• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Kudos0

Symantec Discovery Leads to Malicious App That Steals Viber Photos and Videos

Researchers at Symantec have recently discovered a malicious app that can steal photos and videos from the popular instant messaging and VoIP app Viber. The malicious app, Beaver Gang Counter, which was available on Google Play, positions itself as a score-keeping app for a card game. Instead of helping you keep score, it secretly searches for the directories that Viber uses to store images and video files, which it then sends to a remote server.

This type of data could reveal host of personally identifiable information (PII). It is said that a photo is worth a thousand words, and in this case, these photos may be able to tell attackers information such as where and when the photo was taken. Not to mention any personally identifiable information that may be shown or said in these images. Whatever information is gleaned from the photos and videos can be used for criminal purposes, such as identity theft, blackmail, fraud, or pornography.

It was also found that the malicious app is using what is called time-delayed attacks in order to evade security measures. This means that the program does not engage in malicious activity right from the start, which is likely what allowed it to bypass Google’s security precautions and sneak onto the Google Play Store. Symantec alerted Google to this issue and the company has removed the app and its developer from the Google Play Store.

Figure 1. The Beaver Gang Counter app steals Viber media files

Symantec suspects that Viber was targeted because it is an extremely popular social media app with over 500 million installs on Google Play alone.

How to protect yourself from this threat:

  • Always keep your software up to date. Updating software fixes vulnerabilities that malware can sneak through.
  • Only download apps from trusted sources, such as official App stores like Google Play and iTunes.
  • Pay close attention to the permissions that apps request. If something doesn’t seem right, deny the permission and uninstall the app.
  • Install a suitable mobile security app, such as Norton, which detects this threat as Android.Vibleaker.
  • Make frequent backups of important and valuable data.

Comments

Kudos0

Windows-10, file sharing turned off, network discovery tool turned on, problem...every time

I log onto my computer or anyone else's using my Microsoft account, the network shows that

I have now connected to an unwanted device looks like a cell phone and it is not mine.

If I attempt to scan that device it disappears.

Kudos0

Examples of the intruder devices I think are hacking into my computer. 

Device                Mac address    
1) Phone E6710              24:5f:df:a7:56:9f 
 2) w7_tmo_us                88:c9:d0:d2:a9:9a

3) SOUL4NA_TMOUS    d0:9d:ab:25:95:e9

4) x5_spr_us                   0c:48:85:e1:74:cf
5) Sky                             00:03:aa:fb:0d:3c

6) e2nam_mpcs_u          34:fc:ef:b7:18:c9

7) P67T05                       8c:79:67:3a:89:69

8) e2nas_spr_us              50:55:27:e2:85:b4

Kudos0

How Can I block  the malware sites when browsing  on smart phone.