone is often still listening.
Install Malwarebytes or Lookout security in your device.
Havana Syndrome: CIA attacked again
Havana syndrome first emerged in Cuba in 2016. The first cases were CIA officers, which meant they were kept secret. But eventually, word got out and anxiety spread. Twenty-six personnel and family members would report a wide variety of symptoms. There were whispers that some colleagues thought sufferers were crazy and it was “all in the mind”.
The mystery of Havana syndrome could be its real power. The ambiguity and fear it spreads act as a multiplier, making more and more people wonder if they are suffering, and making it harder for spies and diplomats to operate overseas. Five years on, reports now number in the hundreds and, the BBC has been told, span every continent, leaving a real impact on the US’s ability to operate overseas.
Uncovering the truth has now become a top US national security priority – one that an official has described as the most difficult intelligence challenge they have ever faced.
A member of CIA Director Bill Burns’ team experienced symptoms consistent with the elusive Havana Syndrome in a September 2021 trip to India.
The CIA has not commented on the incident, but sources familiar with the event said it was the second time in a month that a U.S. official exhibited symptoms related to the mysterious ailment.
The official traveling with Burns received immediate medical attention upon returning to the U.S., first reported CNN.
Last month, a trip to Vietnam for Vice President Kamala Harris was delayed after two U.S. personnel were believed to have experienced symptoms consistent with Havana Syndrome.
The condition first emerged in 2016 when 26 diplomats and their families in Havana, Cuba, reported unusual cases of dizziness, headache, fatigue, nausea, anxiety, cognitive difficulties, memory loss and even brain damage.
In the five years since the first reported cases, more than 200 incidents have been reported among diplomats and defense officials.
Cases have been also reported in Russia, China, Austria and Germany.
Both Russia and Vietnam have denied involvement in perpetuating the ailment.
The CIA launched a task force in December to investigate the cause of Havana Syndrome after scientists for the National Academies of Sciences, Engineering, and Medicine identified “directed, pulsed radio frequency (RF) energy” as the most likely cause of the mysterious condition.
The undercover official tapped with spearheading the agency’s search for Usama bin Laden will now lead the CIA’s effort in locating whether an individual or group is behind the ailment targeting U.S. officials abroad.
Dave Bunting, Oct. 4, 2021
See these columns on my blog: daverant.com