New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. The spyware can only be installed as a 'System Update' app available via third-party Android app stores as it was never available on Google's Play Store. This drastically limits the number of devices it can infect, given that most experienced users will most likely avoid installing it in the first place. The malware also lacks a method to infect other Android devices on its own, adding to its limited spreading capabilities.
However, when it comes to stealing your data, this remote access trojan (RAT) can collect and exfiltrate an extensive array of information to its command-and-control server. Zimperium researchers who spotted it observed it while "stealing data, messages, images and taking control of Android phones."
"Once in control, hackers can record audio and phone calls, take photos, review browser history, access WhatsApp messages, and more," they added. Zimperium said its extensive range of data theft capabilities includes:
Once installed on an Android device, the malware will send several pieces of info to its Firebase command-and-control (C2) server, including storage stats, the internet connection type, and the presence of various apps such as WhatsApp. The spyware harvests data directly if it has root access or will use Accessibility Services after tricking the victims into enabling the feature on the compromised device. It will also scan the external storage for any stored or cached data, harvest it, and deliver it to the C2 servers when the user connects to a Wi-Fi network. Unlike other malware designed to steal data, this one will get triggered using Android's contentObserver and Broadcast receivers only when some conditions are met, like the addition of a new contact, new text messages, or new apps being installed.
"Commands received through the Firebase messaging service initiate actions such as recording of audio from the microphone and exfiltration of data such as SMS messages," Zimperium said.
"The Firebase communication is only used to issue the commands, and a dedicated C&C server is used to collect the stolen data by using a POST request."
The malware will also display fake "Searching for the update.." system update notifications when it receives new commands from its masters to camouflage its malicious activity. The spyware also conceals its presence on infected Android devices by hiding the icon from the drawer/menu. To further evade detection, it will only steal thumbnails of videos and images it finds, thus reducing the victims' bandwidth consumption to avoid drawing their attention to the background data exfiltration activity. Unlike other malware that harvests data in bulk, this one will also make sure that it exfiltrates only the most recent data, collecting location data created and photos taken within the last few minutes.
If you would like to read more helpful articles and tips about various software and hardware visit errortools.com daily.
Windows 10 isn’t activated error occurs when Windows users attempt to upgrade to Windows 10 for free and end up in a non-activated state. It is a Windows 10 activation error affecting PC owners who attempt to upgrade their Windows 7 or Windows 8.1 operating systems. A message box will appear with the following message: “Windows 10 isn’t activated after upgrading for free from Windows 7 SPI or Windows 8.1 update.”
Common symptoms of this error code include the following:
To understand the cause of this activation error, users will need to understand activation within Windows. Activation is a process that allows Windows to verify that you are upgrading your operating system based on the Microsoft Software Licensing Terms. These terms specify, for instance, the number of devices upon which you can use Windows.
Once you have a genuine copy of Windows and you are following the terms mentioned earlier, you should be able to activate and complete the upgrade to Windows 10. However, the activation fails when these conditions are not met. Note also that the error may occur if users fail to upgrade to Windows 10 before reinstalling, requiring them to repeat the installation process by first going back to the previous version of Windows present on their system. Once the upgrade process is not done as should, you might encounter other Windows 10 errors such as error code 0xc0000142
If you see this error code, “Windows 10 isn’t activated after upgrading for free” proceed to rectify it using manual repair methods below.
To fix this activation error code in Windows 10, users will need to employ at least one manual repair procedure. This process can successfully be completed by non-technical Windows users. However, you may also consider getting assistance from a Windows repair technician if you are not certain you have the requisite skills needed to complete the manual repair tasks below.
The main methods to resolve the error code “Windows 10 isn’t activated after upgrading for free from Windows 7 SPI or Windows 8.1 update” is as follows:
If you attempted upgrading for free to Windows 10 and ended up with the activation error you will need to first perform a manual activation. Follow the steps below to complete the process.
The steps above enable users to successfully activate Windows 10 if the issue involves a connection problem. However, if Windows is not activated, it may mean your copy of Windows is not genuine. This may require you purchase a copy of Windows to rectify the issue. However, if you have a genuine copy of Windows proceed by applying the steps found in method two.
A valid product key is one way you can verify your copy of Windows is genuine. This will enable you to complete activation and allow you to access the free upgrade to Windows 10. Follow the steps below.
Error codes in Windows often occur due to poor maintenance of one’s PC. To improve your system and reduce your machine’s risk of experiencing error codes, download a powerful automated tool. This tool is both powerful and user-friendly, making its benefits accessible to even the most non-technical Windows users.
“Connapi.dll Not Found" "This application failed to start because connapi.dll was not found. Re-installing the application may fix this problem." "The file connapi.dll is missing." "Cannot start [APPLICATION]. A required component is missing: connapi.dll. Please install [APPLICATION] again." "Cannot find [PATH]connapi.dll"
ListenToTheRadioNow is a Browser Extension that allegedly lets you listen to radio from your browser. However, all this extension does is add links to the popular radio stations on your home page. This extension hijacks your home page and changes your default search provides to MyWay. While running it monitors browsing data from your browser, mining information such as website visits, clicked links, and sometimes even personal information. This information is later used to display targeted ads through your browser. Several anti-virus scanners have marked this extension as a possible Browser Hijackers, and due to its data mining nature, it is not recommended to keep it on your computer.