most people heard of the story of the Trojan Horse. We learn the moral of the story: do not trust in gifts from strangers. Nowadays, no one would use the statue of a horse in giant – except, perhaps, those who like to do pranks in bad taste – although there are tricks similar to those in digital form. People are concerned about the unknown files and the downloads sudden coming of pop-up ads. Internet users tend to trust more file types known, such as JPG. However, in the last edition of the Trojan Horse, the malicious code remained hidden in images, which allows cyber criminals to take control of Android devices.
Google has responded quickly and has already released an update on Android. So that these changes in the software are updated on a device, this gap will be resolved. Another positive point is that this tactic has not gone to be of common use – it was a discovery of a researcher on cyber security Tim Strazzere. In this way, for all intents and purposes, the attack via photo is not a threat disseminated. But still, people should be aware and educated. Understand how cyber criminals act is the first step to learn how to maintain online security.
Truth be told, you hide a malicious code in other forms is not a tactic new. The criminals already have invented all kinds of disguises. When users open these infected files on the PCs, the malware is installed to steal confidential information. The method of the photo is just the latest in this context.
what is unique in this case is the possibility of the criminals to continue without images to be clicked on. Let’s address quickly the technical details to explain how. When the photos are sent to the Android device, some of these data are processed before the users open the file. This is known as analysis in computational terms: the decompression and separation of information. Note that the smartphones need to know what data to process when users open a file. But before they should analyze other data to understand the nature of the file type. It is when the cyber criminals can marshal secret instructions to be actuated in the opening.
And what happens after? Well, the malware can end up “plugging” of the devices of the users, obliterating them. And cyber criminals can end up getting the remote access to the smartphone. With all the confidential information that the devices store now, they may be able to get a lot of stuff! Think of all the financial details, passwords of online accounts and e-mails. In addition, criminals can even use the applications on the phone in his own cause and at the expense of the user.
But do not forget: Google has already released an update on Android to combat this. Thus, there is no need to panic. However, the threat should open the eyes of some people. There are many threats ingenious out there and the information is fundamental. This will not be the last edition of the Trojan Horse. But with the proper knowledge in security, people can keep themselves safe in the digital age.
With that in mind, here are three tips from cyber security to be followed:
do Not expose too much on social networks and chat apps: in This trick of the photo to capture the Android device, one needs to first send an image. And how this person will do this? Probably by a message in social networks or other chat application. So think of security in layers: on the perimeter next, do not allow any person contact with you. This also protects you from bullying on social networks.
Update the device as soon as possible: large companies have teams of cyber security to protect customers, but updates may depend on the users. In this case, as soon as Google received a report, the most recent update of Android has been the custom to resolve the vulnerability. Do not forget to update the devices and applications.
be careful where you browse and what you open: as the threats evolve, cybercriminals continue introducing malware advanced methods. Some people may receive an e-mail with an infected attachment, and the other can end up accidentally on a site is not secure. Always make sure that what is on the screen is authentic. Check very well the senders of e-mails. Look for the official URL. Exercise care and caution.
And, of course, stay abreast of the latest threats to consumers and to the security of mobile devices following me and following @IntelSec_Home on Twitter, and “Like” it on Facebook.
*Gary Davis is specialist-in-chief in consumer security, Intel Security.
No comments:
Post a Comment