Never use hacked software and why.

   All you need to know about MixVibes.

Never use hacked software and why.

Postby UncleVibes on 04 Jun 2014, 20:20

Android ransomware encrypts files


By Leo Kelion

BBC Technology desk editor


The security firm says the Android-targeting Trojan malware is the first of its kind
A security firm says it has found the first confirmed case of ransomware that encrypts files held by Android devices.

Eset reports that the Trojan - called Simplelocker - targets SD cards slotted into tablets and handsets, electronically scrambling certain types of files on them before demanding cash to decrypt the data.

The message is in Russian, and payment is requested in Ukrainian currency.

One expert said the threat was noteworthy, but limited at this stage.

"File-encrypting malware has proved to be a lucrative criminal enterprise so it is unsurprising that Android has become a new target," said Dr Steven Murdoch, of the University of Cambridge's Computer Laboratory.

"Smartphone users should be very cautious of installing software from sources other than the operating system-provided application store, and should pressure their phone supplier to promptly provide security updates to defend against known vulnerabilities."


Infected devices bring up this Russian-language warning
He noted that networks often lagged or failed altogether to provide Google's security patches for older Android handsets.

Porn alert
Slovakia-based Eset said affected device owners were presented with a message saying that their phone was locked because they had viewed and distributed "child pornography , zoophilia and other perversions".

It goes on to instruct the victims to pay 260 hryvnias ($22, £13) via the Ukrainian MoneXy cash transfer system.

"After payment your device will be unlocked within 24 hours. In case of no PAYMENT YOU WILL LOSE ALL DATA ON your device!" it added.

The security firm said that the types of files that could be encrypted included jpeg and gif images, dox and txt text files, and mkv, avi and mp4 media.

It added that information about the infected device would also be uploaded to the server computer used by the cyber-thieves, potentially to help them ensure the right data was decrypted when a payment was received.

This server was hosted on a hidden part of the internet called Tor, Eset added, making the scam hard to trace.

"Our analysis... revealed that we are most likely dealing with a proof-of-concept or a work in progress - for example, the implementation of the encryption doesn't come close to 'the infamous Cryptolocker' on Windows," wrote security researcher Robert Lipovsky.

"Nevertheless, the malware is fully capable of encrypting the user's files, which may be lost if the encryption key is not retrieved.


The Trojan encrypts files stored on an SD card installed in an Android device
"While the malware does contain functionality to decrypt the files, we strongly recommend against paying up - not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them."

Although this is the first reported instance of Android ransomware encrypting files, there have been other types.

Last month a security researcher known as Kafeine reported about a variant that prevented Android apps from launching, effectively making infected devices useless, unless a $300 payment was made.

Before that, the security firm Symantec reported about an app that caused pop-up warnings to repeatedly appear, which could not easily be closed unless a fee was paid.

BBC © 2014
User avatar
UncleVibes
 
Posts: 10251
Joined: 22 Sep 2003, 13:36


Re: Never use hacked software and why.

Postby dR3+tS on 07 Jun 2014, 02:53

Hi.
I use dash lane password manager on my mac OS X and just got update on this/installed on my android device.....but in about 20 days I'm pissin android off and getting iPhone 5s 8.0 iOS.....dont know what to do and why it happens....but when i register(try to!!)....on forums such as gearslutz and audio karma....i get major dramas after I've activated account via email link.....the user and password i use(that dash lane saves for me too at time of creation).....well after the email activation link....it goes like..."sorry,pword/user failed...blah...blah...wotever"!!??
I don't forget(nor does dash lane either for that matter!)...forget my pword/user....so its all a bit full of crap really...not to mention extremely annoying and time wasting!!
Why can't i log in with dash lane on my browser like i can do with majority of sites....including this one!?

Dashlane warns me not to log in/go anywhere near sites that give you this log in B.S...so you can't log in safely using dash lane password manager.....so i honestly think sites like the above mentioned and dash lane need to get its IT dept Word censored (guess you find it I love walking on it) together and sort this out!

Regards.

Jon.
User avatar
dR3+tS
 
Posts: 21
Joined: 13 Apr 2014, 08:03
Location: Australia


Re: Never use hacked software and why.

Postby RoJeC on 08 Jun 2014, 10:11

The problem is your password manager.
A password manager fills info in fields in a local session. This info is send to the server. The server can only read filled info. Not how it was filled.
Ronald

Image

downloads + more forums = Register license(ucp.php?i=169)
Apple store new user? first read viewtopic.php?f=259&t=34199
Manual? In Cross open menu, select Help (available 24/7).
Audio dropouts? Increase audio 'buffer size' value.
FAQ iOS / Android / PC / MAC http://www.mixvibes.com/FAQ/
Soundcard not available/working? Try the 32bit version of Cross (is also installed).
RoJeC
 
Posts: 4458
Joined: 20 May 2011, 07:55
Location: Bussum, Netherlands


Re: Never use hacked software and why.

Postby MusicMeister on 26 Sep 2014, 21:04

How about you don't use hacked software because it's uh, well, 'wrong'?

Ethically questionable?

How about purchasing software helps to fund continued development of the platform?

How about you get proper and effective support (in most cases :) ) when you purchase the software?

If you are a 'professional' then there is ZERO reason to not buy the tools you use to make your money. And in all honesty, Cross/Cross DJ is downright cheap compared to the alternatives like Virtual DJ, Traktor, etc. Oh, and in terms of functionality, they meet or beat feature to feature in many fronts. How you could justify using hacked software is beyond me...
User avatar
MusicMeister
 
Posts: 331
Joined: 06 Dec 2012, 02:49
Location: Pensacola, Florida



Return to Announcements




Who is online

Users browsing this forum: No registered users and 5 guests

 
 
   
 
© 2014 Mixvibes