Friday, February 26, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Android app promised to serve news updates, served ESET with a DDoS attack instead

May 12, 2020
in Internet Security
Android app promised to serve news updates, served ESET with a DDoS attack instead
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

ESET has been forced to fend off a DDoS attack facilitated by a malicious news app hosted in the Google Play Store. 

On Monday, ESET researcher Lukas Stefanko described how the app, named “Updates for Android,” promised users a free daily news feed. The app appeared to gather good reviews with an overall score of 4.3, but secretly, the software was creating a bot of slave devices in order to launch Distributed Denial-of-Service (DDoS) attacks. 

You might also like

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

This chart shows the connections between cybercrime groups

Spy agency: Artificial intelligence is already a vital part of our missions

First uploaded to Google Play on September 9, 2019, the Android app proved popular and accounted for over 50,000 installs at its peak. 


ESET

Updates for Android posed as legitimate software by offering some news feeds and only introduced functionality that could be abused for malicious purposes in its most recent update. 

“We don’t know how many instances of the app were installed after the update or were updated to the malicious version,” ESET noted. 

See also: Logistics giant Toll Group hit by ransomware for the second time in three months

The functionality in question is the “ability to load JavaScript from an attacker-controlled server and execute it on the user device,” according to the researchers. As this feature was a late addition and only appeared two weeks before the attack, the team says this explains why the app managed to circumvent Google Play’s security controls. 

Following its update, the malicious app pinged a command-and-control (C2) server belonging to its operator for commands every 150 minutes. The ID of each device with an active install of the app was also forwarded to the server. 

ESET says the app was able to display ads in the mobile device’s default browser — going beyond the standard in-app ads, potentially for the purpose of ad fraud — as well as hide its icon and execute arbitrary JavaScript supplied by the C2.

It was a JavaScript command that was used for the DDoS attack on ESET’s website, leading to a flood of inauthentic traffic. 

The DDoS attack launched against the eset.com website took place in January this year. The cybersecurity firm says that the DDoS assault lasted for roughly seven hours using over 4,000 unique IP addresses, with thousands of instances originating from active Updates for Android installations. 

CNET: COVID-19 could set a new norm for surveillance and privacy

Only a small number of user devices appear to have been involved in the DDoS attack against the cybersecurity firm. However, ESET says that tracking the C2 revealed other scripts being served in attacks against e-commerce and news websites — many of which are based in Turkey. 

ESET tracked the source of the DDoS and informed Google of its findings. The app has now been removed from Google Play. 

TechRepublic: Kaspersky: 73% of workers have received no cybersecurity guidance

“Detecting this kind of malicious functionality is not easy, as the very same technique (of course, without any malicious JavaScript being loaded) is used by dozens of legitimate Android software development kits and frameworks,” the researchers noted. “This means that any plain detection based on such code would result in lots of false positives.”

Updates for Android has a corresponding website, i-updater[.]com, which remains active as the domain itself is not malicious and, therefore, there are no current grounds for a takedown request. The malicious app is also still available on third-party, unofficial app stores.

ZDNet has reached out to Google and will update when we hear back. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

Covid-19: Epidemiological Models vs. Statistical Models

Next Post

Twitter adds former Google VP and AI guru Fei-Fei Li to board

Related Posts

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe
Internet Security

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

February 26, 2021
This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Spy agency: Artificial intelligence is already a vital part of our missions
Internet Security

Spy agency: Artificial intelligence is already a vital part of our missions

February 26, 2021
Chinese cyberspies targeted Tibetans with a malicious Firefox add-on
Internet Security

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

February 26, 2021
SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

February 26, 2021
Next Post
Twitter adds former Google VP and AI guru Fei-Fei Li to board

Twitter adds former Google VP and AI guru Fei-Fei Li to board

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe
Internet Security

Attorney-General urged to produce facts on US law enforcement access to COVIDSafe

February 26, 2021
Machine Learning & Big Data Analytics Education Market: Soaring Demand Assures Motivated Revenue Share During 2020-2030 – KSU
Machine Learning

Machine Learning & Big Data Analytics Education Market: Soaring Demand Assures Motivated Revenue Share During 2020-2030 – KSU

February 26, 2021
This chart shows the connections between cybercrime groups
Internet Security

This chart shows the connections between cybercrime groups

February 26, 2021
Basic laws of physics spruce up machine learning
Machine Learning

New machine learning tool facilitates analysis of health information, clinical forecasting

February 26, 2021
Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal
Neural Networks

Creative Destruction and Godlike Technology in the 21st Century | by Madhav Kunal

February 26, 2021
Spy agency: Artificial intelligence is already a vital part of our missions
Internet Security

Spy agency: Artificial intelligence is already a vital part of our missions

February 26, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Attorney-General urged to produce facts on US law enforcement access to COVIDSafe February 26, 2021
  • Machine Learning & Big Data Analytics Education Market: Soaring Demand Assures Motivated Revenue Share During 2020-2030 – KSU February 26, 2021
  • This chart shows the connections between cybercrime groups February 26, 2021
  • New machine learning tool facilitates analysis of health information, clinical forecasting February 26, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates