When Angry Birds Attack: Android Edition

It’s been about six months since I reported a vulnerability in the
Android mobile platform that allowed the unprompted installation of
arbitrary applications with arbitrary permissions on a victim’s device.
While the vulnerability has long been fixed on Android handsets around
the world, I’ve yet to write up any technical details about it, and it’s
unlikely you’ve heard of it unless you were present at our ShmooCon presentation earlier this year. So without further ado, let’s dive into “When Angry Birds attack: Android edition.”

Adobe Ships Emergency Fix for Flash Bug

Adobe has released an out-of-cycle update for Flash that fixes a serious vulnerability in the application on all platforms. The bug is a cross-site scripting flaw that can be used in drive-by download attacks and Adobe said that is being used in some targeted attacks right now.

A Rocky Road Ahead for Apple On Security

Computer security experts have been forecasting the arrival of malicious programs that target Apple’s products for so long that they had begun to sound like the kind of Rapturistas and Mayan Calendar sleuths that we all (smartly) ignore. But if May didn’t bring Harold Camping’s Judgement Day, as predicted
(Update: its now October 21st, y’all!), it did prove those Apple
doomsayers correct as real Mac-focused crimeware and rogue antivirus
appeared in the wild.


The group behind the TDSS rootkit has developed a new method for getting the pernicious malware onto as many machines as possible: a worm-like, self-propagating loader. The new mechanism has the ability not only to install new copies of the rootkit on PCs, but also set up its own DHCP server on a network and force machines to connect to a malicious remote DNS server.

The security woes for Sony are continuing unabated, and the latest entry in the laundry list of attacks against the company came Thursday when a group of hackers posted a large amount of data that it stole from databases belonging to Sony Pictures and a couple of other subsidiaries.

The release of the International Strategy for Cyberspace late last month marked a major shift in the way that United States officials think about and treat information security, which now seems as if it will have a place at the table during diplomatic discussions. However, experts and U.S. officials say that there still is quite a lot of road ahead if security is to become one of the country’s top priorities.

ED: Gmail Hackers Conned Victims for MonthsDEK: An independent security researcher says that victims of the account takeovers were repeatedly phished over almost a year by attackers believed to be located in China. An independent security researcher who was among the first to investigate a large scale phishing attack aimed at U.S. government and military personnel says that attackers controlled victim accounts for months and repeatedly phished victims during that time. Mila Parkour, a Washington D.C. based independent says that victims of the account takeovers were repeatedly phished over almost a year by attackers believed to be located in China. Victims of the attack included government and military personnel in the U.S. and Asian nations, as well as human rights activists and journalists in China and elsewhere, Google said on Wednesday. According to Parkour, the group or individuals responsible for the attack controlled those accounts for more than a year and repeatedly targeted both the legitimate account owner and his or her associates during that time. The attackers used spoofed e-mail addresses and information harvested from the victims’ accounts to engage in “mini conversations” with their victims, Parkour said. “They used personal knowledge for some phishes…they were very persistent and invasive,” she said. Among other things, the attackers continued to try to harvest online credentials from victims – user names and passwords – using the same technique they used, successfully, to gain access to- and control over the users gmail account. “They would send a new message with the same type (of) password harvesting technique. Sometimes even the same message sometimes (a) new (message),” said Parkour, who described herself as a IT administrator who researches malicious programs as a hobby. Google said in a blog post on Wednesday that it had disrupted the campaign, which it traced to  Jinan, China. The campaign affected hundreds of Gmail users, using malware and phishing attacks to harvest user login credentials. The campaign appears to have been designed to monitor the content of users’ email correspondence.An independent security researcher who was among the first to investigate a large scale phishing attack aimed at U.S. government and military personnel says that attackers controlled victim accounts for months and repeatedly phished victims during that time.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.