Catégories
Non classé

Why These 8 Android Apps Are Dangerous For Your Bank Account

They are all infected with the Joker malware, which could then empty your bank accounts.

It is aptly named. The company Quick Heal Security Labs has revealed that eight applications present on Android are infected with the dreaded Joker malware. According to Presse-Citron , this virus is frequently hidden in apps with the aim of emptying your bank accounts. Google has already been notified of the problem and the infected tools have all been removed from the Android app store. Be careful, however, for people who have already installed them and would not have thought of removing them from their phone.

For users of Auxiliary Message, Fast Magic SMS, Free CamScanner, Super Message, Element Scanner, Go Messages, Travel Wallpapers and Super SMS, it is recommended that you remove these applications from your mobile phone as quickly and completely as possible , since they allow malware to install itself on your mobile system, visit websites, subscribe the victim to paid services or even intercept codes that could allow them to access your banking data.

The Joker malware has already claimed many victims among Play Store users and even managed to infiltrate the Huawei application store , the App Gallery last April , infecting more than 500,000 smartphones from the Chinese manufacturer, reminds 20Minutes . To avoid being confronted with this malware, it is therefore advisable to only download applications from well-known developers and publishers and to avoid those that have just been released on download stores and which offer offers that are too good to be. true.

Catégories
Non classé

WhatsApp: What to know before accepting or rejecting the new terms of use

Owned by Facebook, the application wants to force its 2 billion users to share their data, under penalty of losing access to essential features.

After an outcry – and a massive migration to Signal and Telegram – in January, WhatsApp pushed back by three months the deadline to agree to its new terms of service , which grant it the right to share certain personal data with Facebook . While the reprieve expires this Saturday, the situation has not really changed: in case of refusal, WhatsApp, which Facebook seeks to monetize by allowing businesses to contact users directly, will gradually lose essential functionalities .

What happens if we refuse the new terms of use?

WhatsApp will gradually become unusable. Certainly, Facebook has backed down and will not automatically delete accounts of refractory people. But from Saturday, users who decline the update will no longer be able to access their list of conversations. At first, it will still be possible to answer audio or video calls, as well as messages if notifications are activated.At first, those who decline the update can continue to answer calls or messages. 

But after « a few weeks », the reprieve will be over. The screen inviting to accept the new charter will become permanent, and WhatsApp, an empty shell. Please note, WhatsApp usually deletes an account after 120 days of inactivity. It will therefore be necessary to open the app periodically to avoid deleting the account in the event of refusal of new confitions of use.

What data is shared with Facebook if we accept the new rules?

There are a lot of uncertainties on this point. Most importantly, Facebook cannot read messages, whether sent via Messenger or WhatsApp. They are in effect end-to-end encrypted, and only the sender and the recipient have the key to decrypt them. What changes in a certain way, with the update, is that WhatsApp will be able to share certain information with Facebook: phone number, name, unique smartphone ID and IP address, in particular.

How to delete my account and migrate to an alternative app?

You can back up all your conversations, photos and files to archive them or restore them at a later date in  Settings> Discussions> Backup .

A specific conversation can also be directly exported to another app like Telegram. On Android , in Option (the three dots at the top right)> More> Export chat . On iOS  : tap on the person’s name or the subject of the conversation then on  Export discussion . Be careful, you have to be in contact with the person on both applications to perform the operation, and there are often bugs, especially with grouped chats.

To end it once and for all with WhatsApp, it’s in Settings> My account> Delete my account .https://www.ultimedia.com/deliver/generic/iframe/mdtk/01357940/src/f38kl5/zone/1/showtitle/1/#amp=1

Why such a change?

WhatsApp cost Facebook nearly $ 20 billion in 2014 and still earns almost nothing. Mark Zuckerberg kept his promise not to pollute conversations with advertising, but not to keep a tight wall with Facebook. WhatsApp will thus offer more services – some paid – to businesses to communicate directly with users. An airline could, for example, send a boarding pass to a passenger. Above all, a business will be able to afford an advertisement on Facebook allowing it to send a WhatsApp message to a customer who has clicked on the advertisement.WhatsApp notably allows businesses to converse with its users. – FACEBOOK

Clearly, Facebook needs some WhatsApp data to better monetize its subsidiary. And, by the way, to develop synergies making it more difficult for the dismantling of the group by the American authorities, which opened an antitrust action in December 2020 .

What does the European Union say?

Germany cracked down on Tuesday. Denouncing « confusing and contradictory » terms of use, the Hamburg Data Protection Authority has banned Facebook from processing WhatsApp data for the next three months. This is an emergency measure that is based on the General Data Protection Regulation (GDPR).

Facebook, for its part, certifies that the German gendarme “misunderstood” the new rules and that his decision has “no legitimate basis”. « There will be no impact on the deployment of the update, » says the Californian giant. But Germany seized the European Data Protection Committee in order to obtain a decision applying to all 27. The series is, undoubtedly, not finished.

Catégories
Non classé

Watch out for WhatsApp pink: the update is a virus that is taking control of your phone

WhatsApp messaging users are the object of a malicious attack through a « pink » version of the application which is none other than a virus.

A message has been sent in recent days to many WhatsApp messaging users offering them to switch from green to pink.

A flirtatiousness that could have serious consequences since this update runs the risk of installing a virus that will take control of your phone. 

It was researcher Rajshekhar Rajaharia who launched the alert on Twitter: « Beware of WhatsApp Pink! A virus is spreading within WhatsApp groups with an APK download link. Do not click on a link with the name #WhatsappPink. Full access to your phone will be immediately lost.  » 

The virus will take control of your phone but, above all, it will allow hackers to recover your personal data including bank details.

If you have installed the application, a solution, uninstall it as soon as possible, unlink all Whatsapp web devices, clear your browser cache, check the permissions of all your applications, if one seems suspicious, cancel this authorization.

As a reminder, you should never install APK files directly on your phone but favor downloads directly from platforms such as Google Play Store or Appel Store.

Catégories
Non classé

WhatsApp: A new scam can steal your account

Be careful for WhatsApp messaging users, a scam can deprive you of access to your own account. For the moment, these attempted thefts have been observed mainly among English-speaking users.

How do hackers work? When a user creates their account or installs the application on their phone, they receive a message from WhatsApp giving them a 6-digit code to activate the application. But it also works when users want to “recover” their account.

https://d-19426727932630142890.ampproject.net/2104022034000/frame.html

Fake message

Immediately afterwards, he receives another message from a loved one who alerts: “Sorry, I mistakenly sent you my 6-digit security code. Can you transfer it to me please. It’s urgent ! « .

Except that it was the hackers who hacked your loved one’s account to send this message. If you send him the code, the scammer will be able to install WhatsApp with your number on his own phone. You will no longer have access to your account.

To prevent this account theft, WhatsApp offers to activate two-step verification, which helps strengthen security.

Catégories
Non classé

Why Signal’s latest idea might backfire

MobileCoin

Is the Signal instant messaging app putting its finger in a gear that may overtake it? This is the opinion of some observers, specialists in computer security, after having read the latest initiative of the service , which is still at an experimental stage. Indeed, in the United Kingdom alone, Signal is exploring a payment service called Signal Payments.

“  We want payments in Signal to be fast, private and work well on mobile devices,  ” IM said in an April 6 blog post. And to begin with, the application continues, it is on MobileCoin that it bets. It is a cryptocurrency which, as the name suggests, is thought to be used like digital money on the smartphone.

According to the presentation, MobileCoin includes near instant transactions, in less than ten seconds. It also offers features to easily restore its currencies (MobileCoin currency is called MOB), including in the event of loss of the mobile. Finally, it claims to be eco-responsible: it claims to be much more economical in electricity than other cryptocurrencies, which require energy to operate .

But the specificity that concerns today is its level of confidentiality.

MobileCoin is pleased that  »  the whole ledger [which allows to keep a trace and to follow the transactions with MOB, note] is opaque, the individual transactions are protected by cryptography and the network uses the persistent confidentiality  « . This process prevents the confidentiality of past exchanges from being questioned, even if its cryptography would be compromised.

However, it is precisely the high degree of anonymity that alarms, because in the eyes of some commentators, this could backfire not only against Signal, but also against end-to-end encryption in general. This is what Bruce Schneier, a specialist in computer security and cryptography, argues, in a blog post that was published on April 7. He especially fears the reaction of the authorities.

An unfavorable development for encryption?

“  I think that’s a terribly bad idea. […] The addition of a cryptocurrency to an end-to-end encrypted application blurs the morality of the product, and invites all kinds of government investigations and regulatory interference  , ”anticipates Bruce Schneier. He cites haphazardly the FBI, the tax services, the stock market regulator or even anti-money laundering agencies.null

“  I don’t see any good reason to do this. Secure communications and transactions can be separate applications, or even separate applications within the same organization. End-to-end encryption is already at risk. Signal is the best app we have. Combining it with a cryptocurrency means that the whole system dies if one part dies  ”.

Bruce Schneier’s fears over end-to-end encryption are not a figment of the imagination. As recalled in early March the Electronic Frontier Foundation , a key organization for the defense of digital freedoms, the boss of the FBI again demanded before American parliamentarians a backdoor on end-to-end encryption services, in the name of the fight against crime and terrorism.Leading cryptographers are concerned about the measure’s effects on end-to-end encryption. // Source: Facebook

The request from the current FBI boss is not new: Similar calls were made in 2017 , 2018 and 2020 , to take just a few examples. And this is not a debate specific to the United States: it also exists in France, as evidenced by the regular comments of the former public prosecutor François Molins, certain parliamentary initiatives and the reflections at the level of the government , or in Europe. .

Supporters of end-to-end encryption are already struggling to resist the assaults of those who wish to reduce it, to legitimately fight against crime, child pornography, terrorism and trafficking of all kinds. The arrival of payments will give another pretext to regulate these messaging services, in the name of the fight against mafia financing and money laundering.

In summary, this is Bruce Schneier’s analysis. And he’s not the only one to think so. In Wired , Matthew Green cryptography professor said equally concerned  »  signal as encrypted messaging product is really valuable. […] It terrifies me to see them mix up their history with the legislative and regulatory hell of cryptocurrencies and the vulnerabilities that go with it.  « 

Chance of the calendar, a decree appeared in the French Official Journal on April 4 on a similar theme. It focuses on the fight against the anonymity of virtual assets and anonymous electronic currencies. It provides for a tightening up of the national system for combating money laundering and the financing of terrorism. This decree updates a number of legislative provisions.

Thus, the text “  clarifies the ban on the use of anonymous electronic money for the purchase of digital assets. It also imposes on providers of digital asset services an obligation to identify their customers prior to any occasional transaction  ”. In addition, “  it determines the procedures for verifying the identity of customers […] when entering into a business relationship.  « 

A risk for the moment limited?

Obviously, these issues did not deter Signal from moving in this direction. In any case, the announcement note does not mention it. The mobile app just welcomes explaining that it does not have access to the balance, full transaction history or funds, and that these funds can be transferred at any time to another service or app. .

One thing is certain: the choice of MobileCoin probably owes nothing to chance. Beyond its technical peculiarities, it turns out that the American behind Signal , Moxie Marlinspike – a pseudonym – has served as a technical advisor since the creation of MobileCoin in 2017, and that he was paid for it. He contributed to the technical design of cryptocurrency. However, he assures that he does not have any.Moxie Marlinspike, creator of Signal. // Source: John S. and James L. Knight Foundation

MobileCoin is based on Stellar blockchain technology. This is not based on proof of work – that is, computer calculations to be made – but on a particular type of consensus . This orientation explains why transactions are carried out more quickly, without a heavy energy footprint, by avoiding calling on all the nodes of the network to validate the exchanges, but only a part, some of whom are trusted.

Currently, MobileCoin has been trading on the FTX marketplace since December 2020. The peculiarity of FTX is that it does not allow transactions from US users, which can keep US regulators at bay. But Signal suggests a possible deployment in other marketplaces. And at Wired, a project member suggests arriving in the United States. But it might, in the meantime, frown some eyebrows in others. For example, in the UK, where testing is starting.

Numerama

Catégories
Non classé

Mark Zuckerberg uses Signal

One of the Signal users is Mark Zuckerberg, CEO and founder of Facebook. The billionaire’s phone number was indeed discovered in a huge data breach at Facebook. After entering the number into the Signal app, a computer security expert realized that Zuckerberg was well listed among rival messaging users of WhatsApp and Messenger. 

A few days ago, Alon Gal, head of cybercrime intelligence firm Hudson Rock, discovered a database containing confidential information on 533 million Facebook users . This data was recovered during a hack into the social network. 

This database includes in particular the Facebook identifier, the full name, the date of birth, sometimes the e-mail address, the gender, the date of creation of the account, the place of residence or the telephone number. Among these hacked numbers is the phone number of Mark Zuckerberg , CEO and creator of Facebook.

Mark Zuckerberg is on Signal, the messenger that overshadows WhatsApp and Messenger

Zuckerberg’s phone number was spotted by computer security researcher Dave Walker. On his Twitter account, the expert explains that he discovered the phone number while browsing the database, which appeared on several hacking forums. Other leaked data, including the anniversary date, confirms that it is indeed the founder of Facebook and not a namesake.

Out of curiosity, Dave Walker entered the phone number into the Signal messaging app, a competitor app to WhatsApp and Facebook Messenger. Zuckerberg’s number is well linked to a Signal account. “Mark Zuckerberg also respects his own privacy by using a chat app that has end-to-end encryption and doesn’t belong to Facebook,” laughs Dave Walker.

This discovery is all the more funny since Signal is one of the direct competitors of Facebook Messenger and WhatsApp . Users scalded by Facebook’s privacy practices are turning overwhelmingly to Signal , a messenger that boasts of not collecting user data. Advised by Edward Snowden, the messaging service simply retrieves the telephone number of its users.

If this leak proves that Mark Zuckerberg does have an account on Signal, there is no indication that he is actively using messaging. We imagine that the computer scientist could have installed Signal in order to take a look at the competition.

Catégories
Non classé

WhatsApp will offer customization options for its interface in the hope of keeping its users

WhatsApp is indeed testing a new feature allowing users to customize the colors of the application

The application has lost a large number of users due to its new policy of sharing personal data

A few weeks ago, WhatsApp saw its user numbers skyrocket following its announcement to share certain personal data with Facebook , creating an exodus of its users to Signal . Since then, the messaging application has multiplied its attempts to reconnect with its users via information campaigns or new features and it seems that this continues. According to WABetaInfo , WhatsApp is indeed testing a new feature allowing users to customize the colors of the application.

It is in particular a question of modifying the color of the text, but also of certain icons. Nothing revolutionary, but this aesthetic change shows that Facebook – parent company of WhatsApp – wants to offer more customization options to its users. One way to make the app more user-friendly and to involve members more.

European users protected by the GDPR

Will Facebook manage to make people forget the bad press that WhatsApp has been suffering from for a few weeks with such a feature? Hard to say. From May 15, WhatsApp users will still be forced to accept the new policy of sharing certain personal information between the messaging app and Facebook, at the risk of no longer being able to use all of WhatsApp’s features. .

Remember that the change in WhatsApp data usage policy is less important in Europe. The GDPR protects user data and prevents its commercial reuse. WhatsApp will therefore not be able to share « European user data with Facebook in order to improve the group’s advertisements or commercial products, » a spokesperson for Facebook France said.

Catégories
Non classé

WhatsApp warns users who do not agree to its terms that they will be logged out of the messaging

WhatsApp has established May 15 as the deadline for users to consent to the new privacy policy.

WhatsApp is not taking a break with the implementation of its controversial Terms of Service update. Over the past few days, the platform has sent out notifications warning users of the consequences they face if they do not consent, as the deadline for doing so approaches.

The company has given users until May 15 to agree to the new clauses. Although WhatsApp does not delete the accounts of those who do not follow this step, will be affected by limited functionality of the application.

“ Please accept these updates to continue using WhatsApp, ” read the reminders. “ WhatsApp will not delete your account. However, you will not have all the functionality of WhatsApp until you accept […] For a short time, you will be able to receive calls and notifications, but you will not be able to read or send messages ”, specifies the society.

In addition, in an attempt to calm people down, the platform indicated that it “ is implementing new ways to chat or buy via WhatsApp which are completely optional ”. She also recalls that “ personal messages will always be end-to-end encrypted, so that WhatsApp cannot read or listen to them ”.

The notice regarding the update that WhatsApp sent to users in early January sparked criticism and a massive leak of users to other messaging apps unhappy with how WhatsApp was going to share its data with parent company, Facebook. .

Catégories
Non classé

What will happen on May 15 if you do not agree to the new WhatsApp terms?

WhatsApp has postponed the entry into force of its new terms of service until May 15. Consequences will occur beyond this date for people who do not accept them.null

The good news is that WhatsApp says no accounts will be deleted automatically.  »  If you don’t agree to [the new terms of service] by [May 15], WhatsApp won’t delete your account,   » the company writes. On the other hand, other consequences are to be expected, which could push mobile users to give in and accept them. Indeed, the use of WhatsApp will be restricted.

“  You will only have limited access to WhatsApp features until you accept them,  ” the messenger warns. Thus, calls can be received, just like notifications, but reading or sending messages from the application will no longer be possible. WhatsApp says these limits will apply  »  for a short time,   » without specifying exactly what this covers.

Please note: WhatsApp recalls that its policy on deleting inactive accounts still applies, including after May 15. If the restrictions that WhatsApp provides for people who do not accept its new rules are so painful that they discourage reconnecting to the application, it should be noted that the accounts are then subject to deletion.However, WhatsApp will not facilitate access to the application if the terms of use are not approved.null

“  For security reasons, to limit data retention and to protect the privacy of our users, WhatsApp accounts are typically deleted after 120 days of inactivity. By inactivity, we mean no connection to WhatsApp,  ”we read. It would therefore be necessary to connect to WhatsApp from time to time, even if the application is partially unusable, to avoid this scenario.

After May 15, it will still be possible to approve the updated terms of use, which will fully reactivate the app. WhatsApp can already offer an insert in its messaging system inviting you to accept its new rules to avoid having to wait until the last moment to do so. In the contrary case where people refuse them no matter what, WhatsApp invites them to recover their data.

“  Until May 15, you can export your chat history to Android or iPhone and download a report from your account,  ” writes the platform. It is also possible to delete your account yourself, if you intend, for example, to migrate to Telegram or Signal . WhatsApp warns, however, that there is no going back if you request the deletion of the account.

The mobile application explains that it is not  »   able to undo this operation because it erases your message history, removes you from all your WhatsApp groups and deletes your WhatsApp backups  « . Mobile users now have a little less than three months to take a stand: continue with WhatsApp by accepting its new rules of the game, or else leave

Catégories
Non classé

WhatsApp. A dangerous virus spreads to the mailbox via a download link

WhatsApp instant messaging is the target of highly contagious malware.

Another virus? Yes. Very contagious. And dangerous – at least for your electronic devices. It is spread through a download link on WhatsApp instant messaging. 

Bad times for WhatsApp. After being criticized for its new terms of use , the famous instant messenger is now plagued by malware. A virus with formidable speed of expansion.

It was the cybersecurity researcher Lukas Stefanko d’Eset who raised the alarm. As he explains in the video below, once it has infected a smartphone, this virus automatically sends a tricked download link to received WhatsApp messages, in order to spread.

How? ‘Or’ What ? By impersonating Google Play and an official Huawei application. The download link refers in fact to a fake web page which has the exact appearance of the Google app store and offers to download a supposedly official Huawei app.

And this fake is so well done that you have to be a seasoned user to spot it.

Fake ads and fake pages

During the installation of this fake application, the latter asks to have important access rights.

Thanks to these, the malware will be able to display false advertisements,  but also false login pages to retrieve the identifiers of its victims.

Worse: when receiving a WhatsApp message, the virus will respond automatically with the « quick response » function. His response will consist of the famous tricked download link and the following message: « Download this application and win a smartphone ».

A simple message, but effective, capable of causing quite a few victims among less experienced users. Let us therefore recall here once again the basic rule: no link is clicked, received by email or by courier, without the absolute certainty that it was indeed sent knowingly by one of your contacts – and that this one to you. confirms unambiguously when you ask him the question.