Android Malware Exploiting Google Cloud Messaging Service

Researchers have discovered a number of malicious Android apps are using Google’s Cloud Messaging (GCM) service and leveraging it as a command and control server to carry out attacks. A post on Securelist today by Kaspersky Lab’s Roman Unuchek, breaks down five Trojans that have been spotted checking in with GCM after launching. Trojan-SMS.AndroidOS.FakeInst.a Trojan-SMS.AndroidOS.Agent.ao […]

Continue Reading

Hackers Acquire Google Certificate, Could Hijack Gmail Accounts

Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider. Criminals could use the certificate to conduct “man-in-the-middle” attacks targeting users of Gmail, Google’s search engine or any other service. Attackers could poison DNS, present their site with the fake cert and bingo, they have the user’s credentials. Man-in-the-middle […]

Continue Reading

Groupon Leaks Entire Indian User Database

The entire user database of Groupon’s Indian subsidiary Sosasta.com was accidentally published to the Internet and indexed by Google. The database includes the e-mail addresses and clear-text passwords of the site’s 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address and password pairs. […]

Continue Reading