SWITCH Security-Blog

SWITCH-CERT IT-Security Blog


Leave a comment

A new issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report is available!

The topics covered in this report are:

  • Cybercriminals increasingly targeting Mac users
  • Malware fitted as standard for Android
  • Switzerland breaks taboo of Net neutrality for sake of CHF 320 million
  • Internet of Things toys spying on children of all ages

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 

Mobile Malware


Adups — The Spy in your Pocket

Smartphones have become inseparable companions of our everyday life. They are so cheap nowadays, you can buy commodity devices running Android OS for less than a hundred Swiss francs. Smartphones aren’t mere wireless telephony devices. They are modern computer systems equipped with a variety of sensors: cameras, microphone, GPS receiver, gyroscopes and accelerometers, etc. They also feature multiple wireless communication interfaces such as multi-generation mobile networking, 2.4 and 5 GHz Wi-Fi, Bluetooth, NFC, etc, which make them a polyvalent communication platform with a quasi permanent Internet connection. Another way of looking at it: using all the components typical smartphones are equipped with, they can be fitted as perfect bugging devices.

On November 15th 2016, Kryptowire published a blog post revealing that „several models of Android mobile devices contained a firmware that collected sensitive personal data about their users and transmitted the data to third-party servers without disclosure or the users’ consent“. The sensitive data includes unique device and user identifiers, but also contact lists, call history, installed applications, and under circumstances text messages as well as fine grained location data. The said firmware originates from Adups, a Shanghai-based company specialized in mobile and IoT technologies. It is part of their FOTA product, a commercial replacement of Google’s Over-The-Air upgrade system, which is used to deploy firmware upgrades to the devices (hence the acronym: Firmware Over The Air). The FOTA component is pre-installed on various brands and models of Android devices manufactured in China. Being installed as a system APK, the software has unrestricted access to all data on the device and cannot be uninstalled.

 

HTTP request originating from a device affected by the Adups backdoor

HTTP request originating from a device affected by the Adups backdoor

Continue reading


The November 2015 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • No safe harbour in the Land of the Free – EU Court of Justice restricts data transfer to US
  • A different kind of virus – medical equipment hackable online on a grand scale
  • Viruses, scanned – free anti-virus programs almost as good as those you pay for
  • Let’s hear it, buddy! ETH Zurich research team simplifies two-factor authentication with sound recognition
  • Situation critical – researchers find vulnerabilities in 87% of all Android devices

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The June 2015 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • What do tax authorities and contact sites have in common? Neither can
    protect customer data
  • Good friends listen, and so does the BND – the scandal continues
  • A new kind of government Trojan – cyber attack on German parliament’s
    secure network
  • Reset, then reload – Android smartphones keep data even after factory
    reset
  • The Clipboard: interesting presentations, articles and videos

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


Unser SWITCH Security-Report für Mai 2014 ist verfügbar

Die aktuelle Ausgabe unseres monatlich erscheinenden ‘SWITCHcert Reports zu aktuellen Trends im Bereich IT-Security und Privacy‘ ist soeben erschienen.

Themen diesen Monat:

  • Android prüft zukünftig kontinuierlich installierte Apps – Fake-Virenscanner ist Shooting Star in Googles App-Store
  • US-Behörde schafft vollendete Tatsachen in Sachen Netzneutralität
  • «Heartbleed» setzt Frust und Hoffnung der Open-Source-Entwickler frei
  • Dropbox will mit Hilfe von Condoleezza Rice weltweit expandieren
  • Und wie immer Links zu spannenden Präsentationen, Artikeln und Videos rund um die Themen IT-Security und -Privacy.

Zum Download (PDF):

securityreport

Haben Sie unseren vorigen Security-Report verpasst? Hier kommen Sie zum Archiv.