The android users are pretty accustomed to warnings from security researchers even google can take the best effort to check the application involvement in ransomware or any other into the Play Store. 

After the report of the researcher which has a large audience and many android users are evolved in this called SnapTube. This app is basically used to download videos from youtube and Facebook. It was also mentioned that this app is downloaded more than 40 Millions times

This app is totally free to download but it can cost you more than that.

According to the new report of Upstream Systems that the user of a snap tube installed on their smartphone could find himself paying deadly. That is the simple download app quietly signs up users for the premium services without their knowledge.

The above practice is known as “freeware” which means the developer abused the ability for the apps to begin charging users a subscription fee after a trial to test the service.

Google allows third-party developers to charge the credit and debit card which can be saved with your google accounts for some of the most popular services like NetFlix.

The vast majority of users usually uninstall an app when they are not interested or remove the subscription. You might forget that you have even signed up for the trial subscription for the applications and you don’t remove that part and instead remove the application from your phone. When you download a snap tube then it is asking for a premium package and you just go and fill all the details for trial and download the video and after that uninstall the application.

It was estimated that a total of $100 Million has been earned by the snap tube through this fraud method.

When this issue comes to light then the developer of the snap tube said that we are unaware of this issue and they will fix this as soon as possible. And they claim that unwanted charges have been deducted by the third party application.

If you have downloaded the snap tube and see some unusual changes with you account then delete the application and be safe from fraud 

Share your thoughts on this article in the comment section. Thank you for your time.

The post 40 Million Android Snap Tube Application User are at risk : Report appeared first on Vednam.

According to the source it was mentioned that those ethical hackers who can find the vulnerabilities in the new mega source hardware then the defense advanced projects agency (DARPA) will reward with more than just a deep sense of satisfaction. As they say, every flaw can be the chance for the winner to get the cash prize,

On July the bug bounty contest is going to be held and the main reason behind is to check and find the new flaw on the new secure hardware such as computer, chips, and circuits which make it more secure. It was also designed in different ways so that the hacker can rely on being able to undermine the software to gain the unauthorization access to systems and devices will find their attempts stymied.

If this program gets successful then it gets widely adopted. The approach could see the release of the endless software updates to patch the vulnerabilities by threat actors and where they finally draw to close.

DARPA microsystem technology office program manager Keith Rebello mentioned in his comment “ The new hardware could be free from the malicious hackers and gave the legitimate organizations the edge whenever it comes to cybersecurity.

According to the team overall there are 70 percent of the hacking executed due to the hardware vulnerabilities if they know how to fix this then it will be easier to take down a mass hackers on the ground,

The new program executed in 2017 and it was officially called System security integration through the hardware and Firmware or SSITH.DARPA has funded the hardware but the construction is completed and constructed by the researcher and academic. The place called as Massachusetts Institute of technology and the University of Michigan and Lockheed Martin

SSITH will continue for the one or more years which allow vulnerabilities to detected and fixed

if any issues related to the article. Drop your suggestions in the comment box.
Contact at info page: Source

Our new page Source

The post Hacking challenge at Pentagon | Participants get Cash Prize appeared first on Vednam.

This Ransomware named Tycoon that was found in his reference code and researcher said that it was active since December 2019 and this time the work of the cybercriminals is highly selective in targeting the user which they plan to victimize. The Different unique technique is using an uncommon deployment technique that helped to stay inside the machine and compromised networks.

They may try to target the Educational and software organization to clear the mark of attack.

Tycoon Malware is smarter than the rest of the malware because of the unusual form of ransomware because it’s written in java which is deployed as a trojanized Java Runtime Environment and is compiled in the form of Java Image (Jimage) to hide the intention of malware.

The two main methods or you say ‘Unique’ style. First, the java is used to write the malware because it requires the Java Runtime Environment which is able to execute the code, After the second method they used Image files which are rarely used by the attackers.

The researcher said that this is another form of attack which uses the uncommon programming language and obscure data format for vulnerabilities.

The first method of tycoon Ransomware attacks is no more uncommon than the initial intrusion which insecure the internet-facing RDP server. This is a normal common attack for the malware campaigns and it often exploits the server with weak or compromised the weak password.

Once the attacker entered the network which maintained persistence by using images. File Execution options(IFEO) injection settings that more often provide the developer with the ability to debug software. The attackers also use privileges to disable the anti-malware software using Process Hacker in order to stop the removal of their attack.

When the execution is done then the ransomware encrypts the network with files encrypted by tycoon given extensions including .redrum, .grinch, and .thanos which attackers demand a ransom in exchange for the decryption key. The attackers ask for the payment in bitcoin which claims the price depends on how quickly they get in touch with email.

The campaign is still going on and suggests that those behind it are finding success extorting payments from victims. Tycoon could potentially be linked to another form of ransomware.

Organizations should make sure that the accounts that do need access to this porta aren’t using the default passwords and weak passwords because that password can easily be guessed for breaking the system security.

The post Ransomware target Windows and Linux again. appeared first on Vednam.