Google steals Maintenance Mode from Samsung smartphones

September 22, 2023Android Google

Google steals Maintenance Mode from Samsung smartphones

The stable version of Android 14 was expected to be released this month, but Google postponed the release to line it up with the Pixel launch event in October. However, Google released the first Android 14 QPR1 Beta 1 update to compatible Pixel smartphones, and it appears the company has copied Samsung’s Maintenance Mode feature.

Google’s Repair Mode in Android 14 is inspired by Samsung’s Maintenance Mode

The first beta version of Android 14 QPR1 includes Repair Mode. It can be used when handing your smartphone over at a service center for repair and maintenance. However, it appears to work differently than Samsung’s Maintenance Mode. Android Authority notes (via Mishaal Rahman) that Google could be using the DSU (Dynamic System Updates) feature, which was introduced with Android 10. DSU can boot a GSI (Generic System Image), which is a new and empty copy of the operating system, so your personal data remains safe.

It wasn’t possible to use the DSU feature in this way. However, Google may have been inspired by Samsung’s Maintenance Mode and used DSU to create Repair Mode. Once activated, it presents a clean version of the operating system to whoever uses the phone for repair. A device owner can lock the phone in Repair Mode, which means their personal data is safe from unwanted people.

Repair Mode may be added to all Android smartphones in the future. On Samsung phones, the Maintenance Mode is available on phones that are running Android 13 or newer. In the past, Google copied several software features from Samsung’s smartphones and tablets, which shows that Samsung stays ahead of the game most of the time.

link … Read More ...

May 12, 2023Android Apps

Android Apps With 1M Installs Steals 2FA Codes & Passwords

Check Point Research has recently published a study revealing the discovery of a previously unknown malware variant dubbed FluHorse.

The malware comprises multiple malicious Android apps that impersonate legitimate ones, and unfortunately, most of these fake apps have already been installed by over 1,000,000 users.

All these malicious applications are designed to steal victims’ credentials and 2FA codes, compromising their personal and sensitive information.

FluHorse targets various industries across the Eastern Asian market and is distributed through email.

These attacks can prove persistent, dangerous, and challenging to detect, as they often leverage email accounts belonging to high-profile entities during the initial stages.

Mimicked Apps

Attackers find applications that mimic trusted, reputable companies particularly enticing since they are likely to attract financially capable customers.

The legitimacy of these copied applications makes them even more appealing to hackers.

ETC with 1,000,000+ Google Play installsVPBank
Neo with 1,000,000+ Google Play installs

According to the ETC APK developer’s website, the application generates approximately 16 million transactions daily, with over 6 million users relying on its services.

VPBank, a major private bank in Vietnam, recorded total assets surpassing 631 trillion dongs as of December 2022, cementing its position as one of the country’s biggest financial institutions.

While the enterprise encompasses a diverse range of financial services like:-

Spanning retail
Corporate
Consumer Finance
Wealth management operations

Also, experts have noted the presence of other malicious dating applications’ presence. However, they have not discovered any corresponding applications that the malware attempts to impersonate.

Infection Chain

The malicious applications contain nothing beyond multiple window replicas that offer the victim input options.

While the scheme’s effectiveness remains undisputed, regardless of the attackers’ intentions, once the victim enters their sensitive data, the information is swiftly exfiltrated to the command and control (C&C) server.

Upon reaching this step, the

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others