Category : Android

Android Trojan rerouters you to Rogue DNS server

android trojan

New Android Trojan virus reported by Kaspersky Lab, that goes by the name, Switcher.

Switcher Trojan infects wifi routers through an infected Android, where an attacker can then reroute other users on the network to malicious sites. This is through brute force attacks against the admin interface of the router – using a predetermined list of password/login combos. The DNS servers are then replaced with both an active and backup server of the hacker. This allows for a multitude of potential infections, since every DNS query is directed to a network controlled by the attacker.

Kaspersky Lab researchers explained that “the ability of the Switcher Trojan to hijack [DNS] gives the attackers almost complete control over network activity which uses the name-resolving system … the approach works because wireless routers generally reconfigure the DNS settings of all devices on the network to their own – thereby forcing everyone to use the same rogue DNS.” –

Attacks primarily in china and proven track record predicts that the attacks will certainly spread across locations. This is the first Android malware that has been used to attack routers in this manner.

At the moment it is advised that admins and users alike should be on the look out for the following rogue DNS servers: 

“A successful attack can be hard to detect and even harder to shift: the new settings can survive a router reboot, and even if the rogue DNS is disabled, the secondary DNS server is on hand to carry on,” says Kaspersky Lab cybersecurity researcher Nikita Buchka. –


If you would like to educate yourself in more detail about the information presented in this blog post please visit:


Do this and not that – Mobile Malware


The three best practices to avoid mobile malware is to use an official app store, resist temptation to jailbreak your device, and keep updates current. Apple and Google app stores remain the most vigilant about mobile malware concerns. Google uses Verify Apps that runs in the background of modern Android systems to scan for spyware, ransomware, and fraudulent apps. The company also checks mobile apps that are submitted to the Google Play Store. Less than one out of every 10,000 devices that only downloads from the Google Play Store has a program in the malicious category.

Jailbreaking your device undermines much of the already pre-installed security on the phone. In addition to this, the ability to restrict applications from accessing personal data on the phone as well as validate applications is disabled. Basically, if you jailbreak your device you better have a pretty good understanding of technology, because you just became the sole provider of security for that device.

This may be a surprise to most, but vulnerabilities actually do not increase the likelihood on malware on mobile devices. Symantec’s Internet Security Threat Report released Apple iOS had nearly 8 times as many vulnerabilities as Android in 2014, but near all malware for that year were targeted at Android devices.

The reliance and increased functionality of mobile devices leads developers to push out updates and bug fixes as fast as possible. Users should pay attention to this and keep their applications and software updates current. Android users often wait to update because of the lengthy process involved, but the benefits usually out whey this inconvenience, especially considering Android devices are most susceptible for malware.



If you would like to educate yourself in more detail about the information presented in this blog post please visit: 

Samsung Galaxy Note 7 – no longer voluntary

note 7

Great news for Samsung users that have been using their Note 7 with extreme caution the last few weeks, replacements will be in stores Wednesday, September 21st! The recall transitioned from voluntary to mandatory as the US government’s Consumer Product Safety Commission (CPSC) issued a deathknell due to the lithium-ion battery overheating. According to the CPSC, Samsung received 92 reports of batteries overheating, 26 reports of burns, and 55 reports of property damage including fires in cars and garages. The CPSC recommends powering down the device immediately and seeking a replacement or refund from your wireless carrier, retail store, or Samsung directly. You can get the exact same Note 7 with a new, non-exploding battery, starting Wednesday, September 21st.

The Note 7 was widely successful before the recall, selling a million devices. However, the recall itself is estimated to cost Samsung $1 Billion. Ouch. 

If you would like to learn more about the information presented in this blog post please visit:


Pegasus Spyware Detected – Upgrade to iOS 9.3.5 ASAP


Malware that spies on user phone calls and text messages, has been alleviated thanks to the latest iOS mobile operating system upgrade, and the wise proceedings of a human rights activist. Canadian cyber security research group, Citizen Lab, published a report that a human rights activist, Ahmed Mansoor, received a text message with a malicious malware link attached. Thankfully Mansoor was not tempted to click on the link.

Rather he passed the link to Citizen Lab where researchers identified the correlation between the link and the NSO Group, an Israeli company notorious for selling a government-exclusive spyware product, Pegasus, that is described as a “lawful intercept”. Most have dubbed this the most sophisticated spyware software detected and Apple, Android and Blackberry smartphone users are the target. The main difference between this malware and others is Pegasus’s ability to infect the powerhouse of the operating system, the kernel of the phone. This allows the software to intercept any conversation before encryption ever takes place, so encrypting such apps proves pointless against Pegasus. The link would have been capable of jail breaking the iPhone and installing surveillance software used to access the camera and microphone. Mansoor’s WhatsApp and Viber calls would have been especially vulnerable in addition to his GPS location services.

Citizen Lab wrote in its report that “[w]e are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign.”

Last Thursday Apple released the latest version of iOS 9.3.5, which I highly advise upgrading to if you have not already done so. The update improves how iOS devices access memory and adds a patch that prevents visits to maliciously crafted websites from remotely executing arbitrary code.



If you would like to educate yourself in more detail about the information presented in this blog post please visit : 

HummingBad Malware targets 85 million Android devices…


As reported on the blog last week, malware has had a taste for Android devices.

The HummingBad software is another type of Android malware that has infected 85 million users globally. HummingBad infects Android devices in two ways, via drive-by downloads and malicious payloads delivered by websites distributing adult content. By using a rootkit, the malware attempts to gain root access to the device. If successful, the device is full accessible. In the event this method of access is not successful, a fake system update notification is used to trick users into handing over full access to the device.

With access granted, HummingBad will begin the usual malware process, installing fraudulent apps on the infected mobile device. Hackers are making a boatload of cash off this software alone, nearly $300,000 a month.  It’s an easy equation, the fraudulent applications deliver advertisements daily, generating a ridiculous amount of clicks. Engagement with these adds delivers nearly $10,000 to hackers daily, just from HummingBad alone. Researchers estimate that 10 million victims are using malicious applications without even knowing it.

Chinese cyber criminal group, Yingmob, consists of 25 employees spread out across four groups, and is responsible for managing HummingBad. It is suspected that Yingmob is behind the iOS malware called Yispecter, from 2015. China and India are the most affected by the HummingBad software, with 1.6 million devices in China affected, and 1.35 million affected in India. The United States is relatively small in the big picture, with 286,800 devices infected.

At the moment, HummingBad has not encrypted devices in order to steal data, but that doesn’t mean it won’t in the future.



If you would like to educate yourself in more detail about the information presented in this blog post, please visit :

Mobile Ransomware Targeting Androids



Mobile ransomware is somewhat less common than ransomware on networks or machines, but the numbers are starting to climb. Security firm, Kaspersky Lab, reports four times as many users infected with mobile ransomware this year compared to last. In April 2015,  35,413 users we affected while in March 2016 that number increased dramatically to 136,532 users affected. The largest mobile ransomware detected is called Fusob, and has been responsible for 56 percent of the attacks during this past year, targeting Android users.  

Fusob hides itself as a multimedia player called xxxPlayer…you can guess where this lies on the internet… and once downloaded Fusob blocks all user access to the device. Users are asked to pay in iTunes giftcards ranging between $100 and $200. Compared to the high demands of ransomware in the enterprise, these amounts sound like pennies. But to the user, that’s a hefty price to pay to get control of a device you should have never lost control of in the first place.

Interestingly, Kaspersky notes that much of the mobile ransomware out there right now does not actually encrypt any information on the users device. As most smartphone users usually backup to the cloud, there is no real point for hackers to actual encrypt the device. Instead hackers will encrypt applications so that users are blocked from the apps and will not be able to use the phone until paying the hackers.

Android users, be extra careful out there!!



To learn more about the information presented in this blog post, please visit :

Whats Up HTC 10

The HTC 10 had no choice but to revamp their design in order to compete with the Samsung Galaxy S7. A mere 5.6 ounces the phone feels more solid than previous models especially the G5. The back of the phone is curved, even rocking when placed on a flat surface. The front has a 5.3 inch, 2,560 by 1,440 Super LCD 5 screen. There is a physical home button complete with a fingerprint reader below the screen.

The design may have improved but the hardware still the same as the S7 and G5 with  2.2 GHz Qualcomm Snapdragon 820 processor and 4 GB of Ram. Although not wireless charging, the phone houses a USB-C jack on the bottom of the phone and supports Quickcharge 3.0.

What really makes the HTC 10 pop in terms of customer attraction is the audio. The 10 uses two speakers, a front facing tweeter at the top and toward the bottom an edge facing woofer. This combination leads to less distortion than you receive on many other smart phones on the market. The 10 comes with a “hi res certified” headset worth about $90. A pretty nice gift if you ask me. You can tune the headset to your hearing preferences and capabilities by listening to a series of tones. The headphone amp is one of the most powerful with 1v amp connected to a 24-bit DAC.

Different than other smartphones, the photo gallery app and calendar have been replaced with Google Photos and Google Calendar. In addition the phone is pre-loaded with Facebook, Messanger, and Instagram. Not a social media wizard? Don’t get your hopes up for a cleaner phone, these pre-loaded apps are not permitted for deletion.

The HTC 10 will be available in the next coming weeks for pre-order from T-Mobile, Sprint, and Verizon for about $699.



If you would like to educate yourself in more detail about the information presented in this blog post please visit: Hands On With the HTC 10

Nextbit: No Robin Phone for Verizon, Sprint

nextbit robin phone Bad news for those who thought they were going to get the Nextbit Robin smartphone for Sprint and Verizon customers. Nextbit announced that they have decided to cancel plans to launch a CDMA version. Originally, Nextbit was not planning to release a CDMA version. Due to high customer demand, the company decided to try to launch a CDMA version when they started receiving a high influx of user requests.

Nextbit CEO, Tim Moss, said the idea was rushed, and the answers were not clear. The Kickstarter campaign was only 30 days long. The decision to start investigating a CDMA version did not begin until two days into the campaign.

Moss explains that because of the late decision the company was not prepared to meet the demand, “We had to go with the best information we could get before the campaign was over, and over time it turned out that this information was not accurate,”. He goes on further to reveal the cost was much higher than anticipated, from estimated thousands to estimated millions. With little knowledge of when the device would be complete and ready to ship, the company decided to cancel the request altogether.

No need to worry if you already pre-ordered your Nextbit CDMA version. The company has promised to credit each backer their entire pledge including any extras such as accessories and shipping costs. As an added bonus, Nextbit is offering each CDMA backer a 25 percent discount code on one order from the company’s online store.

If you would like to educate yourself in more detail about material presented in this blog post please visit:


Hidden Features of Android 6.0 Marshmallow

Google Now

Google Now on Tap is probably the most useful feature. The new Marshmallow upgrade allows you to bring up Google Now without closing the app you are currently using. Simply long pressing the home button allows you to follow a few steps to activate. Once that is done all you must do is long press the home screen and that familiar Google search screen with appear atop your current page. Now on Tap also provides information to you based on you current page. For instance, if you are listening to music on Spotify, this feature can provide articles on information about the band.


Improved Cut and Paste

Highlighting in Marshmallow gives you a set of options (Cut, Paste, Search) right above the text rather than the top of the screen as in previous forms.


Voice Search on Lock Screen

Before, the only task available directly from the lock screen were the camera and emergency calls. However, Marshmallow now allows a Google voice search-no password or login required. This is a great feature when you want to look something up real quick.


Check if your Security is Up-to-Date

If your device is participating in monthly update regimes, you will be able to check its status by going into Settings>About tablet and checking “Android security patch level.” This will tell you the last time you have received an Android security patch.  Participation among manufacturers and carriers will vary.


App Permissions

Worried about Malware? You should be. The power to prevent individual apps from accessing certain functions on your phone can help. Go to Settings>Apps> [Choose the targeted App]>Permissions.


Google in the Settings Menu

Take care of all your Google settings in one easy to find place. All your account information from the Google Ecosystem can be found in the Settings menu.


Smart Lock

Smart lock allows you to store all you Android app passwords on a Google cloud. With this feature you can keep all your passwords in one secure location by going into Settings>Google>Smart Lock for Passwords. You also have the option of being able to automatically sign in to your accounts or “Never save” for certain accounts such as a banking app.


App Power Saving Exceptions

One great feature is Androids “app standby” mode, which puts inactive apps to sleep to conserve power. If you would like a few apps to keep updating despite this feature you can make exceptions by adding them to a battery optimization exception list. Go into Settings>Battery>Battery Optimization. Use the pull down menu to choose which apps you want optimized (apps set to standby mode) or not optimized (apps functioning at all times).


Easter Egg Game

Find the “hidden” game by going to Settings>About Tablet>Keep tapping The Android Version.


SimpleNote-The Free Note Taking App

For those of you who like to take notes or keep track of items SimpleNote is a cool cloud based note keeping app.  I use it on my iphone as well as on my pc and mac.  It stores your data, and you simply have to login wherever you are to access your information.  You can share lists, post instructions, or publish your thoughts.  Your notes are backed up and if you need to go back to something you can easily do so.  You can search your notes quickly and easily.  There are phone apps for both iOS users as well as Android users.  What’s more important… its FREE!