‘Gooligan’ Android malware used to compromise Google accounts

Malware used existing root exploits to target Jelly Bean, KitKat and Lollipop devices, racking up fake installations and reviews on Google Play.

Security firm Check Point has revealed a new malware campaign involving using malicious apps to root Android devices, steal Google authentication tokens and illegitimately rack up installation numbers and review scores for other apps.

The malware, dubbed “Gooligan” by Check Point, uses known vulnerabilities to get obtain root access — complete control — over devices running Android 4.x and 5.x, before using this to steal Google account names and authentication tokens. This then allowed the perpetrators to remotely install other apps from Google Play on victims’ devices, and post false reviews in their name.

In theory, malware like this, which is designed to steal authentication details, may have been able to access other areas of Google accounts, like Gmail or Photos. There’s no evidence that “Gooligan” did anything like this — instead, it appears it was built to make money for its creators through illegitimate app installs.

What is striking about this strain of malware is the number of accounts affected — more than one million since the campaign began, according to Check Point. The majority — 57 percent — of these accounts were compromised in Asia, according to the firm. Next were the Americas with 19 percent, Africa with 15 percent and Europe with 9 percent. Check Point has set up a site where you can check if your account is affected; Google also says it’s reaching out to anyone who may have been hit.

Ahead of today’s public announcement, Google and Check Point have been working together to improve Android’s security.

We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” said Adrian Ludwig, Google’s director of Android security. “As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”

Check Point also notes that Google’s “Verify Apps” technology has been updated to deal with apps using vulnerabilities like this. That’s significant because, while it doesn’t help devices that are already compromised, it roadblocks future installations on 92 percent of active Android devices, even without the need for firmware updates.

Like other app-based exploits, Google’s ‘Verify Apps’ feature now protects 92 percent of active devices from ‘Gooligan.’

“Verify Apps” is built into Google Play Services, and enabled by default in Android 4.2 Jelly Bean — accounting for 92.4 percent of active devices, based on the current numbers. (On older versions, it can be manually enabled.) Like the rest of Play Services, it’s regularly updated in the background, and it blocks the installation of malicious apps, and can advise users to uninstall malware that’s already there.

On newer versions of Android, the underlying exploits used by “Gooligan” to root devices will have been addressed through security patches. So as significant as a million compromised accounts sounds, this is also an example of Google’s security strategy for app-based malware working as designed, blocking installations of affected apps across the vast majority of the ecosystem.

If you’re concerned that your account may have been affected, you can hit up Check Point’s site. In future, Google’s existing safeguards — a part of Play Services for the past four years — will ensure you’re protected.

ICYMI: The DroneGun aims to patrol the skies

Today on In Case You Missed It: DroneShield has been touring airports across the country to test out its DroneGun, a rifle-sized UAV jammer that disables a drones’ GPS and GLONASS positioning from over a mile away. While it hasn’t received FCC certification yet, the DroneGun aims to force UAVs to land — unharmed — and could possibly lead authorities to the pilot and launch point, which could prove to be helpful in removing drones from air space or protecting soldiers against drone bombs.

Meanwhile, MIT’s CSAIL has developed a deep learning algorithm that can generate video that accurately predicts the outcome of a scene. The algorithm uses two neural networks working in opposition to each other; the first network has watched millions of videos and uses that data to generate a new 1-2 second video of what it expects to happen. The second network determines if a video is original, or generated by the first neural network. While the technology has its limitations, it could at some point be used to help self-driving automobiles anticipate the movement of pedestrians and other cars. So, it’s got that going for it.

And if you’re interested in going boldly where no man has gone before, you might want to brush up on the tolls the trip will take on your very human body from vision problems and weakening bones to a changing heart shape. As always, please share any interesting tech or science videos you find by using the #ICYMI hashtag on Twitter for @mskerryd.

GoPro cuts jobs and closes its entertainment division

GoPro has been facing tough times lately, and that’s unfortunately translating to layoffs. The action camera maker is cutting 15 percent of its workforce as part of a restructuring move, including both 200 existing positions and the cancellation of yet-to-be-filled job openings. The reorganization will also lead to the closure of GoPro’s entertainment division — the company’s dreams of becoming a media empire will have to wait.

Company President and former Skype CEO Tony Bates is also out by the end of the year, although it’s not clear whether this is due to GoPro’s overall performance or other reasons.

The job cuts are deemed necessary to help meet GoPro’s goal of returning to profit in 2017. It’s not clear if the Karma drone recall prompted the cuts, but they certainly didn’t help — between that and camera production problems, the company just hasn’t been selling as much hardware as it would like. There is some light on the horizon, though. GoPro notes that its Black Friday sales (helped by discounts and bundles) were up about 35 percent year over year in the US, and direct online sales were up 33 percent between Thanksgiving and Cyber Monday (November 28th). GoPro has increased demand for the Hero5 series and other cameras — the big challenges may be to keep up with that interest and sustain it over the long term.

Source: GoPro

In IBM’s future, Watson will be your doctor

IBM is working on a way to make its Watson supercomputer a far more effective medical tool for flesh-and-blood doctors. The company wants to use the platform to analyze medical imaging data to learn what a healthy set of insides looks like. It should then be able to identify when things have gone awry in scan images to direct doctors toward areas of concern. If this data is merged with each patient’s medical records, it could mean faster and more effective treatment for serious conditions.

The company is desperate to turn a profit on all of the money it’s crammed into selling Watson as a general-purpose supercomputing tool. The only problem is that is that IBM thinks every issue in the world can be solved with big data, but here it may actually work. After all, other companies are trying similar things — including Zebra Medical, which does the same job with X-ray images. That firm is also letting patients upload their own CT scans and mammograms for a big data second opinion.

One of the systems that IBM is developing is a “physician support tool,” that seems to take much of the mental leg-work away from doctors. If a patient is diagnosed with a tumor, Watson will pull together data from various sources to develop a personalized health care plan. Another system will help emergency rooms detect a brain bleed by cross-checking scan data with their historical records to spot patterns. Although there’s always a worry that Google — via its DeepMind AI — may have won the hearts and minds of clinicians across the world.

Source: PRNewsWire

AirPort Routers Ranked Highest in Customer Satisfaction as Apple Halts Further Development

Apple ranks highest in customer satisfaction among wireless router manufacturers, according to a new study released by J.D. Power today.

The accolade comes just nine days after a report said Apple has ceased development of its AirPort routers and reassigned engineers working on the products to other teams. Apple continues to sell the AirPort Express, AirPort Extreme, and AirPort Time Capsule, last released in 2013, but future updates appear unlikely.

Apple beat out all other wireless router vendors with a score of 876, based on a 1,000-point scale, followed by ASUS at 860, D-Link at 856, and TP-Link at 854. Apple was the only company to receive a 5-star Power Circle consumer rating, which places it “among the best” according to J.D. Power.

The report, based on responses from 3,037 consumers, measured overall satisfaction across 10 factors, listed in order of importance: Wi-Fi range; reliability; speed of upload/download; restore connection easily; security capabilities; price; ease of use; variety of features; intuitive user interface; and customer service.

Related Roundup: AirPort
Tag: J.D. Power
Discuss this article in our forums

The Samsung Galaxy S8 could give you super-sharp selfies

Korean news publication ET News has cited sources as saying the Samsung Galaxy S8 will come with an auto-focusing front-facing camera. If true, it would be your selfies would be much sharper and clearer than before.

• Samsung Galaxy S8 and S8 Edge: What’s the story so far

The majority of smartphones use fixed-focus lenses for the front camera, mainly because they’re small and it’s not seen as much of a requirement to have auto-focus. But now we’re really becoming a selfie generation, Samsung may have thought it’s high-time something was done to try and make our mugs look better (in pictures at least).

The technology could benefit group selfies too, and would help keep everyone in focus when using something like a selfie-stick, where you have little control over what the camera does.

Samsung is said to be testing autofocus actuators, which claim to have little effect on the camera’s size, so it shouldn’t protrude out the front, but it could have an increased effect on the price of the phone.

• Samsung Galaxy S8 could feature a bezel-less OLED screen
• Samsung Galaxy S8 to launch in March and come with 5.5in 4K display?
• Samsung will implement Viv personal assistant in more than just the Galaxy S8

If the Samsung Galaxy S8 does arrive with autofocus on the front camera, it will join the Sony Xperia M5 and HTC Desire Eye, both of which already use similar technology. The Galaxy S8 is expected to be unveiled at or around Mobile World Congress in February 2017.

Ford announces refreshed 2017 Fiesta line-up with more technology than any other small car

Ford has unveiled the 2017 Fiesta at a special event in Cologne, Germany, that will see the company’s ubiquitous small car receive some major technological updates.

All 4 of the new model variants: Titanium, ST-line, Vignale and Active crossover get Ford’s new driver assistance systems to help keep you safe on the road.

Driving Assistance Systems

The new systems will see two cameras, three radars and 12 sensors placed around the car that can see up to 130 metres ahead of the car, even at night, to help warn you of any pedestrians you can’t see yourself. There’s also a new Active Park Assist system that will ensure there’s no low-speed bumps into other cars when the Fiesta is parking itself.

Ford has another new traffic sign recognition system that can recognise individual speed limits displayed on overhead motorway gantries and let you know if you change lane and therefore have to change your speed.

Four New Models

Autocar

The Vignale is positioned as a more luxurious option, with elements trickling down from Ford’s Mondeo, S-Max, Kuga and Edge Vignale models. The Fiesta Vignale will arrive with 18-inch wheels quilted/leather seats and exclusive colours.

The ST-Line variant is for those who want the sporty look without the sporty performance. These models will have exclusive alloy wheel options, a sporty bodykit and flat-bottomed steering wheel.

For those wanting a new ST model, you’ll have to wait until 2018.

The Fiesta Active is the first Fiesta crossover model and features an increased ride-height, roof bars and additional cladding, to make it more suited to tackling rougher terrain.

Finally, the Fiesta Titanium will build upon the already successful variant, which delivers a high specification throughout the car.

• Ford Fiesta ST200 first drive: Irresistible overboost fun
• Ford Fiesta Titanium 1.0 EcoBoost review

In-car Technology

Autocar

The Fiesta will also be the first car to come with the promised B&O Play sound system announced earlier this year. The Fiesta will be fitted with 10 speakers including a subwoofer in the boot and a mid-range speaker on top of the instrument panel to fire sound out from a more central position into the car. Total power is rated at 675 watts and there’s a digital sound processing (DSP) amplifier that can adjust sound settings to provide optimal quality no matter where you’re sitting.

Carrying on with in-car tech and we move on to Sync 3, Ford’s in car infotainment system. With it, drivers will be able to control audio, navigation and a connected smartphone using their voice. Ford has given voice command examples such as “I need a coffee” and “I need fuel”. The Sync 3 system will then find the nearest coffee shops or fuel stations and guide you there. You’ll be able to connect your iPhone or Android device via Apple Car or Android Auto and Sync AppLink will let you use your voice to control apps such as Spotify and AccuWeather.

Information will be displayed on one of three screens, either an 8-inch floating screens, 6.5-inch integrated screen or a 4.2-inch. You’ll be able to choose which screen you want when you’re specifying your car.

Refreshed look

Autocar

Ford has gone over the bodywork of the new Fiesta to give it a much cleaner look, removing screw holes, hiding windscreen washer nozzles, and now offering a full length, openable panoramic glass sunroof. The inside has had just as much of a makeover too, with the centre console losing some buttons and dials and now being made of just one piece of material. You’ll now be able to specify a heated steering wheel for the first time on a Fiesta and a 4.2-inch screen has been fitted in the instrument cluster.

All models will be given a range of engine options, ranging from 1.0-litre EcoBoost with up to 140PS to TDCi engines with up to 120PS.

The 2017 Ford Fiesta will be available in the UK from July next year with prices yet to be announced.

What is Gadget Cover?

There are plenty of places that will insure your tech goodies. So what’s so special about Gadget Cover? Here are six standout reasons to make Gadget Cover your choice.

Truly instant cover

This is a key feature. If you’re going on holiday tomorrow, today even, and realise you need to insure your stuff, it’s no good if by the time you’ve filled in a long form and have reached the small print that you spot it only comes into effect after 14 days! Gadget Cover has no exclusion period – your goods are covered straight away.

Damage cover 

Water damage is one of the most common ways people brick their phones or tablets. Some companies will insure you against this, no problem. But Gadget Cover goes one step further by insuring you against liquid damage, so not just water. Which is handy, whether it’s coffee or your G&T that doused your phone. Damage cover also includes screens which have cracked or shattered (another common complaint) and damage to the body of your gadget as well. 

Low excess fee

It’s all very well to find a place with low-ish premiums, but look carefully as it’s quite common to find a high excess built in. And if you’re not careful, that high excess could make you feel it’s just not worth claiming in which case, why have the insurance in the first place? With Gadget Cover you can relax: if the device claim is up to £250, the excess is £25, then £50 on devices between £251 and £500 and so on. 

Convenient Apple repairs

This is a good one: when you’ve banjaxed your iPhone, say, you don’t necessarily want to trust your beloved gadget to just any old repairer, reputable though many of them are. With Gadget Cover, once your claim is authorised you can choose to get your Apple devices repaired at your local Apple Store and have the cost reimbursed to you. So you know it will have the best-quality parts, knowhow and service.

Unlimited claims and no claims bonus

This is win-win. If you are covered for it, Gadget Cover will let you have unlimited repairs or replacements, which is useful if you’re habitually clumsy or just repeatedly unlucky. On the other hand, if you take extra care and have good luck, you may not need to make a claim at all. In which case you’ll be glad of the no-claims bonus. This means 25 per cent off the excess fee when you do claim. Stay claim-free for four years and there’s no excess fee at all when you claim. 

Optional loss cover

For an additional premium, you can be covered for loss as well as damage, breakdown (in many cases), accident or theft. So if you’re insuring a phone, tablet or smart watch, Gadget Cover will replace it if you’ve lost it. Gadget Cover has its fair share of unusual claims. So when one customer had her phone stolen from her bag by a monkey, she’d have been covered whether it was loss or theft. Maybe the creature misunderstood when it had heard that the phone was an Apple, or a BlackBerry.