Cybersecurity researchers warn of a 500% surge in mobile cyberattacks as hackers try to steal passwords, bank details and even take full control of smartphones. There's been a surge in mobile malware attacks as cybercriminals ramp up their attempts to deliver malicious text messages and applications to users in order to steal sensitive information including passwords and bank details. Cybersecurity researchers at Proofpoint say they detected a 500% jump in attempted mobile malware attacks during the first few months of 2022, with significant peaks at the beginning and end of February. The main aim of a substantial proportion of mobile malware is to steal usernames and passwords for email or bank accounts, but many forms of mobile malware are also equipped with invasive snooping capabilities to record audio and video, track your location, or even wipe your content and data. As mobile malware evolves, more attacks are employing these advanced capabilities. Both Apple and Android smartphones are targets for cybercriminals, but researchers note that the more open nature of the Android marketplace and the ability to download apps from third-party app stores make devices using Google's operating system more vulnerable to being compromised. Users of both Apple and Android smartphones can also find themselves the victim of SMS phishing (smishing) attacks, which see text messages sent to users containing links designed to trick them into entering their bank details or login credentials into a fake website for cybercriminals to see and steal. Common lures include fake missed delivery notifications and fake alerts related to the COVID-19 pandemic. One of the most notorious forms of mobile malware is FluBot, which has been active since November 2020 and is designed to steal usernames and passwords from banks and other sites the user visits. What makes FluBot so potent is that it's also [color=blue[equipped with a worm-like ability to spread itself[/color] by accessing the infected user's address book and sending SMS messages to their friends. It's this ability to virtually spread itself which is why it's been dubbed FluBot. Another form of mobile malware causing problems for smartphone users is TangleBot. Described as "powerful but elusive," TangleBot first appeared in 2021 and is delivered mainly via fake package-delivery notifications. In addition to being able to steal sensitive information and control devices, TangleBot can overlay other mobile apps and intercept camera footage and audio recordings. Other mobile threats detailed by Proofpoint include Moghau, which is SMS-based malware that deploys multi-lingual attacks to target users around the world with fake landing pages based on their country and which is designed to trick victims into downloading trojan malware. Meanwhile, TianySpy is malware that infects both Apple and Android users by spreading messages that claim to come from the victim's mobile network operator. While the number of detected mobile attacks has declined since the surge last month, mobile malware is still a threat to users – but researchers warn that many people aren't aware of the potential danger posed by phishing or malware attacks targeting smartphones. Researchers recommend that users should be wary of any unexpected or unrequested messages containing links or requests for data. Follow this thread on OUR FORUM.

The security world has been abuzz this week about a new Linux exploit called “Dirty Pipe,” which also affects Android 12 devices like Galaxy S22 and Pixel 6. Here’s everything you need to know about “Dirty Pipe,” which devices it affects, and how best to avoid it. Recently disclosed by Max Kellermann as vulnerability CVE-2022-0847, “Dirty Pipe” is a security exploit in select recent versions of the Linux kernel. (The kernel is the core of an operating system, often acting as the go-between from applications to your actual hardware.) In short, any application that can read files on your phone/computer — permission many Android apps ask for — can potentially mess with your files or run malicious code. On desktop/laptop versions of Linux, this has already been shown to be easily able to get admin privileges. Broadly speaking, “Dirty Pipe” affects Linux-powered devices — which includes everything from Android phones and Chromebooks to Google Home devices like the Chromecasts, speakers, and displays. More specifically, the bug was introduced with Linux kernel version 5.8, released in 2020, and remained present in future releases. On the Android side of things, as noted by Ars Technica‘s Ron Amadeo, the damage potential of “Dirty Pipe” is far more limited. Most Android devices actually use an older version of the Linux kernel, unaffected by the exploit. Only devices that started their lives on Android 12 have a chance of being affected. Unfortunately, that means Android phones like the Google Pixel 6 series and Samsung Galaxy S22 series are both potentially at risk from “Dirty Pipe.” In fact, the developer who originally discovered the exploit was able to reproduce it on a Pixel 6 and reported it to Google. The easiest way to check whether your device is affected is to view your Linux kernel version. To do so, open the Settings app, open “About phone,” tap “Android version,” then look for “Kernel version.” If you see a version higher than 5.8 — and if Google hasn’t yet released a security patch — then your device is potentially at risk from the “Dirty Pipe” exploit. As of now, there are no known instances of the “Dirty Pipe” exploit being abused to gain control over a phone or computer. That said, quite a few developers have shown proof of concept examples of how easily “Dirty Pipe” can be used. It’s surely only a matter of time before “Dirty Pipe”-based exploits begin appearing in the wild. In addition to originally uncovering the “Dirty Pipe” exploit, Kellermann was also able to identify how to fix it and submitted a fix to the Linux kernel project shortly after disclosing it privately. Two days later, newer builds of supported versions of the Linux kernel were released to include the fix. As previously mentioned, the “Dirty Pipe” exploit was also reported to Google’s Android Security Team in late February. Within days, Kellermann’s fix was added to Android source code, ensuring that future builds would be secure. The Chrome OS team followed suit in picking up the fix on March 7, with the fix seemingly poised to roll out potentially as a mid-cycle update to Chrome OS 99. The full article is posted on OUR FORUM.