PrimitiveType

Web Developer News

Slashdot.org News Recent news from Slashdot.org

Google Play Malware Used Phones' Motion Sensors To Conceal Itself
 
An anonymous reader quotes a report from Ars Technica: Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected device before installing a powerful banking trojan to make sure it doesn't load on emulators researchers use to detect attacks. The thinking behind the monitoring is that sensors in real end-user devices will record motion as people use them. By contrast, emulators used by security researchers -- and possibly Google employees screening apps submitted to Play -- are less likely to use sensors. Two Google Play apps recently caught dropping the Anubis banking malware on infected devices would activate the payload only when motion was detected first. Otherwise, the trojan would remain dormant. Security firm Trend Micro found the motion-activated dropper in two apps -- BatterySaverMobi, which had about 5,000 downloads, and Currency Converter, which had an unknown number of downloads. Google removed them once it learned they were malicious. The motion detection wasn't the only clever feature of the malicious apps. Once one of the apps installed Anubis on a device, the dropper used requests and responses over Twitter and Telegram to locate the required command and control server. Once Anubis was installed, it used a built-in keylogger that can steal users' account credentials. The malware can also obtain credentials by taking screenshots of the infected users' screen.

Read more of this story at Slashdot.


Collection 1 Data Breach Exposes More Than 772 Million Email Addresses
 
A collection of almost 773 million unique email addresses and just under 22 million unique passwords were exposed on cloud service MEGA. Security researcher Troy Hunt said the collection of data, dubbed Collection #1, totaled over 12,000 separate files and more than 87GB of data. ZDNet reports: "What I can say is that my own personal data is in there and it's accurate; right email address and a password I used many years ago," Hunt wrote. "In short, if you're in this breach, one or more passwords you've previously used are floating around for others to see." Some passwords, including his own, have been "dehashed", that is converted back to plain text. Hunt said he gained the information after multiple people reached out to him with concerns over the data on MEGA, with the Collection #1 dump also being discussed on a hacking forum. "The post on the forum referenced 'a collection of 2000+ dehashed databases and Combos stored by topic' and provided a directory listing of 2,890 of the files," Hunt wrote. The collection has since been removed. You can visit Hunt's Have I Been Pwned service to see if you are affected by this breach.

Read more of this story at Slashdot.


Google's Transition To 64-Bit Apps Begins in August, 32-Bit Support To End in 2021
 
In a bid to deliver better software experience on devices powered by 64-bit processors in the coming years, Google aims to shift Android towards a 64-bit app ecosystem. From a report: The company has now shed more light on the transition and has announced that developers will have to submit a 64-bit version of their Android apps starting August this year. This move will eventually culminate in a universal implementation of the 64-bit app policy that will be enforced in 2021, after which, Google will no longer host 32-bit apps on the Play Store accessed on a device based on 64-bit hardware. Google announced the move towards 64-bit apps in 2017, claiming that apps with 64-bit code offer significantly better performance. However, the search giant did not provide any details regarding the exceptions to the new rule or when the Play Store will cease to serve 32-bit apps. Google has now revealed that starting August 1 this year, developers must submit 64-bit versions of all new apps and app updates, alongside the old 32-bit versions prior to their publishing from the Play Store.

Read more of this story at Slashdot.


InternetNews.com News Recent news from InternetNews.com

IT Earnings Way Up at Job Site Elance
 
Google App Engine, HTML5, search engine optimization and social media marketing are among the fastest movers on Elance's list of hot job opportunities available online.

Say What? The Week's Top Five IT Quotes
 
Google Wave crashes, fighting to keep mainframe skills alive, beware the Outernet and more.

GPL Enforcement Notches Another Victory
 
The license at the heart of many open source projects is amassing a winning record when it comes to successfully pursuing enforcement lawsuits.