Skip to main content

Malicious Gaming App Infects More than 1 Million Android Users 2015




Hacking News Of 2015

android-malware-game
It's not at all surprising that the Google Play Store is surrounded by a number of malicious applications that may gain users' attention to fall victim for one, but this time it might be even worse than you thought.

Threat researchers from security firm ESET have discovered a malicious Facebook-Credentials-Stealing Trojan masquerading as an Android game that has been downloaded by more than a Million Android users.

Malicious Android Apps downloaded 50,000-1,000,000 times


The Android game, dubbed "Cowboy Adventure," and another malicious game, dubbed "Jump Chess" – downloaded up to 50,000 times, have since been removed from Google Play Store.
However, before taking them off from the app store, the creepy game apps may have compromised anunknown number of victims' Facebook credentials.

Both the games were created by the same software developer, Tinker Studio and both were used to gather social media credentials from unsuspecting users.

How Cowboy Adventure victimizes Android users?


Once installed, Cowboy Adventure produced a fake Facebook login window that prompted users to enter their Facebook usernames along with their passwords. A practice known as OAuth in which a 3rd party asks your Facebook login.

However, if users provide their credentials to Cowboy Adventure app, the malicious code within the game app allegedly sent their credentials to the attacker's server.
Therefore, If you have downloaded Cowboy Adventure or Jump Chess, you should immediately change not alone your Facebook password, but any service that uses the same combination of username and password as your Facebook account.

ESET senior security researcher Robert Lipovsky believes that the app malicious behavior is not just a careless mistake of the game developer, but the developer is actually a criminal minded.

Take Away


A few basic tips that you should always keep in your mind are:
  • Always download apps from official sources, such as Google Play Store or Apple's App Store.
  • Read reviews from other users before downloading an app (Many users complained about "Cowboy Adventure" that the game locked them out of Facebook accounts).
  • Always use two-factor authentication on services that makes it harder for hackers to access your accounts with just your password.
  • Always keep a malware scanning software from trusted vendors like Avast, AVG, ESET, Kaspersky and Bitdefender, on your smartphone.
Labels:

Comments

Post a Comment

Popular Posts

Create Your Own Social Networking Site

Create Your Own Social Networking Site JCOW: Ethical Hacking Top 10 reasons to choose Jcow:- 1. Handle more traffic - Clean codes and Dynamic caching can lower the CPU load and  speed up your website. 2 Make your site more interactive - Well designed Jcow applications help you members to connect and communicate with others more effectively. 3 Add questions to the Registration Form - You can add new member fields, which will be displayed to the registration form, profile form, and the member browsing form. 4 Easily share stuff - Within the AJAX sharing Box, your members can publish status,  photos, videos, and blogs. 5 Customize and Extend your Jcow Network - A Jcow network consists of core apps(like "Friends" and "Messages") and optional apps(like "Blogs" and ""Videos"). You can enable/disable optional apps. You can also develop your own apps. 6 Every profile could be Unique - Members can customize their own profile theme and  add music play...
Post a Comment
Read more

WRITE "I LOVE YOU" ON CMD BY USING NOTEPAD

I had previously posted about   Matrix effect   using Notepad   as well as cool batch file  programs. In this post i will share with you guys  the cool and awesome  Notepad Tricks .  As name suggest you don't require any program other then Notepad.  So lets get started. 1. Open  Notepad   and copy below code. @echo off color 0A :A echo IIIIIII     L      OOOOOO V           V  EEEEEE     Y       Y  OOOOOO  U     U  ping -a .9 >nul echo    I        L      O    O  V         V   E           Y     Y   O    O  U     U  ping -b .9 >nul  echo    I        L      O    O   V       V    E   ...
1 comment
Read more

HL7V2.x to HL7V3.0 Translation Issues Details-2

In continuation of my previous post this post lists the other issues associated with HL7 v2.x to HL7v3 translation Conformance Patterns: The other major issue with the transformation of messages is the behavior of application when a particular information exchange takes place. In HL7V3.0 apart from the trigger events and interactions there exists the notion of application role as senders and receivers. The application role is characterized as the entire set of interactions for which the sender and receiver are responsible for transmitting. HL7V3.0 clearly defines the possible interactions and the application behavior associated these interactions in the form of responses for which the sender and receiver needs to adhere to. The differences in messages between V2.x and V3.0 and absence of clear guidance on V2.x regarding application behavior on receipt of message makes the transformation exercise more difficult. Vocabulary: It is a well known fact that 80% of HL7 V2.x message failu...
Post a Comment
Read more