This year’s National Small Business Week is upon us, with 50 years of energy behind it. The occasion is sponsored by the US Small Business Association, celebrating how small businesses are critical to an economy of growth and job creation.
The mo…
Should you go mobile? Should you expand your retail business online? Should you build a website and do transactions? What does the Australian shopper want, really? The universal truth is that the entire world is moving digital, and cell phone usa…
FakeAV software is a type of scam using malware that intentionally misrepresents the security status of a computer and attempts to convince the user to purchase a full version of the software in order to remediate non-existing infections. Messages continue to pop up on the desktop until the payment is made or until the malware is removed. This type of fraud, which typically targets computers, began several years ago and has now become a household name. The scam has evolved over time and we are now seeing FakeAV threats making their way onto Android devices. One interesting variant we have come across, detected by Symantec as Android.Fakedefender, locks up the device just like Ransomware. Ransomware is another well-known type of malware that takes a computer hostage, by denying the user access to their files for example, until a payment/ransom is handed over.
Figure 1. Screenshot of FakeAV Android app
Once the malicious app has been installed, user experience varies as the app has compatibility issues with various devices. However, many users will not have the capability to uninstall the malicious app as the malware will attempt to prevent other apps from being launched. The threat will also change the settings of the operating system. In some cases users may not even be able to perform a factory data reset on the device and will be forced to do a hard reset which involves performing specific key combinations and/or connecting the device to a computer in order to perform a reset using software provided by the manufacturer. If they are lucky, some users may be able to perform a simple uninstall due to the fact that the app may crash when executed because of compatibility issues.
Please take a look at the following video to see how FakeAV can lock up a device.
<!–
By use of this code snippet, I agree to the Brightcove Publisher T and C
found at https://accounts.brightcove.com/en/terms-and-conditions/.
–><!–
By use of this code snippet, I agree to the Brightcove Publisher T and C
found at https://accounts.brightcove.com/en/terms-and-conditions/.
–>
We may soon see FakeAV on the Android platform increase to become a serious issue just like it did on computers. These threats may be difficult to get rid of once installed, so the key to staying protected against them is preventing them from getting on to your device in the first place. We recommend installing a security app, such as Norton Mobile Security or Symantec Mobile Security, on your device. Malicious apps can also be avoided by downloading and installing apps from trusted sources. For general safety tips for smartphones and tablets, please visit our Mobile Security website.
Symantec detects this malware as Android.Fakedefender.
When I was young, ‘Kick Me’ was a phrase that was scrawled on a piece of notebook paper and stuck to an unsuspecting kid’s backpack. These days, ’Kik me’ is a way to ask other people to message you on an application for your smartphone. Kik, advertised as the fast, simple, and personal smartphone messenger, is Read more…
Leadership training isn’t exclusive to adults. And in today’s online culture of “following” and digital profiles, it’s never too early to teach a child (aka digital native) how to think, act, communicate, and process information online with a leader’s perspective. Oh—and don’t get discouraged—they may roll their eyes when you start talking about lofty things Read more…
Leadership training isn’t exclusive to adults. And in today’s online culture of “following” and digital profiles, it’s never too early to teach a child (aka digital native) how to think, act, communicate, and process information online with a leader’s perspective. Oh—and don’t get discouraged—they may roll their eyes when you start talking about lofty things Read more…
On June 20, Anonymous will launch the #OpPetrol campaign. It was announced on May 11, shortly after the campaign called #OpUSA began.
These types of attacks are often similar, as we have seen in previous operations, and may include:
There are various ways attackers may target these organizations, including using tools like the LOIC (Low Orbit Ion Cannon) or phishing emails to trick recipients into revealing account login details.
Symantec advises organizations to be prepared for attacks in the coming days.
Organizations should monitor for unusual activities in their networks, particularly any attempts to breach the perimeters. Staff members should be specifically trained on social engineering mitigation tactics along with regular security awareness training. As always, we continue to stress the importance implementing a multi-layered approach to defense.
These recommendations apply to all organizations as best practices that should be carried out regularly as most attackers do not provide warnings in advance to targets.
James Bond is known for having it all: fast cars, the latest spy gizmo, and the smug smirk which lets the audience know that he’ll always come out on top in the end. Web developers can, at times, be a lot like Bond: they can buy fast cars and, thanks to their respective industries, take Read more…
When devices are lost or hacked and your data is exposed, not only is this a pain to deal with, but you could become a victim of identity theft. Not only do victims of identity theft suffer loss of time but they also lose money that may not be able to be recovered . In Read more…
JustSystems, developer of the Japanese word processor software called Ichitaro, recently announced a vulnerability (CVE-2013-3644) that has been exploited in the wild. Symantec has seen the exploitation being used in targeted attacks since May, but it…