Kaspersky finds mobile versions of the Zeus trojan posing as fake Android security software

Android’s security concerns have been the primary focus of an on-going debate for a while now. Google has been trying to fend off malicious app developers, with the introduction of a new security system called “Bouncer”, but we have still seen over 5,000 malicious apps already in just the first quarter of 2012.

In what is a further cause for concern, Kaspersky Labs Expert Denis Maslennikov has uncovered a fake Android security application that steals incoming SMS messages from infected devices. In a blog post, he wrote that he discovered at least 6 files that go under the name “Android Security Suite Premium,” but are in fact malicious apps that aim to steal incoming SMS messages, that are then uploaded to a remote server. He also mentions that these apps can receive commands to uninstall themselves, steal system information, and enable or disable apps.

Granted, the existence of apps with similar functionality is nothing new. In fact, while a lot of us tend to overlook the permissions required by apps when we download them from the Google Play Store, many apps request permissions to send/receive SMS messages from our device.

Only this time, with the latest threat, there is cause for further concern, as, according to Maslennikov:

  • The files that were heuristically detected by Kaspersky’s engine as “HEUR:Trojan-Spy.AndroidOS.Zitmo.a.” Zitmo (Zeus in the mobile) apps are the mobile versions of the infamous Zeus trojan that steals private banking information.
  • With a lot of banks implementing mobile-based security systems, the goal of Zitmo apps is to steal mobile authorization numbers that customers receive from their banks via SMS.

 

 

Kaspersky researchers are still trying to determine how the malicious Android Security Suite Premium app is being distributed. From past experience with other Zitmo apps, it may be distributed as a fake security update that appears to be “recommended” by your bank’s mobile site, so that is definitely something you need to watch out for.

Mobile authentication systems and mobile banking have been growing in popularity since their introduction, because of their ease of use and convenience. While helpful, consumers who use these products and applications certainly need to be a lot more careful.

We recommended that you download apps only from the Google Play Store. Even then, you should evaluate thoroughly the “permissions” required by any app you download, and also take a look at user reviews for an indication as to whether an app is trustworthy or not.

Of course, be extra vigilant if you ever need to download third party apps for any reason.

WinZip, the world’s #1 archiving utility, comes to Android

If you used Windows between 1991 and 2001 then you have probably heard of (and used) WinZip.

Before Microsoft built the ability to unzip files into Windows XP, and before 7zip, WinZip was thede facto way to handle .zip files. Wind forward another ten years and WinZip is still around and it is now no longer just confined to Windows. There is WinZip for Mac, WinZip for iOS, and now WinZip for Android. I don’t know how comfortable I feel about running any apps on my Android phone which starts with the word “Win”, but I will make an exception in this case.

Starting WinZip from the launcher puts you into a simple file manager which allows you to navigate around your device looking for a .zip to open. Once you click on a .zip file, it is expanded and its contents revealed. Inside the archive image, text, and web files can be viewed directly using the built-in viewer and other file types can be opened via the standard “Complete action using” Android dialog.

One thing I couldn’t find was an option to expand a .zip file onto the SD card or the ability to extract a file from the archive. This seems to be one of the most basic needs for any decent .zip manager and I don’t know why it isn’t included. Popular file managers like Total Commander can do this.

Having said that, WinZip is available for free from Google Play and is compatible with Android 2.1 (Eclair), 2.2 (Froyo), 2.3 (Gingerbread), 3.x (Honeycomb) and 4.x (Ice Cream Sandwich).

Dolphin Browser Gets Updated Flippers, Faster than Ever.

Mobotap on 19th released some details about its upcoming Dolphin Browser engine, which they claim is 5-10 times faster than the default Android browser, and 100% faster than Chrome.  When tested on HTML5test.com, it does seem to shoot ahead of its rivals, but we all know benchmarks can be deceiving, so it’ll be interesting to see how the new behind-the-scenes tweaks turn into real user experience changes.  Improvements in canvas element rendering using both the gpu and the cpu seem to be behind most of the speedup.  You can read more, and grab a link to the beta below.

Full Press Release after the break:

SAN FRANCISCO, CA, Jun 19 (Marketwire)

 
Dolphin Browser, the most popular third-party browser on Android and iOSand the only Gesture and Voice enabled browser, today announced thelaunch of Dolphin Engine, behind-the-scenes technology that makes DolphinBrowser Beta the highest performing HTML5 browser available today.
 
Dolphin Engine allows HTML5 rendering up to 5-10 times faster than thedefault browser on Android, and at times, 100 percent faster than Chrome.
 
Dolphin Engine was tested on HTML5test.com, the industry’s mostrecognized tool for testing a browser’s support of HTML5 functionality.
 
Dolphin Beta Engine performs significantly better than other mobilebrowsers available today:
 
Browser HTML5 Test Score
Dolphin Browser Beta 450+
Opera 369
Chrome Beta 364
Firefox 325
iOS 5.1 324
MeeGo/Harmattan 284
Android 4.0 273
BlackBerry OS 7 273
Bada 2.0 268
Nokia Belle FP 1 226
webOS 2.2 210
Android 2.3 189
Windows Phone 7.5 138
 
“Dolphin is committed to building a browser that provides theabsolute best consumer experience for mobile Web browsing, Web apps andgaming,” said Yongzhi Yang, CEO of MoboTap, makers of Dolphin Browser.”We’re always looking for ways to tweak the browser to make it faster,easier and more fun to use. Dolphin Engine’s tremendously high scores area testament to the tireless work of our engineering team.
 
“Dolphin was able to achieve this remarkable accomplishment throughextensive canvas improvements, with particular attention to canvaselement, 2D context and text. In addition, Dolphin Engine madesignificant GPU technology improvements around GPU accelerated canvasrendering and optimized CPU / GPU parallel computing.
 
About MoboTap
MoboTap is a mobile technology developer that is committedto advancing the mobile revolution by improving the way peopleexperiences the mobile web through their smartphone devices. Founded andled by an international team of proven engineers and entrepreneurs andbacked by leading venture capitalist firm Sequoia Capital, MoboTap hasbegun this revolution with the launch of Dolphin Browser, a freeWeb-browser specifically optimized for mobile users.
 
Contact:
LaunchSquad
(415) 625-8555
Dolphin@launchsquad.com
Copyright 2012, Marketwire, All rights reserved.

ISeeYou App Keeps Your Screen On While Looking at it, Similar to the Galaxy SIII’s Smart Stay

Have any of you found yourself jealous that your fancy Android device is lacking the Galaxy S III’s ability to keep the screen on while looking at it? I mean, how annoying is it when you are reading a webpage and your device’s screen times-out and you have to power it back up and unlock it to just keep reading from where you left off? The Galaxy S III combats this annoyance by using Samsung’s new Smart Stay feature that prevents your device from going to sleep by using the front facing camera to detect an onlooking face. When Sammy first announced the device and its nifty features, I figured it would be the custom ROM development community who would port the feature over to be used in various ROMs. Looks like I was wrong. Now everyone can get in on the action by simply grabbing the ISeeYou app from the Google Play store.

ISeeYou comes in two different flavors. A free version and a paid version. The only difference besides $.99? The paid version allows you to change the scan interval and how long the camera will search for your face, the free version does not allow any changes. I opted for the paid version only because I wanted to change how often my Nexus scanned for my face in hopes to preserve precious battery life. You see, out of the box the free app will attempt to detect your face every 20 seconds which can be a bit overkill if you have your screen timeout set to 60 seconds like in my case. I have the ISeeYou app set to scan every 55 seconds for 5 seconds for those times when I am reading something that may require the screen to stay on for longer than a minute. For those times when I am only looking at the screen for 30 seconds or so, I wont be wasting battery by having the front facing camera power-up every 20 seconds scanning for my mug. You see where I am going here? I guess if battery life isn’t concern of yours then the free version will do the trick just as well, but for those of you who are like me and try to squeeze every amp hour out of your device, then I would suggest going for the paid. Either way, start with the free version to make sure the app is compatible with your device because I only tested it on one phone and only for about 20 minutes. That being said, while testing with the ISeeYou app activated, my phone never shut itself down while looking at it even though I never had any touch interaction. Pretty sweet if you ask me!

The jury is still out on whether or not the use of this app will cause any unwanted side affects like accessive battery drain or wake locks. I assume there is going to be some toll on battery life but I am hoping the benifit outweighs the possible lack of juice. Either way, this app will keep me happy until I get my GSIII in the mail and now I don’t need to feel like those folks with the international GSIII are enjoying features I can’t.

Check out the app for yourself through one of the links below and let us know what you think!

Play Store Download (Paid)

 

Play Store Download (Free)

 

New Virtual Assistant Robin Looks To Put New Spin On Driving

We may have seen our fair share of Siri clones out here in the Android world, but there’s one that’s looking to put all other virtual assistants to shame called Robin. This virtual assistant is aimed specifically for use when driving and allows drivers to use voice in/out and hand gestures in order to establish communication with the device. Robin comes jam-packed with the abilities and features such as give navigation, real-time traffic and parking information, gas prices, weather and more. When you’re sitting in rush hour or just plain bored during your drive, Robin can narrate personal Twitter news and even tell a joke or two.

The app is currently in beta, but it’s certainly looking like it’s on the right track for impressing users. Hit the break to see the full presser from the developers as well as grab the QR code and Play Store links.

Play Store link

 

Google gives developers a voice, they can now reply to reviews on Play Store

Feel like you’re talking to the walls when you leave that constructive criticism on an app on Google Play Store? That won’t be the case anymore, because Google is making some big changes on its app store. You’d better be good at both dishing it out and taking it back, though. Those seemingly faceless app developers can now reply to your reviews – good or bad.

As you can see on the screenshot below taken from an Android Developer console, developers will be able to reply directly to customer’s reviews, and their replies will appear below the original comments on Google Play for the public to see. We don’t think there’s a notification system to let you know if a review has been replied to or not, but we could be wrong on this one.

 

 

For now, the direct reply feature is only available to a select few, namely those with a “Top Developer badge”. A full rollout for all developers can be expected in the future.

You have to remember that having the ability to respond to reviews and comments doesn’t mean that the developers are obligated to do it. But we’re sure some developers are more than willing to set straight some misinformation that certain users write on their reviews or help troubleshoot problems when running certain apps.

This new level of interaction will hopefully have some positive impact on both developers and customers: we’ll have apps that run better and more satisfied customers, who in return will keep supporting their favorite developers.

Withdraw Cash From An ATM By Scanning A QR Code With Your Phone

Mobile payment systems have been moving toward NFC technologies, with Google Wallet and other NFC-based systems like ISIS. This requires the use of a device with an NFC chip, and NFC-enabled pay stations.

NCR Corporation has something different in mind with their QR code-based ATM withdrawal system called  NCR Mobile Cash Withdrawal. While not exactly a point-of-sale system like Google Wallet, it allows you to get money from any supported bank’s ATM. The technology does not require any new hardware on either end for it to work. NCR is using standard QR codes that can be scanned by any Android device with a camera. A user simply needs to have the NCR app installed, walk up to a supported ATM, scan a code, and withdraw money. No passwords are swapped between the phone and the ATM, so ATM password skimmers become useless.

Without more information, it’s difficult to say how secure this system is, but NCR is planning implementation this year and is currently looking for banks “with an innovative spirit” to partner with.

Watch the demo video after the break.

New Angry Birds Seasons Update Brings Underwater World Of Piglantis.

Image

Rovio is at it again offering another Angry Birds update. Fresh off updating its super cool Angry Birds Space, the developer has given the same treatment to its Angry Birds: Seasons series— just in time for the start of summer. The new update brings the beautiful setting of Piglantis and features 30 new levels to the aquatic wonderland. Among the most interesting aspects of the new update are the new physics— if you thought the physics were cool in Angry Birds Space, you’ll go crazy over the underwater physics in the new Piglantis levels.

I know you’re all itching to get a headstart on playing the new game, so be sure you grab it by clicking on the Play Store link or scanning the QR code below.

Play Store link

Image

Imangi and Disney Pixar Announce Temple Run: Brave, Now Available in the Play Store

Great news for those of you who can’t get enough Temple Run in your life! Imangi has teamed up with Disney Pixar and just released the new an improved Temple Run: Brave edition. Based off of the new Disney movie, The Brave, you play as the movie’s main character Merida, and run through temples that have much improved graphics over the original Temple Run. Not only are the visuals completely new, you also get to shoot a bow to try and hit moving targets with arrows. This definitely adds another level of difficulty so don’t let the Disney theme fool you. This game is just as cool, if not better than the original and I highly recommend you check it out. There is one thing, though. This time around they are asking for $.99 in the Play Store but I am going to have to say it’s worth it. Jump past the break for the official trailer and Play Store links.

Samsung’s S Voice And Apple’s Siri Go Head To Head In A Battle Down Under

The iPhone 4S vs. Galaxy S III debate is a seemingly endless debate and we now have another face-off adding fuel to the intense rivalry. Sure we’ve already seen Siri go up against other Android devices— but a savvy user took some time to pit two of the most popular devices in the world against each other. While Sammy’s S Voice is nearly identical to Siri in every way, S Voice touts itself as the greatest virtual personal assistant in the world. Despite Sammy’s claim, each virtual assistant matched one another in almost every possible way— though S Voice was able to give navigation in the user’s home country of Sydney, Austrailia… while the iPhone 4S was unable to give directions unless the user is in the U.S. Looks like Sammy will have something more to brag about until Apple addresses the minor shortfall in Siri— which would perhaps be found in the latest iOS 6 update I suppose.