TECHNOLOGY
Kaspersky unmasks active malicious campaigns targeting Android and iOS users in APAC
September 2, 2022 6:19 p.m.
Global cybersecurity company shares how to secure smartphones from “Anubis” mobile Trojan and the infamous “Roaming Mantis” campaign
With the continued uptick in the adoption of mobile banking in Asia Pacific (APAC), global cybersecurity company Kaspersky warns of more attacks against Android and iOS devices.
Particularly, active monitoring shows the notorious Anubis Trojan now delivers a combination of mobile banking Trojan with ransomware functionalities to its target smartphones.
Mobile banking Trojans are one of the most dangerous species in the malware world.
This type of threat steals money from mobile users’ bank accounts usually by disguising the Trojans as legitimate apps to lure people into installing the malware.
Kaspersky’s elite researcher – Suguru Ishimaru – zeroed in on the mobile threat landscape in APAC to answer: what if there are no smartphones? Sharing the reality that users cannot live without a mobile device, he unmasked the latest malware targeting iOS and Android users in APAC during the company’s 8th Cyber Security Weekend in Phuket, Thailand.
Suguru Ishimaru, Senior Malware Researcher for Global Research and Analysis Team (GReAT) at Kaspersky
Anubis is a mobile banking Trojan targeting Android users as early as 2017. Its worldwide campaigns targeted users from Russia, Turkey, India, China, Colombia, France, Germany, the US, Denmark, and Vietnam.
This malware family continues to be one of the most common mobile bankers, according to Kaspersky’s latest mobile statistics in the second quarter of 2022. In this period, one in 10 (10.48%) of unique Kaspersky users globally who encountered a banking threat have encountered Anubis mobile banking Trojan.
Initial infections are done through multiple ways – legitimate-looking and high-ranking but malicious apps available on Google Play, smishing (phishing messages sent through SMS), and Bian malware, another mobile banking Trojan.
Once in, this infamous mobile banker can do a complete device takeover. It can steal personal information and identity, access private messages and login credentials, record sound, request GPS, disable play protection, lock the device’s screen, and more.
“Anubis is known for compromising hundreds of bank customers per campaign, proving that it’s among the most active malware targeting Android users right now. Our recent findings show that the cybercriminals behind this threat have started implementing ransom functionalities. If this modification proves to be successful, chances are other malicious groups will copy the same technique of stealing data and holding devices hostage. As a result, I expect to see more of such attacks in APAC due to cybercriminals’ strong financial motivation,” says Ishimaru, Senior Malware Researcher for Global Research and Analysis Team (GReAT) at Kaspersky.
The threat against Android and iOS users: Roaming Mantis
Another prolific threat actor targeting mobile banking users, globally and in the APAC region, is Roaming Mantis.
The group carries out malicious campaigns that target Android devices and spreads mobile malware initially via DNS hijacking and currently through smishing.
Kaspersky experts have been tracking its operations since 2018 and detected almost half a million attacks in APAC from 2021 to the first half of 2022.
Most numbers of the malware were blocked from infecting Kaspersky users in Russia, Japan, South Korea, India, and China.
Ishimaru also underlined that while the cybercriminal group is known for targeting Android devices, Roaming Mantis’ recent campaign showed interest in iOS users.
Using the same techniques, the smishing messages targeting iOS users contain a very short description and a URL to a landing page.
If a user clicks on the link and opens the landing page, there are two scenarios: iOS users are redirected to a phishing page imitating the official Apple website, while the Wroba malware is downloaded on Android devices.
If a victim inputs his credentials to the phishing website, it will then proceed to the 2FA (two-factor authentication) phishing website.
This allows the attacker to know the user’s device, credentials, and 2FA codes.
“There is a notion that iOS is a more secure operating system. However, we must take two things into account – the increasing sophistication of mobile bankers’ social engineering techniques and malware arsenal and the possibility for human errors. Remember that both Anubis and Roaming Mantis require user’s participation before they can take over a device. With more than half (63%) of digital payments in APAC doing their financial transactions online through mobile devices, awareness is no longer enough. Protecting our smartphones is a step that everyone should be doing by now,” adds Ishimaru.
Kaspersky expert suggests two layers of protection for smartphones
- Basic security
- Keep phones up-to-date and install the latest patches
- Reboot daily
- Do NOT trust third-party apps and mobileconfig
- NEVER click on links sent through SMS
- Install a security solution like Kaspersky Total Security
- Advanced protection
- Use a VPN to mask your traffic
- Check live network traffic using live Indicator of Compromise (IOCs)
- Use Lockdown Mode for iOS 16 users
TECHNOLOGY
Keep track of your health in style: 4 new must-have Xiaomi wearables
6:30 a.m. November 30, 2024
Xiaomi’s latest lineup of fitness wearables make health and wellness tracking super stylish and functional
Whether you’re living an active life or not, you shouldn’t underestimate the benefits of tracking your health and exercise. Keeping tabs on your fitness and wellness is easier than ever through the smart devices we own — and now that fitness wearables are more accessible than they were before, there’s nothing stopping you from your best and healthiest life.
But with so many options available, it can be overwhelming to think about which fitness wearable you’re going to go for. Fortunately, Xiaomi’s latest lineup of smart wearables narrow down the best choices for you, no matter your fitness level and budget.
- For the starter: Xiaomi Smart Band 9 Active
Looking to get your first wearable but want to dip your toes before going all out? Try the Xiaomi Smart Band 9 Active, the entry-level option in the Smart Band 9 series.
It’s got a 1.47-inch display on a light 9.9-mm body, and keeps track of 50 different sports modes for 18 days on a full charge. It’s water-resistant up to five meters, which means you can also take it on your swim. Personalize it with colorful straps and over 100 customizable digital watch faces, making it uniquely yours.
Get the Xiaomi Smart Band 9 Active on Shopee, Lazada, and TikTok Shop for only P1,199 and at authorized offline stores starting November 30.
2. For the casual: Xiaomi Smart Band 9
If you’re already using a wearable and want some more functionality on a bigger budget, the Xiaomi Smart Band 9 is a great choice to try.
The Smart Band 9 goes up to a stunning 1.62-inch AMOLED display also on a thin 9.9-mm body, and goes up to over 150 sports modes on a battery that goes longer at 21 days on a full charge. It can also monitor more vitals, including your heart rate, SpO2, stress, and your sleep quality, allowing for more insight into your health.
Get the Xiaomi Smart Band 9 on Lazada and at authorized offline stores for only P1,879.
3. For the enthusiast: Xiaomi Smart Band 9 Pro
Want to take your monitoring and tracking to a whole new level? The Xiaomi Smart Band 9 Pro is the top-of-the-line in the Smart Band 9 series, offering the most features and functionality for power users.
The Smart Band 9 Pro has a beautiful 1.74-inch narrow-edge quadrilateral display resting on a high-quality metal frame with new straps. Along with the features in the Smart Band 9, the Smart Band 9 Pro also has professional workout analysis that personally guides you in doing your exercises and making the most out of your active life. Staying healthy has never been easier and more stylish.
Get the Xiaomi Smart Band 9 Pro on Lazada and Shopee for only P3,799 and at authorized offline stores starting November 30.
4. For the super-stylish: Xiaomi Watch 2
You might need the tracking and monitoring functionality of a fitness wearable, but maybe you still want the piece on your wrist to look like a traditional watch. That’s where the Xiaomi Watch 2 comes in.
The Xiaomi Watch 2 is the ultimate lifestyle wearable, with a classic-looking 1.43-inch round AMOLED display. The water-resistant (up to five meters) watch has a wide array of sensors, from its 161 sports modes to health trackers to even environmental sensors that can tell you temperature, humidity, and direction. The Xiaomi Watch 2 can last up to 65 hours on a single full charge, and you can make it uniquely your own with over 200 customizable watch faces and colorful strap options.
If you want to go all-out in choosing a wearable, you can’t go wrong with the Xiaomi Watch 2.
Get the Xiaomi Watch 2 with a free three-month Spotify subscription on Lazada for P8,499 and Shopee for P7,599, and at authorized offline stores.
So if you’re looking for your first or your next fitness wearable, your best bet is with Xiaomi’s lineup!
To learn more about Xiaomi’s smart wearables, visit the official website at http://mi.com/ph.
TECHNOLOGY
Take life’s challenges head on with the OPPO A3
10:20 p.m. November 15, 2024
Enduring everyday life requires Filipinos to have a mobile device that can be their reliable companion to take on any challenge that arises.
The OPPO A3, OPPO’s strongest A Series device yet, stands out for its durability and reliability, making it a perfect companion for Filipinos in all conditions.
Embodying the #OPPOLangSakalam reputation, the OPPO A3 has been proven and tested to endure accidental falls.
If you’re always on the go, whether for work or school, it’s possible that your phone might take a tumble here and there. Smartphones can get damaged when such situations occur but with the OPPO A3 by your side, you can continue with your day with its ability to still function perfectly without any problems in case it accidentally slips out of your hands or pockets.
Carrying the durability standards of the OPPO A Series, the OPPO A3 passed the Military-Grade Shock Resistance (MIL-STD 810H), putting users’ minds to ease if ever these circumstances come about.
During several tests to see its durability, including a test from a height of 1.2 meters in different angles, the OPPO A3 showed no functional damage after going through it 26 times. When dropped on a marble tile face down from a height of 0.3 meters for 100 times, the device also didn’t show any function issues.
Apart from passing the Military-Grade testing, the OPPO A3 also acquired the SGS Certification for its strong build, which adds peace of mind to users. After being stepped on for 100 times during another test, the phone showed no signs of functional damage.
Face your battles boldly with the OPPO A3
The OPPO A3’s Military-Grade Shock Resistance and SGS Certification proves its durability and reliability, making it the perfect smartphone for everyone. What’s more, the OPPO A3 also comes in multiple variants and stylish colorways, offering users options that will fit their needs.
- The OPPO A3 6GB RAM and 128GB ROM variant is priced at Php 8,999, available in Starry Purple and Sparkle Black.
- The OPPO A3 8GB ROM and 128GB RAM is priced at PHP 9,999 while the OPPOA3 8GB ROM and 256GB RAM is priced at PHP 11,999 available in Starlight White and Sparkle Black.
Get a hold of the OPPO A3 in all OPPO stores nationwide and online via OPPO’s e-commerce platforms on Shopee, Lazada, and TikTok Shop.
For more information on the OPPO A3, visit OPPO’s official website at www.oppo.com/ph/ or OPPO Philippines’ official Facebook page.
TECHNOLOGY
Lenovo taps MEC Networks as new software distributor in PH
5:58 p.m. November 6, 2024
Lenovo Philippines has strengthened its local software distribution network through a new partnership with MEC Networks Corporation, officially appointing MEC as its software distributor in the Philippine market. The partnership was formalized recently in a contract signing, where Lenovo and MEC committed to delivering high-quality software solutions that meet the evolving needs of Filipino businesses.
This collaboration brings together MEC’s extensive distribution experience and Lenovo’s advanced software offerings. Through MEC, Lenovo will also collaborate with Kinjo Tech, a leading provider of unified endpoint management software such as Scalefusion, to offer cutting-edge software solutions for managing and securing business operations across various industries.
From left to right: Charles Springgay, President of Kinjo Tech, Clark Popple, SMB and One Channel Lead of Lenovo Philippines Inc.,Michael Ngan, President and General Manager of Lenovo Philippines Inc., Gunaseelan Ramachandran, Business Development Manager / Solutions Architect of Kinjo Tech, and Merrick Chua, President of MEC Networks Corporation.