Security Response

Contributors: Conor Murray, Paul Mangan.

Fraudulent apps appearing on the official Android marketplace is an ongoing issue and one that we have blogged about in the past.  Today we received reports of yet more fraudulent apps capitalizing on popular game titles and masquerading as these games. In this case, the apps are published under the name "Stevens Creek Software".

During installation of the fraudulent app, only one permission request is made for full Internet access. In the past, we have seen fraudulent apps looking for numerous unnecessary permissions during installation that may alert the user of the risks involved in installing the app. With just one permission request required by this fraudware during installation, it may seem less of a risk to potential victims. Once installed on the...

As underhanded as it is, there are people out there who want to spy on other people’s smartphone activity. However anyone looking to invade the privacy of a smartphone user may just as likely find themselves becoming a victim of fraud. SMS Privato Spy is a product that is marketed as allowing you to view the phone screen live, activate and listen on the microphone, view call logs, and perform GPS tracking at all times.  Sounds impressive, and all for a price tag of $50-125 depending on the package chosen.

If you are still not sold on the product they even provide a video on the site showing an interview on Myfoxla.com with a company called the Federal Forensics Group reviewing what is supposedly SMS Privato Spy.

The thing is there is no such product as SMS Privato Spy. The interview on Myfoxla.com with...

The terms targeted attack, spear phishing, and advanced persistent threat (APT) get bandied around in the media a lot these days. With the spate of recent headlines concerning companies being hacked, every company is on its guard to prevent becoming the next victim—and big headline. One of the major problems associated with targeted attacks is identifying whether or not your company is the actual target of any malware found and not just a random victim of a malware gang. There are several ways to try to do this, such as attempting to find the initial source of infection and analyzing the malware itself. However, attackers are clever and deception is part of their game.

If an attacker’s malware is discovered at any point during the initial stage of a targeted attack, the best-case...

A digital currency known as Bitcoin (BTC) has been causing a bit of a media stir of late due to its use for illicit purposes. Some readers of this blog will be familiar with and have used a digital currency of some form in the past to purchase goods online. Some may even remember failed digital currencies such as e-gold, which had operations suspended by US authorities after its proprietors were indicted on four counts of violating money laundering regulations back in 2007. With Bitcoin, we now have another multi-million dollar digital currency market without any central authority for regulation. (An in-depth explanation of Bitcoins is available on Wikipedia.)