By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

A widely circulating piece of Android malware primarily targeting US-based phones used a clever trick to reinfect one of its targets in a feat that stumped researchers as to precisely how it was pulled off. xHelper came to light last May when a researcher from security firm Malwarebytes published this brief profile. Three months later, Malwarebytes provided a deeper analysis after the company’s Android antivirus app detected xHelper on 33,000 devices mostly located in the US, making the malware one of the top Android threats. The encryption and heavy obfuscation made analysis hard, but Malwarebytes researchers ultimately concluded that the main purpose of the malware was to act as a backdoor that could remotely receive commands and install other apps. On Wednesday, Malwarebytes published a new post that recounted the lengths one Android user took to rid her device of the malicious app. In short, every time she removed two xHelper variants from the device, the malware would reappear on her device within the hour. She reported that even performing a factory reset wasn't enough to make the malware go away. Company researchers initially suspected that pre-installed malware was the culprit. They eventually dropped that theory after the user performed a technique that prevented system apps from running. Malwarebytes analysts later saw the malware indicating that Google Play was the source of the reinfections, but they ruled out this possibility after further investigation. Eventually (and with the help of the Android user), company researchers finally identified the source of the reinfections: several folders on the phone that contained files that, when executed, installed xHelper. All of the folders began with the string com.mufc. To the researchers’ surprise, these folders weren’t removed even though the user performed a factory reset on the device. “This is by far the nastiest infection I have encountered as a mobile malware researcher,” Malwarebytes’ Nathan Collier wrote in Wednesday’s post. “Usually a factory reset, which is the last option, resolves even the worst infection. I cannot recall a time that an infection persisted after a factory reset unless the device came with pre-installed malware.” Hidden inside a directory named com.mufc.umbtts was an Android application package, or APK, that dropped an xHelper variant. The variant, in turn, dropped more malware within seconds. And with that, xHelper once again menaced the user’s device. The user finally rid her device of the malware after using an Android file manager to delete the MUFC folders and all their contents. Because the malware was somehow identifying Google Play as the source of the reinfection, Collier recommends people in a similar position disable the Google Play Store app before removing the folders. There's more posted on OUR FORUM.

It's official. Mobile World Congress, the largest trade show for mobile technology, isn't happening this year. Per a report from Bloomberg, GSMA CEO John Hoffman said that it's now "impossible" for the event to continue due to rising concerns and effects of Coronavirus. Shortly after that initial report came out, the GSMA issued an official press release. It reads: "With due regard to the safe and healthy environment in Barcelona and the host country today, the GSMA has canceled MWC Barcelona 2020 because of the global concern regarding the coronavirus outbreak, travel concern and other circumstances, make it impossible for the GSMA to hold the event. The Host City Parties respect and understand this decision. The GSMA and the Host City Parties will continue to be working in unison and supporting each other for MWC Barcelona 2021 and future editions. Our sympathies at this time are with those affected in China, and all around the world." If you're a little confused by this news, we don't blame you. Just earlier today, the GSMA confirmed that MWC was still taking place despite fears of Coronavirus. However, it was also reported that the organization was actively trying to cancel the trade show, but couldn't as a result of the Spanish government not declaring the virus as a health emergency. Prior to this announcement, we'd seen company after company announces that they were deciding to forgo attending this year's show in an effort to keep the health of its employees safe. This includes the likes of Sony, Nokia, TCL, ZTE, Facebook, Amazon, Apple, and others. Following GSMA's cancellation notice, Microsoft confirmed it will not be present at MWC 2020. "We fully support the GSMA's decision to prioritize the health and welfare of all participants and look forward to sharing Microsoft's latest innovations at a future date," a Microsoft spokesperson said. The decision for GSMA to properly cancel Mobile World Congress isn't all that surprising considering how many attendees were already dropping out and was likely the right call in the grand scheme of things. Even so, it's still a huge blow to the mobile industry. Any planned announcements will now likely come in the form of press releases, so while the information will get out one way or another, there's no getting around the impact of this move. Posted on OUR FORUM.

According to a Wall Street Journal report, the U.S. government officials are claiming Huawei, a phone and telecommunications company with ties to the Chinese government, has the ability to spy on users of mobile phone networks employing Huawei equipment. The claim comes after years of accusations from the U.S. government and repeated denials from Huawei. While Huawei is one of the largest sellers of phones in the world, its original business was building telecommunication networks. However, the U.S. has been wary of allowing Huawei equipment to be incorporated into U.S. telecommunications networks. A 2012 Congressional report effectively banned Huawei from selling the equipment and strongly discouraged U.S. phone companies from selling Huawei phones in their stores. The U.S. wariness comes from concerns regarding Huawei’s ties to the Chinese government—its founder is former Chinese military—and good old-fashioned protectionism. The company has been well positioned provided equipment for the roll-out of affordable and fast 5G networks. “There is no question in my mind that the extra scrutiny Huawei has been under as of late has to do with the political environment between China and the U.S. as well as the high-stakes around AI and 5G,” Lynette Ong, associate professor of Political Science at the University of Toronto, told me via email last year. Ong specializes in Chinese politics and political economy. Last year the U.S. and Huawei traded barbs over the U.S.’s concerns and Huawei’s alleged spying, fraud, and violation of international sanctions against Iran. The furor led to both Australia and New Zealand banning the use of Huawei equipment in telecommunication networks. However some of the largest telecommunication networks in the world, including ones owned by U.K. based Vodafone, and the German Deutsche Telekom AG, currently incorporate Huawei equipment. U.S. officials now claim Huawei has included backdoors into the equipment that effectively allows it to access the same data law enforcement can access. Typically these backdoors, known as “lawful interception interfaces” are used exclusively by law enforcement who must provide warrants to gain access. The equivalent of the old school wiretap, these lawful interception interfaces gives the user of the interface access to any data transmitted over the network, including phone calls and text messages. Looking for more, visit OUR FORUM.

At least four more major participants pulled out of MWC 2020 over the weekend, while restrictions on visitors from China have been tightened. Amazon, Nvidia, Sony, and Viavi have now all confirmed they’ve decided the risk of coronavirus infection is too great for them to allow their formal presence to go ahead. Here are their statements. Amazon: “Due to the outbreak and continued concerns about novel coronavirus, Amazon will withdraw from exhibiting and participating in Mobile World Congress 2020, scheduled for Feb. 24-27 in Barcelona, Spain.” Nvidia: “We’ve informed GSMA, the organizers of MWC Barcelona, that we won’t be sending our employees to this year’s event. Given public health risks around the coronavirus, ensuring the safety of our colleagues, partners, and customers is our highest concern. “MWC Barcelona is one of the world’s most important technology conferences. We’ve been looking forward to sharing our work in AI, 5G, and vRAN with the industry. We regret not attending, but I believe this is the right decision. We’re grateful for GSMA’s leadership and continued efforts to ensure the safety of all attendees.” Sony: “Sony has been closely monitoring the evolving situation following the novel coronavirus outbreak, which was declared a global emergency by the World Health Organization on January 30th, 2020. As we place the utmost importance on the safety and wellbeing of our customers, partners, media, and employees, we have taken the difficult decision to withdraw from exhibiting and participating at MWC 2020 in Barcelona, Spain. “The Sony press conference will now instead take place at the scheduled time of 8:30 am (CET) on February 24, 2020, as a video via our official Xperia YouTube channel to share our exciting product news. Sony would like to thank everyone for their understanding and ongoing support during these challenging times.” Viavi: “After reviewing all available data, VIAVI has chosen to cancel participation in this year’s Mobile World Congress in Barcelona out of an abundance of caution and concern for our employees, customers, and partners.” There are rumors of other cancellations, but none confirmed at the time of writing. Cnet reports that Samsung is still exhibiting, but is acting to protect just its senior execs, which isn’t a great look if it’s true. We asked Samsung for comment and were told that, while there is no official statement, the company is still attending. Keep up to date by visiting OUR FORUM often.

Updating your devices to the latest version of Windows 10 only to discover that your sound and WiFi has stopped working is nothing short of a nightmare. Unfortunately, Windows 10’s monthly updates have been consistently running into such problems and Microsoft’s operating system hasn’t been in a positive light lately. Windows 10 KB4532695 is the latest update that many users installed in a bid to fix File Explorer’s broken search bar, but it reportedly includes a whole raft of other flaws. The problematic update, which was released in late January, is now breaking down even more PCs and causing performance issues. Initially, it appeared that Blue Screen of Death (BSOD) is only hitting a small set of computers, but the problem appears to be widespread now. Several users in our comment section and Microsoft’s forum are pointing the blame at KB4532695 for a Blue Screen of Death (complete crash of the PC) with a critical error message and different stop codes. Users are now also reporting a complete boot failure and significant performance slowdown, which suggests that there are some very nasty gremlins in the works. “Had this exact issue with my PC. Was causing absolute havoc. Couldn’t access the BIOS, couldn’t even get it to install a fresh install of Windows as the system locked and would get stuck in a boot cycle. By some miracle, it booted up randomly on its literal millionth attempt and I restored back to before the update. Hey presto, problem solved,” one user wrote in our comment section. If you have a computer with Sound Blaster (sound cards), installing January optional update could disable it, according to multiple reports. “Soundblaster was working fine and after installing this update is not working anymore. The sound is passing through the motherboard drive (Realtek) instead of Soundblaster. Managed to fix it by setting the sound under Realtek… but Soundblaster is basically useless,” a user said. Some Windows 10 owners with other sound cards are also experiencing audio issues, so it’s possible that the update is not compatible with certain versions of adapters. And there are complaints that Windows 10 KB4532695 fails to install with generic error messages. According to a system administrator, Windows 10 may have lost track of where .NET are installed and disabling the feature before installing the patch resolves the installation problems. Follow this on OUR FORUM.

It’s not every day that an operating system retires. Windows 7 reaching end of support status on January 14 has been very much the biggest news story in technology this year. The deadline had users finally saying goodbye to the classic OS and upgrading to Windows 10, companies rushing out to buy new hardware, and people speaking their minds about how they felt about leaving their favorite platform behind — Windows 7 was even trending on social media! But perhaps the most surprising voices are the ones demanding Microsoft to open-source Windows 7 and release the OS as free software, allowing the community to maintain it. With one of the most popular versions of Windows has reached the end of life, it is only logical that users have a strong attachment to it. After all, Windows 7 still works perfectly fine on older hardware and has that near perfect balance of performance, features and looks that these users require. This very much is the opinion of the Free Software Foundation. Founded by Richard Stallman in 1985, FSF has a history of agitating against Microsoft and its use of proprietary software licenses. In fact, at the launch of Windows 7, the organization urged customers to ditch the OS and hop onto free operating systems. They even started this controversial campaign called Windows 7 Sins. It accused the company of poisoning education, invading privacy, monopolistic behavior, vendor lock-in, abusing standards, enforcing DRM and even threatening user security. Stallman retired from FSF last year, but the organization continues to fault the Redmond based technology giant of way too many wrongdoings with Windows 7. Now, on the eve of the Windows 7 retirement, the organization is back, saying there is a chance for Microsoft to make amends. The FSF gang wants to persuade Microsoft to make Windows 7 open source for the community. It asks for Microsoft to open source Windows 7 under a free license like the GNU Public License (GPL), which Stallman created. This, they say, will enable the community to study and improve the operating system, and keep it updated with new features and security fixes. They point out that the company has nothing to lose if they release the source code of the operating system as it has reached the end of life. The campaign set a modest goal of 7,777 signatures, which it whizzed by really, really quick. As of this writing, more than twelve thousand people have signed it, even as we have no official response from Microsoft.Even with Microsoft embracing open source and Linux recently, releasing the source code of something as complex as Windows 7 borders on the impossible at least in the medium term. This may change in the future, but the company is unlikely to cave in to these demands now. There is so much more posted on OUR FORUM.

 

Translate