Tag Archive: Android JTAG Repair


Android and Windows smartphones to get ‘kill switch’

Google and Microsoft have both revealed that they will integrate a ‘kill switch’ into the next versions of their smartphone operating systems, allowing customers to disable their devices if they are lost or stolen.

Google told Bloomberg that it will add a “factory reset protection solution” to its next version of Android

Meanwhile, Microsoft’s vice president for US government affairs, Fred Humphries, said that the company would be adding new anti-theft capabilities to its Find My Phone feature in Windows Phone before July 2015.

“With these additional features, we’re hopeful that technology – as part of a broader strategy – can help to further reduce incentives for criminals to steal smartphones in the first place,” Humphries said in a blog post.

The news comes after Apple introduced ‘activation lock’ and ‘delete phone’ to its Find My iPhone app in September 2013.

As a result, robberies involving the company’s products reportedly decreased by 19 per cent in New York in the first five months of this year. San Francisco and London have also seen Apple-related robberies drop.

New York attorney general Eric Schneiderman said the statistics illustrate the “stunning effectiveness of kill switches”, and has called for other smartphone companies to add theft-deterrence features to their devices.

US Senator Amy Klobuchar, a Minnesota Democrat, and Jose Serrano, a New York Democrat, have both introduced bills that would require phones sold in the US to include kill-switch technology.

Last summer, the Mayor of London Boris Johnson also wrote to eight companies – including Apple, Samsung and Google – stating that about 10,000 handsets are stolen every month in London, and manufacturers have a “corporate responsibility” to help tackle thefts.

“If we are to deter theft and help prevent crimes that victimise your customers and the residents and visitors to our city, we need meaningful engagement from business and a clear demonstration that your company is serious about your corporate responsibility to help solve this problem,” Mr Johnson told manufacturers.

“Each of your companies promote the security of your devices, their software and information they hold, but we expect the same effort to go into hardware security so that we can make a stolen handset inoperable and so eliminate the illicit second-hand market in these products.

“We hope you would support this objective. Customers and shareholders surely deserve to know that business cannot and must not benefit directly from smartphone theft through sales of replacement devices.”

Source: The Telegraph

Russian BadNews bug found in Android app store

Security researchers have identified 32 separate apps on Google Play that harboured a bug called BadNews.

On infected phones, BadNews stole cash by racking up charges from sending premium rate text messages.

The malicious program lay dormant on many handsets for weeks to escape detection, said security firm Lookout which uncovered BadNews.

The malware targeted Android owners in Russia, Ukraine, Belarus and other countries in eastern Europe.

The exact numbers of victims was hard to calculate, said Lookout, adding that figures from Google Play suggest that between two and nine million copies of apps booby trapped with BadNews were downloaded from the store.

In a blogpost, Lookout said that a wide variety of apps were harbouring the BadNews malware. It found the programme lurking inside recipe generators, wallpaper apps, games and pornographic programmes.

The 32 apps were available through four separate developer accounts on Play. Google has now suspended those accounts and removed all the affected apps from its online store. No official comment from Google has yet been released.

Lookout said BadNews concealed its true identity by initially acting as an “innocent, if somewhat aggressive, advertising network”. In this guise it sent users news and information about other infected apps, and prompted people to install other programmes.

BadNews adopted this approach to avoid detection systems that look for suspicious behaviour and stop dodgy apps being installed, said Lookout.

This masquerade ended when apps seeded with BadNews got a prompt from one of three command and control servers, then it started pushing out and installing a more malicious programme called AlphaSMS. This steals credit by sending text messages to premium rate numbers.

Users were tricked into installing AlphaSMS as it was labelled as an essential update for either Skype or Russian social network Vkontakte.

Security firm Lookout said BadNews was included in many popular apps by innocent developers as it outwardly looked like a useful way to monetise their creations. It urged app makers to be more wary of such “third party tools” which they may include in their code.

Half of the 32 apps seeded with BadNews are Russian and the version of AlphaSMS it installed is tuned to use premium rate numbers in Russia, Ukraine, Belarus, Armenia and Kazakhstan.

Source: BBC News