AGL 37.94 Decreased By ▼ -0.54 (-1.4%)
AIRLINK 193.91 Decreased By ▼ -9.11 (-4.49%)
BOP 9.32 Decreased By ▼ -0.85 (-8.36%)
CNERGY 5.84 Decreased By ▼ -0.70 (-10.7%)
DCL 8.68 Decreased By ▼ -0.90 (-9.39%)
DFML 36.46 Decreased By ▼ -3.56 (-8.9%)
DGKC 92.54 Decreased By ▼ -5.54 (-5.65%)
FCCL 33.97 Decreased By ▼ -0.99 (-2.83%)
FFBL 82.30 Decreased By ▼ -4.13 (-4.78%)
FFL 12.75 Decreased By ▼ -1.15 (-8.27%)
HUBC 120.61 Decreased By ▼ -10.96 (-8.33%)
HUMNL 13.60 Decreased By ▼ -0.42 (-3%)
KEL 5.22 Decreased By ▼ -0.39 (-6.95%)
KOSM 6.52 Decreased By ▼ -0.75 (-10.32%)
MLCF 42.11 Decreased By ▼ -3.48 (-7.63%)
NBP 59.81 Decreased By ▼ -6.57 (-9.9%)
OGDC 211.17 Decreased By ▼ -9.59 (-4.34%)
PAEL 37.58 Decreased By ▼ -0.90 (-2.34%)
PIBTL 8.07 Decreased By ▼ -0.84 (-9.43%)
PPL 190.32 Decreased By ▼ -7.56 (-3.82%)
PRL 38.17 Decreased By ▼ -0.86 (-2.2%)
PTC 23.45 Decreased By ▼ -2.02 (-7.93%)
SEARL 97.94 Decreased By ▼ -5.11 (-4.96%)
TELE 8.22 Decreased By ▼ -0.80 (-8.87%)
TOMCL 35.03 Decreased By ▼ -1.38 (-3.79%)
TPLP 13.55 Decreased By ▼ -0.20 (-1.45%)
TREET 22.73 Decreased By ▼ -2.39 (-9.51%)
TRG 52.87 Decreased By ▼ -5.17 (-8.91%)
UNITY 32.96 Decreased By ▼ -0.71 (-2.11%)
WTL 1.52 Decreased By ▼ -0.19 (-11.11%)
BR100 11,349 Decreased By -541.2 (-4.55%)
BR30 34,972 Decreased By -2384.1 (-6.38%)
KSE100 106,275 Decreased By -4795.3 (-4.32%)
KSE30 33,353 Decreased By -1555.7 (-4.46%)

ISLAMABAD: The National Telecommunication & Information Security Board (NTISB) has warned that Konfety Group targets Android users with “Evil Twin” malicious Play Store apps.

The board issued an advisory which stated that Google Play Store identified and thwarted an active malicious campaign targeting Android users globally. Collectively named as Konfety Apps; this campaign used 250+ Decoy Evil Twin android applications.

The malicious activity is allegedly conducted by the Russian Konfety cybercrime group having ulterior motives primarily backed by monetary gains using advertisement fraud.

The advisory further noted that attackers use advertising campaigns to promote modified APK and redirects users to download malicious apps. Konfety malware involves a dropper APK that further loads an obfuscated stager and back door SDK, making it highly evasive hence difficult to detect. Further, the decoy twin apps used by attackers appear harmless while Evil Twin mimics them to commit ad fraud, install payloads, second stage malwares and code injection etc.

The Board recommended that although Google has removed Konfety apps from its Play Store, however, if any of the attached malicious Konfety apps found installed on smart phones, following remedial measures may be opted: a). Immediately uninstall specific Konfety app. b). Perform a factory reset. c). Take a backup of personal media files (excluding device/system apps). d. Restrict unnecessary apps permission and set to while using App only. e). Download and install software only from official app stores like Play Store or the IOS App Store. f. Keep your smart phone, OS and apps updated. g. Regularly check the smart devices/Wi-Fi data usage of apps installed on smart devices. h. Use a reputed anti-virus and internet security software package on your smart devices.

The board issued another advisory which stated that Google has released Chrome browser version 126 with security updates to address 10 vulnerabilities.

Majority of the vulnerabilities are high-severity memory issues potentially leading to Sandbox Escapes and Remote Code Execution. Fixes include flaws in V8’s Implementation, Type Confusion and Use-After-Free bugs in Screen Capture, Media Stream, Audio and Navigation. Google also addressed Race Condition in DevTools and an Out-of-Bound memory access in V8. No exploits in the wild are reported but users are urged to update promptly.

To safeguard against Chrome vulnerabilities, users are advised to ensure that Google Chrome browser is updated to following versions (by navigating to Setting>About Chrome and Re-launching the browser): a. Version 126.0.6478.182 or later on Windows/Linux b. Version 126.0.6478.183 or later on macOS c. Version 126.0.6478.186 or later on Android.

Copyright Business Recorder, 2024

Comments

Comments are closed.