Android

August 11, 2016

Road Warriors: Beware of ‘Video Jacking’

This post was originally published on this siteA little-known feature of many modern smartphones is their ability to duplicate video on the device’s screen so that it also shows up on a much larger display — like a TV. However, new research shows that this feature may quietly expose users to a simple and cheap new form of digital eavesdropping. Dubbed “video jacking” by its masterminds, the attack uses custom electronics hidden inside what appears to be a USB charging station. As soon as you connect a vulnerable phone to the appropriate USB charging cord, the spy machine splits the phone’s video […]
June 25, 2019

Tracing the Supply Chain Attack on Android

This post was originally published on this siteEarlier this month, Google disclosed that a supply chain attack by one of its vendors resulted in malicious software being pre-installed on millions of new budget Android devices. Google didn’t exactly name those responsible, but said it believes the offending vendor uses the nicknames “Yehuo” or “Blazefire.” What follows is a deep dive into the identity of that Chinese vendor, which appears to have a long and storied history of pushing the envelope on mobile malware. “Yehuo” (野火) is Mandarin for “wildfire,” so one might be forgiven for concluding that Google was perhaps […]