Nintendo seen extending profit streak as housebound consumers switch on

https://ift.tt/2SmcGDj

Facebook Reports 'Signs of Stability' in Ad Spending After Coronavirus Drop

Facebook beat analysts' estimates for quarterly revenue on Wednesday and said it has seen "signs of stability" for sales in April after a plunge in March, in yet another signal that tech giants may... https://ift.tt/3aVTuTC

Meet EventBot, a new Android malware that steals banking passwords and two-factor codes

Security researchers are sounding the alarm over a newly discovered Android malware that targets banking apps and cryptocurrency wallets.

The malware, which researchers at security firm Cybereason recently discovered and called EventBot, masquerades as a legitimate Android app — like Adobe Flash or Microsoft Word for Android — which abuses Android’s in-built accessibility features to obtain deep access to the device’s operating system.

Once installed — either by an unsuspecting user or by a malicious person with access to a victim’s phone — the EventBot-infected fake app quietly siphons off passwords for more than 200 banking and cryptocurrency apps — including PayPal, Coinbase, CapitalOne and HSBC — and intercepts and two-factor authentication text message codes.

With a victim’s password and two-factor code, the hackers can break into bank accounts, apps and wallets, and steal a victim’s funds.

“The developer behind Eventbot has invested a lot of time and resources into creating the code, and the level of sophistication and capabilities is really high,” Assaf Dahan, head of threat research at Cybereason, told TechCrunch.

The malware quietly records every tap and key press, and can read notifications from other installed apps, giving the hackers a window into what’s happening on a victim’s device.

Over time, the malware siphons off banking and cryptocurrency app passwords back to the hackers’ server.

The researchers said that EventBot remains a work in progress. Over a period of several weeks since its discovery in March, the researchers saw the malware iteratively update every few days to include new malicious features. At one point the malware’s creators improved the encryption scheme it uses to communicate with the hackers’ server, and included a new feature that can grab a user’s device lock code, likely to allow the malware to grant itself higher privileges to the victim’s device like payments and system settings.

But while the researchers are stumped as to who is behind the campaign, their research suggests the malware is brand new.

“Thus far, we haven’t observed clear cases of copy-paste or code reuse from other malware and it seems to have been written from scratch,” said Dahan.

Android malware is not new, but it’s on the rise. Hackers and malware operators have increasingly targeted mobile users because many device owners have their banking apps, social media, and other sensitive services on their device. Google has improved Android security in recent years by screening apps in its app store and proactively blocking third-party apps to cut down on malware — with mixed results. Many malicious apps have evaded Google’s detection.

Cybereason said it has not yet seen EventBot on Android’s app store or in active use in malware campaigns, limiting the exposure to potential victims — for now.

But the researchers said users should avoid untrusted apps from third-party sites and stores, many of which don’t screen their apps for malware.

Millions downloaded dozens of Android apps from Google Play that were infected with adware

All you need to know about government's Rs 1 crore 'Zoom challenge'

https://ift.tt/3cuiUJ1

Dozens of tracking apps for smartphones are being used or developed to help contain the pandemic, despite concerns about security, privacy, and effectiveness (New York Times)

New York Times:
Dozens of tracking apps for smartphones are being used or developed to help contain the pandemic, despite concerns about security, privacy, and effectiveness  —  Dozens of tracking apps for smartphones are being used or developed to help contain the coronavirus pandemic.

Facebook sees 'signs of stability' in ad spending after coronavirus drop

Facebook said advertising revenue was roughly flat in the first three weeks of April compared with the same period last year https://ift.tt/3f3MjM6 https://ift.tt/eA8V8J

Amazon.in, Snapdeal in US 'notorious' markets list

USTR annual list has 38 online markets and 34 physical markets that are reported to engage in or facilitate substantial trademark counterfeiting and copyright piracy https://ift.tt/3aQUZCr https://ift.tt/eA8V8J

Contactless payments, digital loans make kiranas open doors to fintech

Top fintech companies are rushing to tap into this new consumer trend, with several of them offering digital solutions to small merchants. https://ift.tt/2SiQytq https://ift.tt/eA8V8J

Researcher: major sites like Wish and Mailchimp were leaking email addresses to ads and analytics companies including Facebook and Twitter via URL query strings (Zach Edwards)

Zach Edwards:
Researcher: major sites like Wish and Mailchimp were leaking email addresses to ads and analytics companies including Facebook and Twitter via URL query strings  —  Breaches have been found on websites including Wish.com, JetBlue.com, Quibi.com, WashingtonPost.com, NGPVan.com and numerous other organizations...

Google introduces new rules for the Chrome Web Store to cut down on spammy extensions, says developers must comply by August 27 or extensions will be delisted (Catalin Cimpanu/ZDNet)

Catalin Cimpanu / ZDNet:
Google introduces new rules for the Chrome Web Store to cut down on spammy extensions, says developers must comply by August 27 or extensions will be delisted  —  Google plans to remove a bunch of garbage and useless Chrome extensions from the Web Store.  —  Google announced today new rules …

Govt makes Aarogya Setu app a must for its employees

Officials to attend office only when their app shows ‘safe’ or ‘low-risk’ status https://ift.tt/2ybS1Lq https://ift.tt/eA8V8J

Restaurateurs eye revamp as lockdown shutters eateries

40% restaurants face a permanent lockout; some entrepreneurs tweaking business models, selling DIY meal kits, attempting delivery https://ift.tt/3aR3qxk https://ift.tt/eA8V8J

Redmi Note 9, Mi Note 10 Lite Expected to Launch Today: Watch Live Stream

Xiaomi is all set to host its global launch event today, wherein it is expected to unveil the Redmi Note 9 and the Mi Note 10 Lite phones. The two phones have leaked on multiple occasions in the past,... https://ift.tt/3d4vPl1

Booking Holdings' Priceline, OpenTable, and Kayak, along with Blix and others, form the lobbying group App Coalition, touting independence from Apple and Google (Bloomberg)

Bloomberg:
Booking Holdings' Priceline, OpenTable, and Kayak, along with Blix and others, form the lobbying group App Coalition, touting independence from Apple and Google  —  - OpenTable, Priceline create new mobile application trade group  — Mobile apps have sparred with Google and Apple over policies

Reddit launches Start Chatting, a new tool that lets users start a chat room with up to seven randomly selected users within a subreddit (Karissa Bell/Engadget)

Karissa Bell / Engadget:
Reddit launches Start Chatting, a new tool that lets users start a chat room with up to seven randomly selected users within a subreddit  —  The “front page of the internet” is bringing back one of the web's oldest features: chat rooms.  Reddit company is introducing a new chat tool …