DarkNavy did not respond to requests for clarification. In fact, the researchers took care to redact the name of the app from multiple code screenshots published in their writeup. 28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove.ĭarkNavy likewise did not name the app they said was responsible for the attacks. The highly technical writeup also did not name the malicious app in question. Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones. Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the software. The NCA campaign comes closely on the heels of an international law enforcement takedown involving four-dozen websites that made powerful DDoS attacks a point-and-click operation. “Going forward, people who wish to use these services can’t be sure who is actually behind them, so why take the risk?” the NCA announcement continues. The NCA says hiring or launching attacks designed to knock websites or users offline is punishable in the UK under the Computer Misuse Act 1990. The NCA declined to say how many phony booter sites it had set up, or for how long they have been running.
Information relating to those based overseas is being passed to international law enforcement.” “Users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cyber crime.
“However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators,” reads an NCA advisory on the program. The NCA says all of its fake so-called “booter” or “stresser” sites - which have so far been accessed by several thousand people - have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks. The warning displayed to users on one of the NCA’s fake booter sites.
0 kommentar(er)
