Fannie Zemlak

Fannie Zemlak

1596009480

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

In this in-depth Threatpost podcast Christoph Hebeisen, who leads the Security Intelligence Research Division at Lookout, shares a behind-the-scenes look at how his team discovered and tracked three never-before-seen surveillanceware tools, dubbed SilkBean, GoldenEagle and CarbonSteal.

Hebeisen walks listeners through what these new tools are and how they were used in a seven-year long surveillanceware campaign against the Uyghur ethnic minority group. Also discussed are the threat actor’s methods and procedures and why the mobile landscape is becoming a popular targets for advanced persistent threat actors.

Below find a lightly edited transcript of this podcast.

Lindsey O’Donnell-Welch: Hi all this is Lindsey O’Donnell-Welch with Threatpost and I’m here today talking with Christoph Hebeisen with Lookout about a new surveillance campaign that Lookout researchers recently uncovered earlier in July. So just for some background, Christoph leads the Security Intelligence Research Division at lookout. And in this role, he oversees the company’s suite of research activities like covering malware, device compromises, network threats, phishing and threat intelligence services. So, Christoph, thanks so much for joining us today. How are you doing?

Christoph Hebeisen: I’m doing fine. Thank you.

LO: Good. Well, we really appreciate you coming onto the show today and talking about this new surveillanceware campaign. So Lookout discovered it uses kind of a slew of Android surveillance software tools to spy on an ethnic minority group called the Uyghurs. And this campaign was only disclosed last week, but it goes all the way back to 2013. So tell us a little bit about the story behind the scenes here from the perspective of Lookout’s research team, what was kind of the process of uncovering this campaign and really getting into it and analyzing it. And you know, when did it really first appear on your radar?

**CH: **Yeah, this this is actually a very fascinating story, because we found various pieces of surveillanceware over time, but we didn’t initially realize that they were all connected, and were all coming from the same actor. We have certainly been tracking this since 2015. We have samples in our database that, as you said, go back to 2013 and actually all the way back to 2012. But we think that those are probably test samples. So we pegged the start of the actual campaign to 2013. There’s a little bit of fuzziness in that.

The campaign really started to take shape in our view of all of this in late 2019, when we were looking into the SilkBean family in particular, when we started looking deep into the infrastructure involved in SilkBean, we found many connections to the other malware families involved in this and this whole web of interconnections started to unravel. And that is when the campaign took shape for us. That said, the malware families individually we had known about for a long time, we hadn’t talked about them publicly, because it wasn’t such an interesting story while they were all standing in isolation.

**LO: **No, that’s really interesting too. And I know that there have been a couple of different spyware, Android tools that were wrapped up in this as well. So how did the campaign really evolve over time?

CH: So as I already mentioned, the earliest samples started showing up in 2012, and we believe that, that the production samples that were actually used in the campaign are from 2013. The same year in 2013, Citizen Lab actually reported on a single malware family sample being used against the Tibetan government in exile. And we later connected that sample to the DoubleAgent family, so we know there was activity there. At that time, we saw a great spike in activity actually in 2015, 2016, which kind of aligned with a new national security law that China issued at the time, and also what they called an anti-terrorism campaign that got started in 2014. So that’s an interesting correlation to see there.

#mobile security #newsmaker interviews #podcasts #android #c2 #carbonsteal #goldeneagle #silkbean #spyware #surveillanceware #uyghur

What is GEEK

Buddha Community

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware
Fannie Zemlak

Fannie Zemlak

1596009480

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

In this in-depth Threatpost podcast Christoph Hebeisen, who leads the Security Intelligence Research Division at Lookout, shares a behind-the-scenes look at how his team discovered and tracked three never-before-seen surveillanceware tools, dubbed SilkBean, GoldenEagle and CarbonSteal.

Hebeisen walks listeners through what these new tools are and how they were used in a seven-year long surveillanceware campaign against the Uyghur ethnic minority group. Also discussed are the threat actor’s methods and procedures and why the mobile landscape is becoming a popular targets for advanced persistent threat actors.

Below find a lightly edited transcript of this podcast.

Lindsey O’Donnell-Welch: Hi all this is Lindsey O’Donnell-Welch with Threatpost and I’m here today talking with Christoph Hebeisen with Lookout about a new surveillance campaign that Lookout researchers recently uncovered earlier in July. So just for some background, Christoph leads the Security Intelligence Research Division at lookout. And in this role, he oversees the company’s suite of research activities like covering malware, device compromises, network threats, phishing and threat intelligence services. So, Christoph, thanks so much for joining us today. How are you doing?

Christoph Hebeisen: I’m doing fine. Thank you.

LO: Good. Well, we really appreciate you coming onto the show today and talking about this new surveillanceware campaign. So Lookout discovered it uses kind of a slew of Android surveillance software tools to spy on an ethnic minority group called the Uyghurs. And this campaign was only disclosed last week, but it goes all the way back to 2013. So tell us a little bit about the story behind the scenes here from the perspective of Lookout’s research team, what was kind of the process of uncovering this campaign and really getting into it and analyzing it. And you know, when did it really first appear on your radar?

**CH: **Yeah, this this is actually a very fascinating story, because we found various pieces of surveillanceware over time, but we didn’t initially realize that they were all connected, and were all coming from the same actor. We have certainly been tracking this since 2015. We have samples in our database that, as you said, go back to 2013 and actually all the way back to 2012. But we think that those are probably test samples. So we pegged the start of the actual campaign to 2013. There’s a little bit of fuzziness in that.

The campaign really started to take shape in our view of all of this in late 2019, when we were looking into the SilkBean family in particular, when we started looking deep into the infrastructure involved in SilkBean, we found many connections to the other malware families involved in this and this whole web of interconnections started to unravel. And that is when the campaign took shape for us. That said, the malware families individually we had known about for a long time, we hadn’t talked about them publicly, because it wasn’t such an interesting story while they were all standing in isolation.

**LO: **No, that’s really interesting too. And I know that there have been a couple of different spyware, Android tools that were wrapped up in this as well. So how did the campaign really evolve over time?

CH: So as I already mentioned, the earliest samples started showing up in 2012, and we believe that, that the production samples that were actually used in the campaign are from 2013. The same year in 2013, Citizen Lab actually reported on a single malware family sample being used against the Tibetan government in exile. And we later connected that sample to the DoubleAgent family, so we know there was activity there. At that time, we saw a great spike in activity actually in 2015, 2016, which kind of aligned with a new national security law that China issued at the time, and also what they called an anti-terrorism campaign that got started in 2014. So that’s an interesting correlation to see there.

#mobile security #newsmaker interviews #podcasts #android #c2 #carbonsteal #goldeneagle #silkbean #spyware #surveillanceware #uyghur

Rahim Makhani

Rahim Makhani

1616669264

On-Demand Mobile App Development Services in USA

Mobile apps are developing day-by-day and the usage of mobile apps is also increasing. There are many mobile app development company that are providing services for on-demand mobile app development services.

One of the leading mobile app development company in the USA is Nevina Infotech. It is the best known for providing on-demand app development services till now.

Our On-Demand Mobile App Development Services:-

iPhone App Development
Android App Development
iPad App Development
Game App Development
ionic App Development
Wearable App Development
Flutter App Development

#mobile app development company #mobile app development services #mobile application development services #mobile application development company #mobile app development company usa

Fannie Zemlak

Fannie Zemlak

1599854400

What's new in the go 1.15

Go announced Go 1.15 version on 11 Aug 2020. Highlighted updates and features include Substantial improvements to the Go linker, Improved allocation for small objects at high core counts, X.509 CommonName deprecation, GOPROXY supports skipping proxies that return errors, New embedded tzdata package, Several Core Library improvements and more.

As Go promise for maintaining backward compatibility. After upgrading to the latest Go 1.15 version, almost all existing Golang applications or programs continue to compile and run as older Golang version.

#go #golang #go 1.15 #go features #go improvement #go package #go new features

Harry Patel

Harry Patel

1607076347

Mobile Websites Development or Building Mobile App for Business?

What is more vital for a business, mobile website development or building a mobile app specifically designed and developed for particular businesses needs and requirements, and marketer trends. It is important to understand what are trends are going on in the market, and incorporating those trends in the digital products helps a lot in building a great relationship with our consumers.

Although there is confusion to choose which digital products would be a good fit for your business, according to my experience, I would suggest businesses to develop mobile websites, as they are more reliable and secured for their targeted audience, mobile apps are also a good medium of engaging with the targeting audience, but sometimes mobile’s notification, security guidelines irritate a lot to its users, and therefore several times this user uninstalls those mobile applications, which can be reduced if we use mobile websites, there are no such things, that can annoy users if they are on mobile websites.

Now as we know mobile websites perform well and appeal more to the targeted audience, how to find those leading mobile website development companies around us, like mobile website development Chicago, if your business is an operation in Chicago or neighbor regions, as I have been functioning as a mobile websites developer in the USA for 7 years, I am well aware of the local companies operations, and how and what approached they use in the mobile website development process.

Mobile website development is a wide topic to cover, though there are a few areas that many mobile website development firms ignore while developing these mobile websites for business, which I feel hold a major proportion in the development approach of mobile websites.

  • Consistency is Navigations
  • Weak Coding Foundation
  • Implementing Heavy Layouts

These 3 factors I feel the most ignored aspects of mobile website development for businesses, and more mobile website development firms don’t focus on these prospects and that leads to huge loss to those businesses mobile websites.

  • Consistency in Navigations

Several times because of workload and the near deadline mobile website designer ignores this vital part of building a mobile website, consistency in the navigational area are the reasons of not getting much engagement on your mobile website.

Because, if users would not be satisfied with the designs & the navigations, how they will operate and interact with a mobile website, as they don’t understand what buttons take you where.

  • Weak Coding Foundation

Development of mobile websites relies on coding structure and how they have been made for the users, if a mobile web developer have did an error while building the foundation of the coding structure, that error will enlarge at the end of the product summarizing part, and it will cost huge in the overall performance of a mobile web site.

As you know how much foundation is useful in anything, if the foundation was not done rightly, your product is going to fail measurably.

  • Implementing Heavy Layouts

Mobile web designers from companies or individual mobile web designers always did this simple mistake while designing a mobile website, they integrated heavy designing layouts in the simple backed developed mobile websites, and therefore their these experiments fail at a level, they would not able to resolve that issue.

furthermore, incorporating these types of layouts causes loading speed a lot, and that’s what makes this mobile website load slower, and it is not required, as mobile websites are meant to work faster than ordinary websites.

These are the major consideration a business should bear in mind while designing a mobile website for their business, as these hold much potential if your business will succeed online or not.

#mobile websites development or building mobile app for business? #mobile website development company chicago #mobile website development chicago company #mobile website development chicago

German Donnelly

German Donnelly

1592056680

Android 'ActionSpy' Malware Targets Turkic Minority Group

Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. The spyware is distributed either via watering-hole websites or fake websites.

Researchers believe ActionSpy is being used in ongoing campaigns to target Uyghur victims. The Uyghurs, a Turkic minority ethnic group affiliated with Central and East Asia, have previously been targeted in spyware attacks. Though they first discovered the spyware in April 2020, researchers believe ActionSpy has existed for at least three years based on its certificate sign time.

“ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” said researchers with Trend Micro in a Thursday analysis. “It also has a module designed for spying on instant messages… and collecting chat logs from four different instant messaging applications

#malware #mobile security #vulnerabilities #web security #andoird actionspy #android #code #earth empusa #email #mobile app #phishing attack #spyware #watering hole attack