Wednesday, May 31, 2017

JUDY: Android Nightmare

It seems that more malware threats are on the way. After Wannacry, a malware called Judy is infecting Android phones. “Judy” is an auto-clicking adware found on 41 apps developed by a Korean company, named Kiniwini, registered on Google Play,Google’s official app store, as ENISTUDIO corp. The company develops mobile apps for both Android and iOS platforms. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.
According to Check Point, the malware has a reach of anywhere between 8.5 million and 36.5 million users worldwide. Some of the apps discovered were residing on Google Play for several years, but all were recently updated. It is unclear how long the malicious code existed inside the apps, hence the actual spread of the malware remains unknown. Checkpoint explains that the viruses that came with these programmes went largely unnoticed because while the programmes were installed through Google, the official source, the malware code was downloaded from a non-Google server. This code would then enable automatic clicks on Google ads through the phones.
The apps got past the Play Store's protection system, Google Bouncer, because they do not contain the malicious part of the Judy code. How Judy works?? Once downloaded, the apps silently register the device to a remote server, which responds by sending back the malicious ad-click software to open a hidden website and generate revenue for the site by clicking on the adverts. Judy relies on the communication with its Command and Control server (C&C) for its operation. After Check Point notified Google about this threat, the apps were swiftly removed from the Play store.
It is important to note that the activity conducted by the malware is not borderline advertising, but definitely an illegitimate use of the users’ mobile devices for generating fraudulent clicks, benefiting the attackers. It is quite unusual to find an actual organization behind mobile malware, so a little bit confusing. They also found several apps containing the malware, which were developed by other developers on Google Play. The connection between the two campaigns remains unclear, and it is possible that one borrowed code from the other, knowingly or unknowingly. The oldest app of the second campaign was last updated in April 2016, meaning that the malicious code hid for a long time on the Play store undetected.

The malware is very sophisticated, as evident by its design that can even defeat Google's Bouncer protection. It's just that at this moment Judy is probably not stealing anything from users. But secret gateway created between an infected phone and the malware server can possibly steal private details like credit card information and passwords from a phone anytime.
One have to be very very careful about downloading apps especially unknown. Firstly, users should check he reviews the app they’re downloading. Most of the times the users will say if the app is malicious or has any other problems. Also, users should always keep up with the latest system updates. An outdated operating system is a vulnerable one. Also for more safety ensure that Android devices have a secure robust solution, an antivirus that safeguards your device from any potential malware attack. Most importantly, make sure that you have a strong password consisting of numbers, letters and strange symbols.
In this digital age, when users keep most of their important data like photos, card details, and passwords saved on their phones, a code like Judy represents a serious threat and may be a sign of upcoming bigger attacks. So such attacks should not be taken casually (remember Wannacry), Android platforms should be used more carefully. Stay protected from any malware threats and invasions and happy browsing..

Wednesday, May 10, 2017

BITCOIN, What is it actually???

As the Bitcoin is in news, Lets see what is it ?? Bitcoin is a digital currency also called crypto-currency which allows people to buy goods and services and exchange money without involving banks, credit card issuers or other third parties. Satoshi Nakamoto introduced the bitcoin protocol, publishing a paper via the Cryptography Mailing List in November 2008. But after all these years, he remain unknown. Whoever it is, it doesn’t matter, as invention had become more popular than inventor.
Unlike physical money, Bitcoin is open-source; its design is public, nobody owns or controls Bitcoin. Bitcoin uses peer-to-peer technology to operate with no central authority or banks; managing transactions and the issuing of bitcoins is carried out collectively by the network. So it is better known as decentralized digital currency.
From where we can get Bitcoins?? There are three primary ways to obtain bitcoins: buying on an exchange, accepting them for goods and services, and mining new ones. "Mining" is the process of discovering new bitcoins. Bitcoin mining is so called because it resembles the mining of other commodities.: it requires exertion and it slowly makes new currency available at a rate that resembles the rate at which commodities like gold are mined from the ground. The primary purpose of mining is to allow Bitcoin nodes to reach a secure, tamper-resistant consensus. Mining is also the mechanism used to introduce Bitcoins into the system. It's simply the verification of bitcoin transactions.
Bitcoin mining is the process of adding transaction records to Bitcoin's public ledger of past transactions.It is a long list of blocks, known as the 'blockchain'. Collection of all the transactions made during a set period is listed and is called a block. It’s the miners’ job to confirm those transactions, and write them into a general ledger. It can be used to explore any transaction made between any bitcoin addresses, at any point on the network. Whenever a new block of transactions is created, it is added to the blockchain, creating an increasingly lengthy list of all the transactions that ever took place on the bitcoin network.
When a block of transactions is created, miners put it through a computing process. They take the information in the block, and apply a mathematical formula to it, turning it into a far shorter, seemingly random sequence of letters and numbers known as a hash. This hash is stored along with the block, at the end of the blockchain at that point in time. The Hash Rate is the rate at which these problems are being solved. The more miners that join the Bitcoin network, the higher the network Hash Rate is. Every time someone successfully creates a hash, they get a reward of 25 bitcoins, the blockchain is updated, and everyone on the network hears about it. That’s the incentive to keep mining, and keep the transactions working. Miners are paid any transaction fees as well as a "subsidy" of newly created coins. This both serves the purpose of disseminating new coins in a decentralized manner as well as motivating people to provide security for the system. Currently, miners receive 12.5 bitcoins every 10 minutes. This halves every 4 years. The next halving will happen in mid-2020.
It’s easy to produce a hash from a collection of data like a bitcoin block, but it’s practically impossible to work out what the data was just by looking at the hash. And while it is very easy to produce a hash from a large amount of data, each hash is unique. If you change just one character in a bitcoin block, its hash will change completely.
Bitcoin mining is decentralized. Anyone with an internet connection and the proper hardware can participate. The main operational costs for miners are the hardware and the electricity cost, both for running the miners but also for providing adequate cooling and ventilation. Some major mining operations have been purposely located near cheap electricity.
Bitcoin on mobile allows you to pay with a simple two step scan-and-pay. No need to sign up, swipe your card, type a PIN, or sign anything. All you need to receive Bitcoin payments is to display the QR code in your Bitcoin wallet app and let your friend scan your mobile, or touch the two phones together (using NFC radio technology).
When the algorithm was created at first, he had set a finite limit on the number of bitcoins that will ever exist: 21 million. Currently, more than 12 million are in circulation. That means that a little less than 9 million bitcoins are waiting to be discovered. Since 2009, the number of bitcoins mined has skyrocketed. That's the way the system was set up easy to mine in the beginning, and harder as we approach that 21 millionth bitcoin. At the current rate of creation, the final bitcoin will be mined in the year 2140.
Bitcoin transactions are secured by military grade cryptography. Nobody can charge you money or make a payment on your behalf. Bitcoin can give you control over your money and a strong level of protection against many types of fraud. Unlike credit card, you can even send a payment without revealing your identity, almost like with physical money. i.e. why its used as ransom in many cyber attacks. This makes Bitcoin a better digital asset as the currency of the Internet and a payment system.
The question remains : What will be the future of bitcoin? I think bitcoin will exist forever as it has no material form and is not subject to physical deterioration. It actually exists in forms of bits (0 & 1) and is stored on computers all around the world. Thus making it a disruptive force in the FinTech space.

Learn more about this Digital currency here.