[iPad] Google Play malware

 


More than 400 malicious apps infiltrate Google Play

"DressCode" apps turned phones into listening posts that could bypass firewalls.

Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to, security researchers said Thursday.

One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace, Trend Micro researchers said in a post. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections that shield individual devices inside a network. Trend Micro has found 3,000 such apps in all, 400 of which were available through Play.

"This malware allows threat actors to infiltrate a user's network environment," Thursday's report stated. "If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard."

The report continued:
The malware installs a SOCKS proxy on the device, building a general purpose tunnel that can control and give commands to the device. It can be used to turn devices into bots and build a botnet, which is essentially a network of slave devices that can be used for a variety of schemes like distributed denial-of-service (DDoS) attacks—which have become an increasingly severe problem for organizations worldwide—or spam email campaigns. The botnet can use the proxied IP addresses also generated by the malware to create fake traffic, disguise ad clicks, and generate revenue for the attackers.

Google representatives didn't immediately respond to e-mail seeking comment for this post.

Trend Micro's report comes three weeks after researchers from separate security firm Checkpoint said they detected 40 DressCode-infected apps in Google Play.

Trend said that only a small portion of each malicious app contained the malicious functions, a feature that makes detection difficult. In 2012, Google introduced a cloud-based security scanner called Bouncer that scours Play for malicious apps. Since then, thousands of malicious apps have been detected by researchers. This raises a question: if outside parties can find them, why can't Google find them first?

-- 
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Jim Saklad                                           mailto:jimdoc@icloud.com

__._,_.___

Posted by: Jim Saklad <jimdoc@icloud.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (1)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Re: Favorite new feature ios10

 

Thanks, Carlee.  It works great and will be very useful to me.

Sandra

Sent from my iPad Mini 4 

On Sep 30, 2016, at 11:30 AM, Carlee Marrer-Tising c-marrer-tising@bluewin.ch [iPad] <iPad@yahoogroups.com> wrote:

 

I think the default has the magnifier set to "off." To turn it on, go to settings >accessibility, and then in the top section, "vision," you will see "Magnifier" right below "Zoom." Tap on "Magnifier," then tap on the toggle key (button) and you'll be all set. To access the magnifier you just have to triple-press the home "button." Hope this helps.

Carlee 🐾🐾 🐈🐈🐈 😺🐱
Sent from my Big iPad Pro 🍎⌚️

> On 29 Sep 2016, at 22:05, Carol floridabouvs@gmail.com [iPad] <iPad@yahoogroups.com> wrote:
>
> How do you find it? I looked on my iPad and couldn't find it.
> Carol
>
> Terry wrote:
> Without a doubt the most useful new feature of iOS 10 is the magnifier. I used it this morning to read the directions on the bottle of painkillers. I used it yesterday to read instructions written in tiny print of a new item that I bought. Great feature, three clicks of the home button and you can read anything and you can adjust the size of the magnification.
>
> Sent from my iPad Air 2
>
> ------------------------------------
> Posted by: Carol <floridabouvs@gmail.com>
> ------------------------------------
>
>
> ------------------------------------
>
> Yahoo Groups Links
>
>
>

__._,_.___

Posted by: Sandra Davis <sandavis28@yahoo.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (18)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Re: Favorite new feature ios10

 

I think the default has the magnifier set to "off." To turn it on, go to settings >accessibility, and then in the top section, "vision," you will see "Magnifier" right below "Zoom." Tap on "Magnifier," then tap on the toggle key (button) and you'll be all set. To access the magnifier you just have to triple-press the home "button." Hope this helps.

Carlee 🐾🐾 🐈🐈🐈 😺🐱
Sent from my Big iPad Pro 🍎⌚️

> On 29 Sep 2016, at 22:05, Carol floridabouvs@gmail.com [iPad] <iPad@yahoogroups.com> wrote:
>
> How do you find it? I looked on my iPad and couldn't find it.
> Carol
>
> Terry wrote:
> Without a doubt the most useful new feature of iOS 10 is the magnifier. I used it this morning to read the directions on the bottle of painkillers. I used it yesterday to read instructions written in tiny print of a new item that I bought. Great feature, three clicks of the home button and you can read anything and you can adjust the size of the magnification.
>
> Sent from my iPad Air 2
>
> ------------------------------------
> Posted by: Carol <floridabouvs@gmail.com>
> ------------------------------------
>
>
> ------------------------------------
>
> Yahoo Groups Links
>
>
>

__._,_.___

Posted by: Carlee Marrer-Tising <c-marrer-tising@bluewin.ch>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (17)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Favorite new feature ios10

 

>> As Apple's iPhone 7 and iPhone 7 Plus have started to reach more customers, we've been getting more and more reports that users are facing a multitude of issues when pairing with their Bluetooth devices.
>
> Wow. Who'd have guessed *that* could happen?

Even a blind squirrel finds an occasional acorn.

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jim Saklad mailto:jimdoc@icloud.com

__._,_.___

Posted by: Jim Saklad <jimdoc@icloud.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (16)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Touch and home screen

 



It's a consumer conspiracy.  Buy, buy, buy, in little, frequent, endless dribs and drabs.  The health of the economy depends on it!




On Sep 29, 2016, at 5:23 PM, Kris Murray krismurray@gmail.com [iPad] <iPad@yahoogroups.com> wrote:

It is not necessarily a conspiracy, but the faster the processor the more I can do the more they try to make it do and it is a vicious circle

~KLM
\\ "The one who follows the crowd will usually get no further than the crowd. The one who walks alone, is likely to find himself in places no one has ever been." ~ Albert Einstein //

On Sep 23, 2016, at 10:23 AM, David Smith david.smith.14916@gmail.com [iPad] <iPad@yahoogroups.com> wrote:

Often, "improvements" come at a cost.  I used to think Microsoft and Intel had a profitable conspiracy:  faster processors led to bloatware, which led to faster processes, which led to more bloatware.  You had to keep buying new machines just to stand still.  Apple - and everyone else - learned the lesson.

__._,_.___

Posted by: David Smith <david.smith.14916@gmail.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (19)

Check out the automatic photo album with 1 photo(s) from this topic.
image1.PNG

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Re: Favorite new feature ios10

 


As Apple's iPhone 7 and iPhone 7 Plus have started to reach more customers, we've been getting more and more reports that users are facing a multitude of issues when pairing with their Bluetooth devices.

Wow.  Who'd have guessed *that* could happen?



On Sep 29, 2016, at 4:12 PM, Carol floridabouvs@gmail.com [iPad] <iPad@yahoogroups.com> wrote:

__._,_.___

Posted by: David Smith <david.smith.14916@gmail.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (15)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Re: Favorite new feature ios10

 


Press the home button three times quickly.

On Sep 29, 2016, at 4:34 PM, Terry Pogue tpogue@comcast.net [iPad] <iPad@yahoogroups.com> wrote:

 

Turn magnifier on in settings Accessibility. Then when you tap your home button three times it comes up.

"Do all the good you can. By all the means you can. In all the ways you can."

> On Sep 29, 2016, at 4:05 PM, Carol floridabouvs@gmail.com [iPad] <iPad@yahoogroups.com> wrote:
>
> How do you find it? I looked on my iPad and couldn't find it.
> Carol
>
> Terry wrote:
> Without a doubt the most useful new feature of iOS 10 is the magnifier. I used it this morning to read the directions on the bottle of painkillers. I used it yesterday to read instructions written in tiny print of a new item that I bought. Great feature, three clicks of the home button and you can read anything and you can adjust the size of the magnification.
>
> Sent from my iPad Air 2
>
> ------------------------------------
> Posted by: Carol <floridabouvs@gmail.com>
> ------------------------------------
>
>
> ------------------------------------
>
> Yahoo Groups Links
>
>
>

__._,_.___

Posted by: David Smith <david.smith.14916@gmail.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (14)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] access to yahoo from safari on ipad

 

Really? Yahoo is an email provider, host their websites, what apps do they have?

Their websites.

Yahoo is also still a portal, which I believe, well at least I think, that some people still use as their homepage
~KLM

<http://www.nytimes.com/2016/09/29/technology/yahoo-data-breach-hacking.html>

Defending Against Hackers Took a Back Seat at Yahoo, Insiders Say

SAN FRANCISCO — Six years ago, Yahoo's computer systems and customer email accounts were penetrated by Chinese military hackers. Google and a number of other technology companies were also hit.

The Google co-founder Sergey Brin regarded the attack on his company's systems as a personal affront and responded by making security a top corporate priority. Google hired hundreds of security engineers with six-figure signing bonuses, invested hundreds of millions of dollars in security infrastructure and adopted a new internal motto, "Never again," to signal that it would never again allow anyone — be they spies or criminals — to hack into Google customers' accounts.

Yahoo, on the other hand, was slower to invest in the kinds of defenses necessary to thwart sophisticated hackers that are now considered standard in Silicon Valley, according to half a dozen current and former company employees who participated in security discussions but agreed to describe them only on the condition of anonymity.

When Marissa Mayer took over as chief executive of the flailing company in mid-2012, security was one of many problems she inherited. With so many competing priorities, she emphasized creating a cleaner look for services like Yahoo Mail and developing new products over making security improvements, the Yahoo employees said.

The "Paranoids," the internal name for Yahoo's security team, often clashed with other parts of the business over security costs. And their requests were often overridden because of concerns that the inconvenience of added protection would make people stop using the company's products.

But Yahoo's choices had consequences, resulting in a series of embarrassing security failures over the last four years. Last week, the company disclosed that hackers backed by what it believed was an unnamed foreign government stole the credentials of 500 million users in a breach that went undetected for two years. It was the biggest known intrusion into one company's network, and the episode is now under investigation by both Yahoo and the Federal Bureau of Investigation.

Certainly, many big companies have struggled with cyberattacks in recent years. But Yahoo's security efforts appear to have fallen short, in particular, when compared with those of banks and other big tech companies.

To make computer systems more secure, a company often has to make its products slower and more difficult to use. It was a trade-off Yahoo's leadership was often unwilling to make.

In defense of Yahoo's security, a company spokeswoman, Suzanne Philion, said the company spent $10 million on encryption technology in early 2014, and that its investment in security initiatives will have increased by 60 percent from 2015 to 2016.

"At Yahoo, we have a deep understanding of the threats facing our users and continuously strive to stay ahead of these threats to keep our users and our platforms secure," she said.

The breach disclosed last week is the latest black eye for Ms. Mayer, whose failed turnaround effort resulted in Yahoo's agreement in July to sell its core operations to Verizon for $4.8 billion. It is unclear whether the episode will affect the sale. Although Yahoo's email users are its most loyal and frequent customers, the company has been losing market share in email for years.

"Yahoo is already suffering. I don't think they'll suffer more because of this," said Avivah Litan, a security analyst with the research firm Gartner.

"On both sides, the contract has very good protections," said Tim Armstrong, deflecting questions about whether the hacking will impact Yahoo's deal with Verizon.

By CNBC on  September 26, 2016. . Watch in Times Video »
Ms. Mayer arrived at Yahoo about two years after the company was hit by the Chinese military hackers. While Google's response was public, Yahoo never publicly admitted that it had also been attacked.

A former Google executive credited with creating the search company's simple, colorful aesthetic, Ms. Mayer turned her attention at Yahoo to beating Google at search, creating new mobile apps, and turning Yahoo into a video powerhouse with television-style broadcasts featuring big-name talent like Katie Couric.

But in matters of security, Ms. Mayer, current and former employees said, was far more reactive. In 2010, Google announced it would start paying hackers "bug bounties" if they turned over security holes and problems in its systems. Yahoo did not do the same until three years later, after it lost countless security engineers to competitors and experienced a breach of more than 450,000 Yahoo accounts in 2012 and a series of humiliating spam attacks in 2013. Yahoo said it had paid out $1.8 million to bug hunters.

In 2013, disclosures by Edward J. Snowden, the former National Security Agency contractor, showed that Yahoo was a frequent target for nation-state spies. Yet it took a full year after Mr. Snowden's initial disclosures for Yahoo to hire a new chief information security officer, Alex Stamos.

Jeff Bonforte, the Yahoo senior vice president who oversees its email and messaging services, said in an interview last December that Mr. Stamos and his team had pressed for Yahoo to adopt end-to-end encryption for everything. Such encryption would mean that only the parties in a conversation could see what was being said, with even Yahoo unable to read it.

Mr. Bonforte said he resisted the request because it would have hurt Yahoo's ability to index and search message data to provide new user services. "I'm not particularly thrilled with building an apartment building which has the biggest bars on every window," he said.

The 2014 hiring of Mr. Stamos — who had a reputation for pushing for privacy and antisurveillance measures — was widely hailed by the security community as a sign that Yahoo was prioritizing its users' privacy and security.

The current and former employees say he inspired a small team of young engineers to develop more secure code, improve the company's defenses — including encrypting traffic between Yahoo's data centers — hunt down criminal activity and successfully collaborate with other companies in sharing threat data.

He also dispatched "red teams" of employees to break into Yahoo's systems and report back what they found. At competitors like Apple and Google, the Yahoo Paranoids developed a reputation for their passion and contributions to collaborative security projects, like Threat Exchange, a platform created by Yahoo, Dropbox, Facebook, Pinterest and others to share information on cyberthreats.

But when it came time to commit meaningful dollars to improve Yahoo's security infrastructure, Ms. Mayer repeatedly clashed with Mr. Stamos, according to the current and former employees. She denied Yahoo's security team financial resources and put off proactive security defenses, including intrusion-detection mechanisms for Yahoo's production systems. Over the last few years, employees say, the Paranoids have been routinely hired away by competitors like Apple, Facebook and Google.

Mr. Stamos, who departed Yahoo for Facebook last year, declined to comment. But during his tenure, Ms. Mayer also rejected the most basic security measure of all: an automatic reset of all user passwords, a step security experts consider standard after a breach. Employees say the move was rejected by Ms. Mayer's team for fear that even something as simple as a password change would drive Yahoo's shrinking email users to other services.

"Yahoo's policy is that if we believe a user's password has been compromised, we lock the account until the user resets the password," Ms. Philion said.

With the 500 million accounts involved in the breach disclosed last week, the stolen passwords were encrypted. Yahoo concluded the risk of misuse was low so it notified users and encouraged them to reset their passwords themselves.

On Tuesday, six Democratic senators, led by Patrick Leahy of Vermont, sent a letter to Ms. Mayer demanding more details about the 2014 breach and what Yahoo was doing to prevent a recurrence. Another senator, Mark Warner, Democrat of Virginia, has asked the Securities and Exchange Commission to investigate Yahoo's disclosures to investors regarding the incident. And the company is already the subject of several class-action lawsuits from users over the intrusion.


__._,_.___

Posted by: Jim Saklad <jimdoc@icloud.com>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (13)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] access to yahoo from safari on ipad

 

I'm not aware of Yahoo having many apps. Bugs however, Apple does have a reputation



From: "Kris Murray krismurray@gmail.com [iPad]" <iPad@yahoogroups.com>
To: iPad@yahoogroups.com
Sent: Friday, 30 September 2016 10:22 AM
Subject: Re: [iPad] access to yahoo from safari on ipad

 
Yahoo is also still a portal, which I believe, well at least I think, that some people still use as their homepage

~KLM
\\ "The one who follows the crowd will usually get no further than the crowd. The one who walks alone, is likely to find himself in places no one has ever been." ~ Albert Einstein //

On Sep 24, 2016, at 8:36 AM, Jim Saklad jimdoc@icloud.com [iPad] <iPad@yahoogroups.com> wrote:

Really? Yahoo is an email provider, host their websites, what apps do they have?

Their websites.


__._,_.___

Posted by: Tony <tdale@xtra.co.nz>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (12)

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___

Re: [iPad] Touch and home screen

 

thats right. Computers used to be slow compared to what they were asked to do. The speed increases have exceeded the demands from the software. Now cheap PC's are quick enough for many tasks. Less need to upgrade too. That worked out well as less money is available to upgrade as we now have phones and tablets to buy as well, so the timing was spot on. Gamers like to upgrade, thats cheaper now



From: "Kris Murray krismurray@gmail.com [iPad]" <iPad@yahoogroups.com>
To: iPad@yahoogroups.com
Sent: Friday, 30 September 2016 10:23 AM
Subject: Re: [iPad] Touch and home screen

 
It is not necessarily a conspiracy, but the faster the processor the more I can do the more they try to make it do and it is a vicious circle

~KLM
\\ "The one who follows the crowd will usually get no further than the crowd. The one who walks alone, is likely to find himself in places no one has ever been." ~ Albert Einstein //

On Sep 23, 2016, at 10:23 AM, David Smith david.smith.14916@gmail.com [iPad] <iPad@yahoogroups.com> wrote:

Often, "improvements" come at a cost.  I used to think Microsoft and Intel had a profitable conspiracy:  faster processors led to bloatware, which led to faster processes, which led to more bloatware.  You had to keep buying new machines just to stand still.  Apple - and everyone else - learned the lesson.


__._,_.___

Posted by: Tony <tdale@xtra.co.nz>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (18)

Check out the automatic photo album with 1 photo(s) from this topic.
image1.PNG

Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.


.

__,_._,___