According to the commission, this vulnerability can lead to
unwanted app installations and code execution.
In an advisory, it said, “Meanwhile, NCC-CSIRT also advised
users to update their Galaxy App Store following the discovery of multiple
vulnerabilities in the Samsung Galaxy App Store Application can lead to
unwanted app installations and code execution.
“It disclosed that Ken Gannon, a cybersecurity researcher
from NCC Group, discovered the vulnerabilities in the Galaxy App Store
application on Samsung devices that are running Android 12 and older.”
The advisory also warned against attackers using Microsoft
OneNote attachments in phishing emails that infect victims with remote access
malware, which may allow hackers to remotely access vital information on a
victims’ devices.
The team advised users not to open files from people they do
not know as such attachments may damage their computer or files.
It said, “The Team advised users not open files from people
they do not know, not to click ‘OK’ and immediately exit the application if
they receive a warning that opening an attachment or link can damage their
computer or files and to promptly share an unknown email they believe to be
genuine with a security or Windows administrator to assist in determining
whether the file is secure.
“It had recently advised people not to open attachments in
suspicious emails and to only purchase or download applications from official
websites in response to the discovery of phishing malware that can gain
unauthorized access to sensitive user data and download further malware.”
The NCC-CSIRT explained that the malware is a remote access
tool that easily controls a victim’s Personal Computers and may allow attackers
to remotely control any compromised computer’s mouse and keyboard, accessing
the system’s file management and history and might even execute commands
allowing them to install additional malware.
It further added that the ‘CRAFTED’ website spreading the
malware is still online and claims to be home to a new NFT card game built
around the Pokemon franchise, offering users strategic fun together with NFT
investment profits.
It added, “In a related advisory, following the discovery of
several phishing apps on the Google Play Store, NCC-CSIRT had also advised
users not to give out sensitive information through untrusted platforms.
“NCC-CSIRT’s advisory on the discovery said the apps, which
have been downloaded 450, 000 times in total, can be games or investment
services, but that they are designed to steal sensitive user information.
“While some of the malicious apps have been removed, others
are still active on the store, with the affected apps listed as Golden Hunt,
Reflector, Seven Golden Wolf Blackjack, Unlimited Score, Big Decisions, Jewel
Sea, Lux Fruits Game, Lucky Clover, King Blitz, and Lucky Hammer.”
0 comments:
Post a Comment