android malwareA new strain of malware specifically targets Android users is now available. It is simply called "Fakecalls" and boasts a new, powerful ability that we have never seen in malware. It can pretend to be calling your bank.

It looks very similar to most other Android banking apps. It's well-designed and resembles the banking software it is trying to imitate. It features a well-designed corporate logo as well as a number for customer support.

This is where the fun begins. This is the actual bank customer support number. However, when the user attempts call it, malware will disconnect the connection and display a fake screen that is almost identical to the real one.

The screen still shows the victim the genuine customer service number of the bank. It appears that nothing has changed. The connection is not made to a bank employee, but to the hacker who wrote the malicious code.

The representative will ask for sensitive information to verify the identity of the victim calling in. All the information collected will be used against you later.

There is a silver lining in this situation. It's the fact that it is currently only available in Korean. It is not often seen outside of South Korea. You may be able to see it if you do business there.

Kaspersky Lab says that the malware is only found on third-party sites, so it cannot penetrate the Google Play Store. Even if you are a South Korean businessperson, avoid downloading apps from third-party websites.

Even if you are not in Korea, malware is still a cybersecurity threat. Contact Integrated Technology Systems for help securing your network.

Some Android Devices may be vulnerable to Media File Security Vulnerability

android scamAre you using an Android phone? Are you using an Android device that is built around the MediaTek or Qualcomm chipsets? Check Point researchers have discovered a vulnerability that could expose your device to danger if you answered yes to both questions.

The flaw was found in the Apple Lossless Audio Codec (ALAC) implementation, which was open-sourced in 2011. This flaw could have allowed remote code execution on your device. Unfortunately, MediaTek and Qualcomm are the two largest chip makers in the world.

Qualcomm made a formal statement regarding the matter, but MediaTek didn't.

It is divided as follows:

Qualcomm Technologies is committed to providing technologies that protect privacy and cybersecurity. We applaud the industry-standard coordinated disclosure practices used by security researchers at Check Point Technologies. Qualcomm Technologies released patches in October 2021 for the ALAC audio coder issue that they disclosed. End users are encouraged to upgrade their devices when security updates become available.

You'll be fine if you don't have any security patches installed since December last year. Grab the latest version and install it as soon as possible. You should not open audio files from unknown sources until you have the patch installed. You can't be too careful.

Kudos to both Qualcomm (and MediaTek) for their quick action and sharp-eyed researchers at Check Point. This is how it works.

Cyber attacks are becoming more frequent. Do you have a disaster recovery plan? Integrated Technology Systems can develop a plan to keep your data safe.

Integrated Technology Systems
6 East 45th Street, Suite 400
New York, NY 10017