Apple recently sent critical security alerts to users in 92 countries, warning them of potential mercenary spyware attacks targeting their devices. The notification reads: “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.” This indicates a deliberate attempt to gain unauthorized access to your phone’s data.

The company stated that they have “high confidence” in this warning

Apple emphasizes the seriousness of these attacks, stating: “This attack is likely targeting you specifically because of who you are or what you do.” While the company can’t disclose specific details to avoid aiding attackers, they have “high confidence” in this warning.

This isn’t the first time Apple has issued such alerts. Since 2021, they’ve notified users in over 150 countries, including journalists and politicians in India last year. Unfortunately, the specific countries affected by this latest round of warnings haven’t been revealed.

Apple’s commitment to user security is evident in these proactive measures. If you received such a notification, take it seriously and consider strengthening your iPhone’s security measures.

RELATED:

• Apple Brings Refurbished Apple Watch Series 9 to the Chinese Market, Prices Start from 2499 Yuan ($380)
• The Apple Watch Series 10 Could See a Huge Battery Life Increase, Thanks to a Display Upgrade
• Get latest Oneplus 12 Phone for $699 on Geekwills
• Xiaomi 13 Ultra Premium Camera Phone is now only $799
• How to add custom GIFs and stickers to WhatsApp

(VIA)

The post Apple Warns iPhone Users in 92 Countries of Potential Spyware Attacks appeared first on Gizmochina.

Reign, a spy application with destructive capabilities comparable to Pegasus, was discovered by the Citizen Lab of the Munk College of the University of Toronto, as reported on April 12 by IT Home. The app is capable of transmitting data after infecting devices, without the user knowing about it.

The spyware has mainly targeted dignitaries, journalists, and others, with at least 5 cases having been identified so far. Reign uses a vulnerability called “Endofdays” to attack iPhone devices running iOS 14.4 and iOS 14.4.2 updates.

Like Pegasus, after infecting an iPhone, Reign can access various components of iOS and iPhone functions. The spyware can record calls and microphone input, take pictures with the camera, extract or remove content from the keychain, generate iCloud 2FA passwords, search files and databases on the device, track the device’s location, and clean software traces to minimize detection possibilities.

Spyware is a growing concern in the digital age. In the wrong hands, it can be used to gather sensitive information or control devices without users’ knowledge or consent. Devices infected with spyware can become tools for criminal activities such as identity theft, financial fraud, and espionage.

It is crucial for phone users to take measures to protect themselves from spyware attacks. This includes keeping their devices updated with the latest security patches and avoiding downloading apps from unknown sources. Additionally, users should be wary of suspicious emails, messages, or phone calls that may contain phishing links or malicious attachments.

RELATED:

• Tata Group reportedly set to complete acquisition of Wistron’s iPhone factory in India
• Heliconia Spyware Hitting Chrome, Firefox and Microsoft Defender; Google Warns
• OPPO Find X6 Pro Takes the Crown as the World’s Best Camera Phone with DxOMark

(Via)

The post Reign Spyware: The Latest Threat to Your iPhone’s Security appeared first on Gizmochina.

New research from the University of Edinburgh and Trinity College Dublin highlights a concerning issue with some of the leading Chinese Android smartphones. In China, which is the largest smartphone market globally, over 70% of devices run on Android. The study found that certain brands, such as OnePlus, Xiaomi, and Oppo Realme, collect and transmit large amounts of personal data without user consent.

The phones in question come pre-installed with a significant number of system and vendor apps that have questionable privileges enabled by default. These applications actively collect and send sensitive information related to the device, location, user profile, and even social relationships. Even for privacy-conscious users who opt out of analytics and don’t use cloud storage or third-party services, the phones still send unique information about the device and the user, such as device identifiers, GPS coordinates, app usage patterns, call and SMS history, and contact numbers. Unfortunately, users are not notified about this data transmission, and there is no way to opt out. The collected data can easily be linked back to the individual and used for tracking purposes.

The research was conducted on devices sold in China and running local Android distributions, so international consumers may not be affected. However, for those who purchased their devices in China, such as business travelers or students, it’s important to be aware that the study found the data collection practices remain unchanged even after leaving the country.

It’s worth noting that the Chinese versions have way more pre-installed third-party apps and are granted eight to ten times more permissions compared to international versions intended for consumers in Europe and other regions. A lot of it might have to do with international regulations and policies that gatekeep these dangerous permissions, but phones purchased in China are definitely clear of those laws. 

RELATED:

• China Holds its Spot as the Largest Semiconductor Market in 2022
• Intelligent Safety Cone Robots Improve Emergency Response on Highways in China
• Best Smartphones Under $500 in 2023

The post China-manufactured OPPO, OnePlus, Xiaomi Smartphones Loaded with Spyware appeared first on Gizmochina.

A commercial malware known as Heliconina has been identified as affecting various browsers, including Google Chrome, Firefox, and, strangely, the Microsoft Defender security programme. This information was provided by a threat analysis group owned by Google. The researchers from the team added that they learned about the framework from a bug report submitted anonymously by a Chrome user that contained instructions and source code with the names “Heliconia Noise,” “Heliconia Soft,” and “Files.”

Google’s Threat Analysis Group adds that the spyware is specifically developed to take advantage of flaws in the Chrome and Firefox browsers. The spyware has also been observed to have an impact on Windows Defender, which comes preinstalled with Microsoft Windows. The researchers arrived at the conclusion that the spyware tools for spreading exploit code had references to a potential creator of the frameworks after closely examining the problem reported by an anonymous user.

TAG claims that in 2021 and the beginning of 2022, Google, Microsoft, and Mozilla patched the vulnerabilities that were being targeted, so as long as you’re patched, safety should be guaranteed. In order to protect themselves from attacks, TAG has urged internet users to keep their browsers and software up to date and has also introduced a Heliconia detection mechanism to Google’s Safe Browsing service.

In a blog post, Clement Lecigne and Benoit Sevens stated that “TAG’s research highlights that the commercial surveillance business is booming and has increased dramatically in recent years, presenting a risk for Internet users around the world.” Commercial spyware gives governments access to sophisticated surveillance tools, which they then employ to spy on journalists, human rights defenders, members of the political opposition, and dissidents.

The team has started every action that can be done in order to patch and report the spyware that is propagating online. Let’s wait and see when the OEMs can repair the security hole. Their users will be safer the earlier they take action. We firmly anticipate a patch update from the company in the future days, or to put it another way, as soon as possible!

Related

• Ex Twitter employee accused of helping Saudi Arabia Spy
• GPD Win 4 Windows Gaming Handheld pricing & launch windown revealed
• Google Wallet Adds Support For ID And Driver’s License In The US

The post Heliconia Spyware Hitting Chrome, Firefox and Microsoft Defender; Google Warns appeared first on Gizmochina.

In recent Android builds, the operating system has offered its users an improved degree of control over what resources or areas an application has access to. However, this system is still abused by many applications that do not require many of the permissions they require to operate. Now, a Chinese developer’s apps have been labeled as ‘Spyware’ from a research team that suspects that 100 million Android users have already been affected.

The research team is from VPNpro that claimed that the developer behind the app also has at least 50 million installs and its apps request “dangerous permissions.” Notably, VPNpro also claimed that one of their apps also has a malicious remote access trojan hidden within it. These applications were found in Google’s Play Store and were made from a Chinese developer and its local subsidiaries. Reportedly, this practice has been seen before with developers hiding behind a network of different subsidiaries.

Editor’s Pick: HMD Global announces Nokia C5 Endi, Nokia C2 Tava, and Nokia C2 Tennen for Cricket Wireless

The Chinese developer behind the abuse was the Hangzhou-based QuVideo Inc. It is best known for its popular video editing app, VivaVideo. This application is extremely popular since it offers its services for free, with the Play Store showing 100 million installs. VivaVideo is also one of the 40 Chinese apps that have been listed as ‘malicious-ware’ or ‘spyware’ by the Indian government back in 2017.

The apps from QuVideo are available on Apple’s iOS as well. However, due to the permissions system and boundaries being different, the abuse of a similar nature isn’t present on that platform. So, those that have these applications are warned to check what permissions you are granting the app.

UP NEXT: Motorola One Vision Plus Geekbench listing reveals Snapdragon 665 and 4 GB RAM specs

(Via)

The post 100 Million Android users are affected by this Chinese Spyware App appeared first on Gizmochina.

A couple of days ago, a post on Reddit’s Android forum alarmed everyone which claimed that Chinese spyware comes pre-installed on all Samsung phones. While the author acknowledged that the claim is sensational, but he claimed that it’s the truth.

The issue that the post claims is related to Samsung‘s Device Care application which comes pre-installed as a part of the company’s Android implementation that cannot be removed. The user who posted on Reddit discovered some strange traffic coming out of Device Care’s storage scanner, which looks for junk files that can be deleted to free up space.

That scanner was sending data back to Chinese domains — and because storage scanners generally need access to all of the files on your computer, the data could include almost anything. However, the immediate explanation in the post wasn’t entirely reassuring.

EDITOR’S PICK: Galaxy Bloom is the real name of the rumored Galaxy Fold 2

The scanner utility was made in collaboration with Qihoo 360 but it wasn’t clear which data was being sent back to Qihoo and why, which led the Redditor to tag it as spyware. However, Samsung says that the truth is less alarming than it appears.

The South Korean giant says the only data sent back to Qihoo is generic information needed to optimize storage, which generally includes naming OS version, phone model, and storage capacity, among other data.

It adds that Qihoo’s main contribution is a reference library for identifying junk files, but that library is stored locally in the utility, and the company never receives data that would allow it to identify a particular file on a user’s device.

UP NEXT: Xiaomi officially confirms MIUI 12; launching later this year

(Sources — 1, 2)

The post Samsung Device Care app sends data to China but the reason is not alarming appeared first on Gizmochina.