Information Security News
Researchers have detected a family of malicious apps, some that were available in Google Play, that contain malicious code capable of secretly rooting an estimated 90 percent of all Android phones.
In a recently published blog post, antivirus provider Trend Micro said that Godless, as the malware family has been dubbed, contains a collection of rooting exploits that works against virtually any device running Android 5.1 or earlier. That accounts for an estimated 90 percent of all Android devices. Members of the family have been found in a variety of app stores, including Google Play, and have been installed on more than 850,000 devices worldwide. Godless has struck hardest at users in India, Indonesia, and Thailand, but so far less than 2 percent of those infected are in the US.
Once an app with the malicious code is installed, it has the ability to pull from a vast repository of exploits to root the particular device it's running on. In that respect, the app functions something like the many available exploit kits that cause hacked websites to identify specific vulnerabilities in individual visitors' browsers and serve drive-by exploits. Trend Micro Mobile Threats Analyst Veo Zhang wrote:
by Andrew Cunningham
Apple has made encryption and user privacy a pillar of the iOS platform in recent years, but earlier this week, security researchers made a curious discovery: as reported by the MIT Technology Review, the operating system kernel in the iOS 10 betas released at WWDC last week is unencrypted. This makes it much easier to dig into the code and look for security flaws.
There was some speculation as to why Apple had done this or whether the company had even released an unencrypted kernel on purpose. After declining to comment initially, an Apple spokesperson confirmed to TechCrunch that the kernel had been left unencrypted on purpose but that user data continues to be encrypted as it normally is.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” the spokesperson said.