Thanks to Swordmaker for the... ummm... heads up!!
Posted on 09/08/2015 11:16:14 AM PDT by Swordmaker
A malicious Android app that held people to ransom has been found by US security firm Zscaler.
Adult Player appeared to offer pornography, but secretly took pictures of users with the phone's front-facing camera.
It then locked the user's device and displayed a demand for $500 (£330) which was difficult to bypass.
One security expert told the BBC that ransomware was a lucrative and growing area of cybercrime.
Ransomware
The Adult Player app demanded a payment of $500 (£330).
Apps which demand money from people with a threat to release private information, or wipe a device, are known as ransomware.
In August, Intel Security said examples of ransomware had increased 127% since 2014 - primarily affecting desktop computers and laptops.
"One of the reasons for the increase is that it's very easy to make," said Raj Samani, chief technology officer for Intel Security in Europe.
"There are people you can pay to do the work for you, and it pays really well. One group we tracked made more than $75,000 in 10 weeks.
"Apps like this rely on the embarrassment factor. If you don't pay, your reputation is on the line."
Adult Player was the second example of pornography-focused ransomware discovered by Zscaler.
The app was not available from vetted storefronts such as Google Play, but could be installed directly from a webpage.
(Excerpt) Read more at bbc.com ...
If you are not using a fairly complex password on your computer, you are going to get hacked. . . if you can even call it that. You are wide open for anyone coming in to your computer and essentially doing anything they want. Please tell me you are not running as an administrator user on your computer.
With a OS X Mac, you can set a specific user to automatic log-in, but I generally advise against it. I also advise that if you leave your computer for any length of time that it either goes to a password screen blanking or screen saver, or automatically logs you off after a period of no activity, otherwise someone can come in, install spy-ware, malware, or even more malicious or insidious hidden software on your computer, steal your data, ID, passwords to websites, such as banking, etc. It simply is NOT a good idea to allow such unfettered access. I've seen people who thought it was safe have children come in and make a total mess of their systems by deleting things willy-nilly, going to game sites, getting them infected with all kinds of malware just be going to the site, that on their home, locked down computers is perfectly safe because of the password protections, but on yours, with no password, is wide open door, allowing anyone to walk right on in was sucker bait. One such had over 400 viruses, trojans, ad-ware, key loggers, and other malware vying for the attention of the processor to the extent that it had slowed to a snails pace. It took over 45 minutes from start-up to offering a semi-usable Windows screen, it was so badly infected. . . and more malware were being downloaded by the already download malware. . . all because the owner didn't want a password.
Oh, the owner had anti-virus, but the first one the grandkids encountered told them to turn off protection because it needed to install, so they turned it off. . . and all hell was out for lunch.
I refused to pay!!!!
+1
...what's your secret?
Yeah I figure something like this is why the pimp in the white hut has boner in his back pocket. Gots to be blackmail.
My pass word to log on and use my computer is my first name and 4 randomly picked numbers. I have so many pass words and user namex to remember it isn’t funny. I have them all written down and have to refer to them frequently.
I remember on earlier computers I’ve had, you just turned it on and go.
My on line bank account and credit card account are both complex, involving user names, pass words and security questions. Never had a problem with on line stuff but I did have a credit card stolen a few months back and $300 was withdrawn before I knew it.
The C.C. company paid for that, the teen who stole it was caught and prosecuted. We never did get an explanation as to how he withdrew cash from an A.T.M. without a pass word. We intentionally sat up our account so no cash withdrawals could be made and no pass word was assigned to us for that purpose.
Stolen out of my wallet by one of my teen age son’s so called “friends”. Funny part was, he was ordered to make restitution to me. C.C. company was who he owed. He hasn’t paid anybody anything yet that I’m aware of.
My brother-in-law is mentally challenged when it comes to computers. I bought him his first computer (MacBook Air naturally) and set it up for him a couple years ago. He's a bass player in a band, born in 1950.
So I set him up with the password Bass50Man. He can't remember that. The good thing is he really doesn't have anything worth hacking. Maybe I should have just used "Password" for him.
Thanks to Swordmaker for the... ummm... heads up!!
Yet another reason I love my Mac and iPhone!
Thanks, Sword,
Ed
A friend said they’re selling a case in the mall which acts as a Faraday cage, completley shielding the iPhone from being read by scanners, and also stopping it from transmitting your location.
Bogus?
Thanks!
ed
You didn’t have PE in junior high and high school, where showering was mandatory?
Didn’t think that was possible in your generation!
Ed
Bogus, yes. Your friend saw some scammers preying on ignorant people, selling a case that can do nothing to protect them from a non-existent threat, confabulated out of a real threat posed by crooks who can read smart credit and debit cards, or even magnetic strip cards in your wallet. They pretend that the same technology can somehow dead the data off a smartphone. It cannot.
There's no way anyone can read an iPhone's data from a distance, and if they could, they'd be reading encrypted gobbledygook anyway, except for what is being currently being used right now. If he's worried about someone stealing data about credit or debit cards stored for Apple pay, that's not possible because the card numbers and data themselves are not stored on the iPhone or Apple Watch at all. Once input, the issuing bank registers them to the iPhone, issues a token number which can only be transmitted from that iPhone and THEN when a transaction is made an single use token is added to that token only when the user's living finger touches the TouchID sensor.
Any "Faraday Cage" would block ALL radio signals from entering or leaving the iPhone. It would essentially make the iPhone unusable for its basic purpose. The iPhone is NOT like a chipped card that can be triggered to dump credit card information simply by the mere presence of an NFC signal like some "smart" cards will. It requires the owner to validate the transaction by providing his finger on the TouchID before any data is transmitted. Ergo, there's no danger someone could steal any data of value. Even if they copied the transaction data during a purchase, if they were close enough to do so, a problem in itself considering the short range of NFC, it does them no good, because the token that was transmitted is good for only one use, and it was just used for that transaction.
Or you can take the opposite approach and not give a damn if someone sees you naked. This is how you come into the world and this is how you will leave.
The naked body is just a shell
It wasn’t that long ago that it was discovered there were several “flashlight” apps in both the Apple and Google stores that were actually malware. Apple, in turn, made the flashlight a built-in part of the OS. It goes to show that criminals will always find a way.
We had PE in school, which was 35 years ago...
I'm on social security. I don't have that much money!
Exactly, the worst they could do is trick you into accepting a bluetooth pairing. Which, at that point you could be compromised... but just walking around with your adapter on isn’t leaving you vulnerable.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.