Connect with us

Apps

Android Trojan Mimics User Clicks to Download Malware

Published

on

Android users have been exposed to a new malicious app imitating Adobe Flash Player that serves as a potential entrance for many types of dangerous malware. The application, detected by ESET security software as Android/TrojanDownloader.Agent.JI, tricks its victims into granting it special permissions in the Android accessibility menu and uses these to download and execute additional malware of the attackers’ choice.

According to ESET’s analysis, the trojan targets devices running Android, including the latest versions. It is distributed via compromised websites, including social media sites. Under the pretense of safety measures, the websites lure users into downloading a fake Adobe Flash Player update. If the victim falls for the legitimate-looking update screen and runs the installation, they have more deceptive screens to look forward to.

How does it work?
The next phony screen pops up following successful installation, claiming “too much consumption of energy” and urging the user to turn on a fake “Saving Battery” mode. Like most malicious pop ups, the message won’t stop appearing until the victim gives in and agrees to enable the service. This opens the Android Accessibility menu, showing a list of services with accessibility functions.

Picture1

Among the legitimate ones, a new service (created by the malware during installation) named “Saving battery” appears. The service then requests permissions to monitor users actions, Retrieve window content and Turn on Explore by Touch – all crucial for future malicious activity, enabling the attacker to mimic the user’s clicks and select anything displayed on users screen.

Picture2

Once the service is enabled, the fake Flash Player icon hides from the user. However, in the background, the malware is busy contacting its C&C server and providing it with information about the attacked device. The server responds with a URL leading to a malicious app of the cybercriminals’ choice – in the detected case, a banking malware (though it could be any malware ranging from adware through spyware, and on to ransomware). After acquiring the malicious link, the compromised device displays a bogus lock screen with no option to close it, covering the ongoing malicious activity beneath it.

Picture3

This is when the permission to mimic the user’s clicks comes in handy – the malware is now free to download, install, execute and activate device administrator rights for additional malware without the user’s consent, all while remaining unseen under the fake lock screen. After the app’s secret shenanigans are done, the overlay screen disappears and the user is able to resume using their mobile device – now compromised by the downloaded malware.

Picture4

Has my device been infected? How do I clean it?
If users think that they might have installed this fake Flash Player update in the past, they can easily verify by checking for ‘Saving Battery’ under Services in the Accessibility menu. If listed under the services, their device may very well be infected. Denying the service its permissions will only bring users back to the first pop up screen and will not get rid of Android/TrojanDownloader.Agent.JI.

To remove the downloader, try manually uninstalling the app from Settings -> Application Manager -> Flash-Player. In some instances, the downloader also requests the user to activate Device administrator rights. If that turns out to be the case and user can’t uninstall the app, deactivate the administrator rights by going to Settings -> Security -> Flash-Player and then proceed with uninstalling.

Even after doing so, the device might still be infected by countless malicious apps installed by the downloader. To make sure the device is clean, ESET recommends using a reputable mobile security app, such as ESET Mobile Security & Antivirus, as a hassle-free way to detect and remove threats.

How to stay safe
To avoid dealing with the consequences of nasty mobile malware, prevention is always the key. Apart from sticking to trustworthy websites, there are a couple more things users can do to stay safe.

If downloading apps or updates on browser, always check the URL address to make sure it’s installing from the intended source. In this particular case, the only safe place to get Adobe Flash Player update is from the official Adobe website.

After running anything installed on a mobile device, pay attention to what permissions and rights it requests. If an app asks for permissions that don’t seem adequate to its function, don’t enable these without double checking.

Last but not least, even if all else fails, a reputable mobile security solution will protect your device from active threats.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Apps

Apple Invites App Simplifies Gathering for Special Occasions

Published

on

Apple today introduced Apple Invites, a new app for iPhone that helps users create custom invitations to gather friends and family for any occasion. With Apple Invites, users can create and easily share invitations, RSVP, contribute to Shared Albums, and engage with Apple Music playlists. Starting today, users can download Apple Invites from the App Store, or access it on the web through icloud.com/ae/invites. iCloud+ subscribers can create invitations, and anyone can RSVP, regardless of whether they have an Apple Account or Apple device.

“With Apple Invites, an event comes to life from the moment the invitation is created, and users can share lasting memories even after they get together,” said Brent Chiu-Watson, Apple’s senior director of Worldwide Product Marketing for Apps and iCloud. “Apple Invites brings together capabilities our users already know and love across iPhone, iCloud, and Apple Music, making it easy to plan special events.”

To get started with Apple Invites, users can choose an image from their photo library or the app’s gallery of backgrounds — a curated collection of images representing different occasions and event themes. Integrations with Maps and Weather give guests directions to the event and the forecast for that day.

Additionally, participants can easily contribute photos and videos to a dedicated Shared Album within each invite to help preserve memories and relive the event. Collaborative playlists allow Apple Music subscribers to create a curated event soundtrack that guests can access right from Apple Invites.

With Apple Intelligence, creating unique event invitations is easy. Users can tap into the built-in Image Playground experience to produce original images using concepts, descriptions, and people from their photo library. When composing invitations, users can use Writing Tools to help find just the right turn of phrase to meet the moment.

Hosts get full control of their invite experience: They can easily view and manage their events, share invitations with a link, review RSVPs, and choose the details they want included in the preview, like the event background or a home address. Guests can view and respond to an invitation using the new iPhone app or on the web without needing an iCloud+ subscription or an Apple Account. Attendees control how their details show up to others, and have the ability to leave or report an event at any time.

In addition to event creation in Apple Invites, iCloud+ subscribers have access to many more premium features:

  • Expanded storage allows users to keep large libraries of original, high-resolution photos, videos, and files safe in iCloud, and easily accessible across all of their devices and the web.
  • Private Relay keeps browsing in Safari entirely private from network providers, websites, and even Apple.
  • Hide My Email generates unique, random email addresses whenever needed.
  • HomeKit Secure Video allows users to capture and review home security footage in an end-to-end encrypted format.
  • Custom email domains enable users to personalize their iCloud email addresses.
  • Family Sharing allows users to share their iCloud+ subscription with up to five people at no extra cost.

Apple Invites is available today as a free download from the App Store for all iPhone models running iOS 18 or later.

Continue Reading

Apps

Elgato Launches Wave Link 2.0

Published

on

Elgato has unveiled Wave Link 2.0, the next-generation evolution of its acclaimed audio management software, packed with groundbreaking features and significant quality-of-life upgrades. Designed to address the challenges content creators, streamers, and digital professionals face, Wave Link 2.0 introduces tools like Voice Focus and One-Click Audio Routing, setting a new standard for audio control and customisation.

One of the standout features of Wave Link 2.0 is Voice Focus, a cutting-edge vocal enhancement tool developed in collaboration with ai|coustics. Leveraging advanced machine learning technology, Voice Focus eliminates unwanted background noise, room reverb, and echo while isolating the user’s voice for crystal-clear audio. This tool is a game-changer for creators working in less-than-ideal acoustic environments, delivering professional-grade sound quality in seconds—without the need for complex audio configurations. Whether streaming, podcasting, or participating in virtual meetings, Voice Focus ensures users sound polished and professional, even in spaces with poor acoustics. It’s an ideal solution for those who lack the time or expertise to fine-tune audio settings manually.

Wave Link 2.0 also introduces One-Click Audio Routing, a feature that revolutionises how users manage multiple audio channels. With just a single click, users can assign apps to specific channels, streamlining setup while maintaining flexibility. Additional enhancements like App Grouping, Input Channel Renaming, and Channel Hiding further improve organisation and usability, allowing creators to focus on their content rather than troubleshooting their audio setup.

These updates make Wave Link 2.0 an intuitive and efficient tool for managing complex audio workflows, ensuring a seamless experience for both beginners and seasoned professionals. Wave Link 2.0 doesn’t stop at routing and vocal enhancements—it also offers a suite of professional-grade audio effects. Built-in tools like Compressor, De-Esser, Equaliser, and ReverbFX enable precise audio tuning, while support for third-party VST2, VST3, and AU plugins opens up endless possibilities for sonic customisation.

For creators seeking ready-made solutions, the Elgato Marketplace provides a growing library of digital assets, including presets and tools from top creators like EposVox and Harris Heller. Once effects are applied, the built-in Sound Check tool allows users to preview their settings and make final adjustments, ensuring their audio is polished before going live.

As part of the Elgato ecosystem, Wave Link 2.0 integrates seamlessly with Stream Deck, taking audio control to the next level. Users can export their Wave Link settings to Stream Deck with a single click, transforming the device into a hardware mixer-like interface. This integration eliminates the need to navigate software during critical moments, allowing creators to stay focused on their content and audience.

With its innovative features and user-centric design, Wave Link 2.0 redefines what’s possible in audio management. From Voice Focus’s studio-quality vocal enhancements to One-Click Audio Routing’s streamlined setup, Elgato continues to empower creators and professionals with tools that elevate their craft. Wave Link 2.0 is now available, offering a transformative audio experience for anyone looking to achieve exceptional sound quality with ease. Whether you’re a streamer, podcaster, or digital professional, Wave Link 2.0 is poised to become an essential part of your creative toolkit.

Continue Reading

Apps

Meta AI Officially Launches in the MENA Region

Published

on

Meta has announced the expansion of its AI assistant, Meta AI, to the Middle East and North Africa, empowering users in the region with a tool to learn, create and connect to the things and people they care about most. The feature is gradually rolling out across the region, with full accessibility already available in key markets including the United Arab Emirates, Saudi Arabia, Egypt, Morocco, and Iraq.

Conveniently located across Meta’s family of apps – Facebook, Instagram, WhatsApp and Messenger – Meta AI is easily accessible through its blue circle icon within Meta’s apps and requires no prior registration. It can also be used in group chats by simply typing ‘@Meta AI,’ making it ideal for quick research, brainstorming, and planning with friends. For instance, users planning a spring trip with their families and seeking ideas for island destinations within a maximum six-hour flight from the UAE can simply mention @Meta AI in the group chat, and it will provide a tailored list of suggestions in real time for the group to discuss.

Meta AI is built with state-of-the-art Llama 3.2, Meta’s largest and most capable open-source large language model, and has the capabilities to generate text and create and animate images directly within Meta apps. Users can explore Meta AI’s image-generation Imagine feature by simply typing “Imagine” followed by a detailed description of the image they want to create. For example, typing “Imagine a tiger wearing a vest drinking tea at a café” prompts Meta AI to generate the image in real-time, with the option to animate it. The expansion also introduces support for Arabic, making Meta AI accessible to even more people across the region.

“Meta AI is one of the world’s leading AI assistants already on your phone, in your pocket for free. Combining accessibility with cutting-edge technology, it serves as a gateway to a smarter, more connected life for millions of users in the MENA region. We believe that having a reliable assistant will be one of the defining benefits of this generation of AI. With Meta AI on track to become the most used AI assistant in the world by the end of the year, we’re excited to bring its transformative potential to communities across the region,” says Fares Akkad, Regional Director for Middle East and Africa at Meta.

To celebrate the arrival of Meta AI in the Middle East and North Africa, Meta is launching “Elevating Every Moment”—a content series designed to help users unlock the full potential of Meta AI. Through helpful tips, practical use cases, and deep dives, the series will feature collaborations with regional creators on Instagram. Additionally, Meta will roll out an educational series on its official Meta Arabia page, offering guidance on crafting effective prompts to assist with everyday tasks, whether professional or personal.

“We’re seeing people use Meta AI to dive deep into projects that spark their interest, get help with how-to tasks, and use the assistant for guidance on things like art projects, home decor, outfit inspiration, and more. Image generation has been especially popular and I’m excited to see how people in our region will find new, creative ways to make the most of what AI can offer,” said Akkad.

Meta AI is designed to be intuitive, offering a wealth of opportunities to enhance daily life. Following this gradual rollout, users in the region can look forward to more visionary and advanced multimodal features on the horizon. These include simultaneous dubbing for Reels content, real-life image editing, and the “Imagine Me” feature, which generates personalized portraits that can be edited in real-time. Additionally, Meta AI will soon integrate advanced tools to help users craft captions for their posts, making creativity and connection easier than ever.

Meta AI claims it is on track to become the world’s most-used AI assistant by the end of the year, with nearly 700 million active monthly users and availability in 42 countries and 13 languages.

Continue Reading
Advertisement
Advertisement

Latest Reviews

Follow us on Facebook