Friday 14 April 2017

Android Trojan Targeting Over 420 Banks So Beware And Must Read

1 comment
android banking malware
Thanx To THN
Do you like watching funny videos online ?

I love watching funny videos clips online, and this is one of the best things that people can do in their spare time.

But, beware if you have installed a funny video app from Google Play Store.

A security researcher has discovered a new variant of the infamous Android banking Trojan hiding in apps under different names, such as Funny Videos 2017, on Google Play Store.

Niels Croese, the security researcher at Securify B.V firm, analyzed the Funny Videos app that has 1,000 to 5,000 installs and found that the app acts like any of the regular video applications on Play Store, but in the background, it targets victims from banks around the world.

This newly discovered banking Trojan works like any other banking malware, but two things that makes it different from others are — its capability to target victims and use of DexProtector tool to obfuscate the app's code.

Dubbed BankBot, the banking trojan targets customers of more than 420 banks around the world, including Citibank, ING, and some new Dutch banks, like ABN, Rabobank, ASN, Regiobank, and Binck, among many others.

How Android Banking Trojan Works

In a nutshell, BankBot is mobile banking malware that looks like a simple app and once installed, allows users to watch funny videos, but in the background, the app can intercept SMS and display overlays to steal banking information.

Mobile banking trojan often disguises itself as a plugin app, like Flash, or an adult content app, but this app made its way to Google Play Store by disguising itself as any other regular Android app.

Google has removed this malicious app from its Play Store after receiving the report from the researcher, but this does not mean that more such apps do not exist there with different names.

"Another problem is that Google [Play Store] mainly relies on automated scanning without a full understanding of the current obfuscation vectors resulting in banking malware on the Google Play Store." researcher told The Hacker News.
Once downloaded, the app persistently requests administrative rights, and if granted, the banking malware can control everything that's happening on an infected smartphone.

The BankBot springs into action when the victim opens any of the mobile apps from a pre-configured list of 425 banking apps. A complete list of banks a BankBot variant is currently imitating can be found on the blog post published by the researcher.

Once one of the listed apps is opened, BankBot immediately displays an overlay, which is a page on the top of legitimate mobile banking app and tricks Android users entering their banking credentials into the overlay, just like a phishing attack.

This will not only sends your banking credentials to your bank’s servers but also sends your financial credentials to the server controlled by fraudsters.

This social engineering technique is often used by financially motivated criminals to deceive users into giving up their personal details and sensitive banking information to fraudsters.

How to protect yourself?

There are standard protection measures you need to follow to remain unaffected:

  • Install a good antivirus app that can detect and block such malware before it can infect your device. Always keep the app up-to-date.
  • Always stick to trusted sources, like Google play Store and the Apple App Store, and verify app permissions before installing apps. If any app is asking more than what it is meant for, just do not install it.
  • Do not download apps from third party source. Although in this case, the app is being distributed through the official Play Store, most often such malware are distributed via untrusted third-party app stores.
  • Avoid unknown and unsecured Wi-Fi hotspots and Keep your Wi-Fi turned OFF when not in use.
  • Be careful which apps you give administrative rights to. Admin rights are powerful and can give an app full control of your device.
  • Never click on links in SMS or MMS sent to your mobile phone. Even if the email looks legit, go directly to the website of origin and verify any possible updates.

Read More

Wednesday 12 April 2017

Hacking Clash Of Clans ? SSS vs CSS Explained In Hindi

TechGyan In Hindi (Hax4Us)
Namaskar Dosto , Me Devil Aapka Sabhi Ka Welcome Karta Hu...

To dosto Jesa ki aap Sabhi jante hai ki CLASH OF CLANS ek popular game and har koi ise hack karna chahta ya iska mod app install karna chahta hai.

Muje daily ye question sunne ko milta hai ki bhai CLASH OF CLANS kese hack kare ya iska moded version kese install kare ?

To Kya Ye Possible Hai ?


Dosto iss game ke baare me mene puri detail nikali and research kari ki kya ye hack ho skta hai ya iska moded app create ho sakta dosto me aapko batadu ki ye possible nahi hai....

Possible kyo nahi hai ?

Dosto Ye Janne ke liye sabse pehle aap ye janiye ki ....

Server Side Scripting (SSS) & Client Side Scripting Kya Hai

Client Side Scripting

Dosto client side scripting esi coding hai Jo direct client load and execute kar sakta hai..

In this case , aap meri site pe ye article pad rahe ho to aap koi browser use kar rahe honge like UC Browser ,Chrome Ya Opera etc ...

To Dosto ye browser kya hai..?

Yahi client hai . Means Client vo machine ya application hai Jo service request dete hai and service ka use karte hai. Ab browsers kya karte hai ?

Browsers HTML service use karte hai or Hume websites open karne me help karte hai ...means browser is a client .

ab site ya to client side script use karti hai ya server side script..

Client side script ka ek example Hai JAVA Script ...Ye language browser easily load and interept kar sakta hai but jab hum baat karte hai php ki to ...

Browser php language ko na to load kar sakta hai or na hi execute because php ek server side language hai...

Simply client side scripting wali website ko aap ek baar load hone ke baad offline bhi access kar sakte hai...

Means Aap kisi or ki site ko edit ya modify bhi kar sakte hai..

Server Side Scripting

Server Side Language Like Php Ko load and execute karna browser ki bss ki baat nahi hai but frr bhi aap php sites open kar sakte ho

Dosto because Jo php site aapne open kari hai vo sabse pehle server pe load hoti hai then vo HTML me convert hoti hai and browser pe serve hoti hai...

Now Ab jante hai ki clash of clans ka isse kya relation hai..?

Clash Of Clans Ek Online Server Side Game Hai ....Means Aap Jo bhi action lete ho uska reaction depend karta hai server pe...

Agar aapka action kisi bhi type se illegal ya unusual lagta to game ka server Jo ki database par based hai , Aapke account ko block or banned kar dega...(according to policy of COC)

Ab agar COC ko kisi or game jese subway surfer se compare kare to hum easily samaj sakte hai ki kyo subway surfer ka modded app hai but coc ka nahi..

Subway surfer ek offline game hai means agar aap usme koi bhi modifications karte hai to uske baare me USS game ki development company ko kuch pata ni chalega.

But yahi agar aap coc me koi modifications karte hai to aap jese hi apna game run Karenge to game ka server aapki saari details apne database se compare and check karega agar server ko kahi bhi unusual activity lagti hai to vo Aapke account ko block ya banned kar dega ....

But Haan It is true that anything can be possible...

But dosto coc ko Hack karne ke liye uske app me change karne se kuch nahi hone wala because ye ek server side game hai server side languages ka use karta hai means aapki har activity ko Check kia jata hai ...

But in future agar kabhi coc hack hota hai to vo only tabhi possible hoga jab uski app ko nahi uske server ko hack kia jaye.

Thank You Guys , I hope ki aapke saare doubt clear ho gye honge agar ab abhi koi doubt ho to aap comment me ya muje message bhi kar sakte hai..

Read More

Wednesday 5 April 2017

Update Your Apple Devices to iOS 10.3.1 to Avoid Being Hacked Over Wi-Fi

Leave a Comment
Less than a week after Apple released iOS 10.3 with over 100 bug fixes and security enhancements; the company has just pushed an emergency patch update – iOS 10.3.1 – to addresses a few critical vulnerabilities, one of which could allow hackers to "execute arbitrary code on the Wi-Fi chip."

The vulnerability, identified as CVE-2017-6975, was discovered by Google's Project Zero staffer Gal Beniamini, who noted on Twitter that more information about the flaw would be provided tomorrow.

Apple also did not provide any technical details on the flaw, but urged Apple iPhone, iPad and iPod Touch users to update their devices as soon a possible.

Apple describes the issue as a stack buffer overflow vulnerability, which the company addressed by improving the input validation.

A stack buffer overflow flaw occurs when the execution stack grows beyond the memory that is reserved for it, allowing hackers to execute malicious code remotely.

The flaw allows an attacker, within range, to execute malicious code on the phone's Wi-Fi chip.

The vulnerability appears to affect iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation, and later devices running the iOS 10.3 operating system.

It's worth mentioning that iPhone 5 and iPhone 5C were Apple's last iPhone handsets to have a 32-bit processor with Apple A6 system on a chip. Since iPhone 5S has a 64-bit processor, it is not affected by the issue.

With iOS 10.3 release, an over-the-air download for 32-bit Apple devices wasn't available. This has also being changed with iOS 10.3.1 update, which brings back support for iPhone 5 and 5C as well as the fourth-generation iPad -- the only remaining 32-bit Apple devices.

The iOS 10.3.1 update can be downloaded over-the-air via Settings → General → Software Update on your iOS device.

Apple users running iOS 10.3 should be able to see the iOS 10.3.1 update, so press on the "Download and Install" button to install the update.

Read More

Tuesday 4 April 2017

Create Your Own Website Or Blog & Connect With Any Domain Easily By Hax4Us

1 comment
Hello Guys , Welcome Back To My Site
Today We Will.Learn That How Can We Create A Blog Or Site And Can Connect With Any Domain (.com,.in,.tk) etc.

Click Here To Watch Tutorial Video

Note :- Guys If You Have Any Problem Related To This Post So You Can Comment Or Ask Through Comment Box.
Read More