CyberSecurity news

FlagThis - #mobilesecurity

@The DefendOps Diaries //
A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, raising significant cybersecurity concerns. This sophisticated malware, initially identified in 2016, has evolved to embed itself deeply into the Android system framework, making it difficult for users to detect or remove. Discovered on counterfeit versions of popular smartphone models sold at discounted prices through online stores, Triada poses a severe threat as it can steal user data immediately after device setup.

Triada's capabilities include stealing user data, such as social media and messenger accounts, and manipulating cryptocurrency transactions by replacing wallet addresses. The malware can also falsify caller IDs, monitor browser activity, and even activate premium SMS services. Experts warn that this new version infiltrates the device at the firmware level, indicating a compromised supply chain and urging users to exercise caution and purchase Android devices from reputable sources.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • bsky.app: A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up.
  • BleepingComputer: A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up.
  • The DefendOps Diaries: Explore the threat of Triada malware in counterfeit Android devices and learn how to protect against this sophisticated cyber threat.
  • BleepingComputer: A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up.
  • www.it-daily.net: Triada Trojan discovered on counterfeit Android smartphones
  • PCMag UK security: Counterfeit Android Phones Preloaded With a Special Surprise: Malware
Classification:
Zimperium@Zimperium //
Zimperium, a mobile security firm, has issued a warning about the persistent and evolving threat that rooted and jailbroken mobile devices pose to enterprises. Their recent report highlights that these compromised devices, which bypass security protocols, make organizations increasingly vulnerable to mobile malware, data breaches, and full system compromises. According to Zimperium's research, rooted Android devices are significantly more susceptible to security incidents, with a 3.5 times greater likelihood of malware attacks and a staggering 250 times higher risk of system compromise.

Rooting and jailbreaking, initially used for device customization, grant users full control but remove crucial security protections. This allows the installation of apps from unverified sources, disabling security features, and modifying system files, making them prime targets for cybercriminals. Hackers are continuously developing sophisticated toolkits, such as Magisk and APatch, to hide their presence and evade detection. These tools employ techniques like "systemless" rooting and on-the-fly kernel memory modification, making it increasingly difficult for cybersecurity researchers to identify compromised devices before they inflict damage, emphasizing the need for constant monitoring and updated security measures.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • hackread.com: A new Zimperium report reveals that rooted Android phones and jailbroken iOS devices face growing threats, with advanced toolkits making detection nearly impossible for cybersecurity researchers.
  • www.scworld.com: Rooted, jailbroken mobile devices pose security risk to organizations
  • Zimperium: Zimperium warns that mobile rooting and jailbreaking remain a persistent and evolving threat to enterprises worldwide. The post appeared first on .
  • ai-techpark.com: AI-TechPark : Zimperium Warns of Ongoing Threats from Rooting, Jailbreaking
Classification: