Android Issues

Lucian Constantin for Security Boulevard: New Android Botnet Pops Up on Malware-as-a-Service Market – “The toolkit, dubbed Black Rose Lucy by researchers from security firm Check Point Software Technologies, is made up of a back-end control panel dubbed the Lucy Loader and an Android implant called the Black Rose dropper. The malware was created by a team of Russian speaking developers that Check Point calls the Lucy Gang.”

Betanews: Unless you upgrade to Android Pie, a vulnerability leaves your phone trackable — and Google won’t fix it “The vulnerability (CVE-2018-9489) was revealed in a report from Nightwatch Cybersecurity which warns that it can be used to “uniquely identify and track any Android device” and also to “geolocate users”.”

Zeljka Zorz for Help Net: Scan reveals known open source vulnerabilities in popular Android apps – “Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center for Citizen Research (ACI)…. “Critical vulnerabilities were found in many common applications, including some of the most popular banking, event ticket purchasing and travel apps,” the researchers noted.”

David Harley