Banker Malware Targeting Malaysian Internet Banking User

MyCERT Alert

1.0 Introduction

MyCERT had received several reports regarding a malware that targets Malaysian Internet banking customers. Based on our initial analysis, we found this campaign uses the Zeus banking malware family as its Modus Operandi in this campaign.

Attacker will infect victim’s computers with Zeus banker malware which will inject modified fake contents or page while a user is browsing a legitimate online banking website.

2.0 Affected Systems

Based on our initial analysis of a sample incident, we found the below is the affected system:

2.1 Smartphone running on Android
2.2 Vulnerable and unpatched Windows Operating System

3.0 Impact

3.1 The malware will inject a modified fake contents that looks like a real online banking website when user is browsing a legitimate online banking website, in which the content will request victim’s smartphone operating system and mobile number.

3.2 The malware will SMS to the smartphone a malicious APK and infect the smart phone in order to establish callback with the attackers for further instructions.

4.0 Technical Details

Attacker will infect victim’s computers with Zeus banker malware which will inject modified contents when users is browsing a legitimate online banking website, as shown in the below sample image of the injected page.

mycert-636.jpg

The modified content will prompt user to choose their smartphone Operating System and provide their phone number as well. With the phone number information, attacker will send SMS containing link to a malicious APK known as Zitmo malware to the victim’s smartphone, purportedly to be a an online banking verification certificate.

Once the APK is installed in the smartphone, a popup message will appear and the Zitmo malware will attempt to make callback to attacker through SMS and wait for further instruction.

Few days later, attacker will login to victim’s online banking account using the stolen credentials and perform online transaction successfully by using intercepted TAC number.

The mobile malware has been discovered since late September 2010 but first time being used in malware campaign targeting Malaysian Online Banking users.

5.0 Recommendation

5.1 For laptop/PC User:

1) Install robust anti-virus, anti-spyware and firewall software on your computer and other devices and configure it to update regularly.

2) Perform regular scans of your systems for malware and other risks.

3) Operating system providers such as Microsoft, periodically releases updates and patches that improve the security of your operating system. You should periodically check for these updates and keep your system current or configure it to do so automatically.

4) When accessing to online banking, make sure there is no pop-up/window that requires personal info such as credit card number, smartphone platform(Android/iOS) etc. Do not enter those information if required.

5) Use only a dedicated computer or laptop to do online banking

6) If you suspect your bank account has been compromised or spot any activity you have not authorized, please notify your banking provider immediately.

7) Please ensure you logout properly at the end of each session by clicking log-out button. Do not exit by simply closing the browser window.

8) If you come across anything suspicious when you do banking online such as unusual web pages asking for banking information, notify your bank provider immediately.

9) Never respond to any email/advertisements requesting you to provide your login details or log in via a link sent in an email/applications. The bank will never send you a mail or provide links in any applications like that, and such a request is likely to be a phishing attempt.

5.2) For Smartphone Users:

1) Verify an app’s permission and the app’s author or publisher before installing it.

2) Do not click on adware or suspicious URL sent through SMS/messaging services. Malicious program could be attached to collect user’s information.

3) Since URL on mobile site appears differently from desktop browser, make sure to verify it first.

4) Always run a reputable anti-virus on your smartphone/mobile devices, and keep it up to date regularly.

5) Don’t use public Wi-Fi networks for bank transactions and turn off Bluetooth connection when not in use. These can be open windows for eavesdroppers intercepting the transaction or installing spyware and other malware on user’s smartphone/tablet.

6) Update the operating system and applications on smartphone/tablet, including the browser, in order to avoid any malicious exploits of security holes in out-dates versions.

7) Do not root or otherwise ‘Jailbreak’ your phone; avoid side loading
(installing from non-official sources) when you can. If you do install Android software from a source other than the Market, be sure that it is coming from a reputable source.

6.0 References

6.1. Kapersky report on Zitmo malware

6.2. ATSEngine

Source: CyberSecurity Malaysia

Apple unveils watch and larger iPhones

Apple CEO Tim Cook speaks during an Apple event announcing the iPhone 6 and the Apple Watch at the Flint Center in Cupertino, California, September 9, 2014.

Apple CEO Tim Cook speaks during an Apple event announcing the iPhone 6 and the Apple Watch at the Flint Center in Cupertino, California, September 9, 2014.

Apple Inc unveiled a watch, two larger iPhones and a mobile payments service on Tuesday as Chief Executive Officer Tim Cook seeks to revive the technology company’s reputation as a wellspring of innovation.

The first new product to be developed and introduced under Cook’s reign is a timepiece tethered to the iPhone that will combine health and fitness tracking with communications. It will price at $349 and go on sale in early 2015.

First impressions were mixed. Some expected Apple to blow away the current competition but others warned the fact that it requires a paired iPhone may limit its sales.

Starting at $349 – $50 more than the cheapest version of the iPhone 6 with a contract, the lofty price tag may also keep some consumers on the sidelines. It could go up to more than $1,000 for higher-end editions, IDC analyst Danielle Levitas said.

The Apple Watch can receive phone calls and messages, play music, serve as a digital wallet to pay for goods and monitor heart rates via special sensors. The watches will come in three collections, including a sport edition and an upscale line coated in 18-karat gold.

“People are kind of scratching their heads on this watch, especially the fact that to successfully use the watch and to take advantage of its capabilities, you also have to have an iPhone,” said Daniel Morgan, vice president at Synovus Trust Company in Atlanta. “I don’t know if they’re in the right direction with this iWatch.”

Still, rival watch and wearable device makers will keep a wary eye on Apple, which upended the music industry and drove once-dominant phone makers like Blackberry to the brink of extinction.

Sony Corp, Samsung, LG Electronics Inc and Qualcomm Inc have already launched smartwatches, albeit without much success.

“Not the knockout some were anticipating. A bit gimmicky also on the health end of the wearable bands market,” said Jon Cox, an analyst of Swiss watch companies at brokerage Kepler Cheuvreux in Zurich.

“Not as cool as I feared. Nick Hayek is probably sleeping a little easier tonight,” Cox said, referring to the chief executive of Swatch Group.

Shares of the company closed just a tad higher after having risen almost 5 percent before executives trotted out the watch. The stock tends to rise in the run-up to a major product launch, and come under selling pressure afterward as investors cash out.

BUY WITH BIGGER PHONES

The watch is unlikely to increase Apple’s top-line. Estimates vary but IDC expects total global demand of 42 million smartwatches in 2015. Apple sells that many or more iPhones in a good quarter.

But the pressure was on for the world’s largest tech company to wow on Tuesday, after a years-long drought of products beyond new iPhones and iPads. The prospect of a new gadget attracted a broader swathe of attendees than usual, with celebrities, fashion industry editors and even healthcare executives rounding out the mostly tech-industry crowd.

In a rare move, Apple had planned on livecasting its entire event online, with a simultaneous translation in Chinese. But the livestream went down about a half-hour in, prompting many users to take to Twitter to express their frustrations.

Also on Tuesday, the company took the wraps off a larger, 4.7-inch iPhone 6 and 5.5-inch iPhone 6 Plus. They will support more than 200 telecoms carriers worldwide, including all three in China – a key growth market for the company.

And it introduced a new mobile payments service dubbed “Apple Pay.” Each phone will come equipped with its new payments service, which launches in the United States next month and allows users to pay for items in stores with their phones instead of physically presenting their credit or debit cards.

Launch partners include Walt Disney Co, McDonald’s and Whole Foods. The move gives Apple access to a trove of data on how consumers shop in brick and mortar stores, where more than 90 percent of U.S. retail sales are still conducted.

Each new iPhone will come with a “secure element” chip and a near-field communications, or NFC, antenna.

Ben Milne, CEO of Internet payment network Dwolla, wanted to hear a lot more about how Apple will tackle the aging payments infrastructure. Apple Pay should get some level of mass adoption based on the number of iPhones out there, but Apple will have to tackle the current high costs of payment processing to make its new feature more widespread, he said.

“The old architecture that payments is driven on is not up to snuff for the future they want to build,” Milne said.

Source: Reuters

 

Apple is replacing your iPhone 5 battery

iphone5blackwhiteApple has determined that a very small percentage of iPhone 5 devices may suddenly experience shorter battery life or need to be charged more frequently. The affected iPhone 5 devices were sold between September 2012 and January 2013 and fall within a limited serial number range.

If your iPhone 5 is experiencing these symptoms and meets the eligibility requirements noted below, Apple will replace your iPhone 5 battery, free of charge.

Replacement process
As of August 22, 2014, the replacement process will be available in the U.S. and China. In other countries, it will be available as of August 29, 2014.

Visit a participating Apple Authorized Service Provider to have your battery replaced. Your iPhone will be examined prior to any service to verify that it is eligible for this program and in working order.

To prepare your iPhone 5 for the battery replacement process, please follow the steps below:

  • Back up your data to iTunes or iCloud
  • Turn off Find my iPhone
  • Erase data and settings in Settings > General > Reset > Erase all Content and Settings

Note: If your iPhone 5 has any damage such as a cracked screen which impairs the replacement of the battery, that issue will need to be resolved prior to the battery replacement. In some cases, there may be a cost associated with the repair.

Additional Information
Apple may restrict or limit repair to the original country of purchase.

If you believe your iPhone 5 was affected by this issue, and you paid to replace your battery, you can contact Apple about a refund.

This worldwide Apple program doesn’t extend the standard warranty coverage of the iPhone 5. The program covers affected iPhone 5 batteries for two years after the first retail sale of the unit or until March 1, 2015, whichever provides longer coverage.

For more information and to check if you are eligible or not, click here.

Smartphones will go ultra-high definition in 2015

HYPER DETAILED: The latest LG flagship phone, the LG G3, can capture video in ultra-high definition. — ©LG

HYPER DETAILED: The latest LG flagship phone, the LG G3, can capture video in ultra-high definition. — ©LG

Just like televisions and computer monitors, handset displays are about to get a huge resolution boost.

According to the latest forecast from ABI Research, a 4K screen will become a flagship smartphone feature within the next 12 months and within five years, 478 million smartphones a year will ship with a UHD display as standard.

However, at the moment there is very little native 4K broadcast content available for either televisions or smartphones, meaning that, for the time being, a display with a super resolution could be seen as just a marketing gimmick.

Senior analyst Michael Inouye commented: “While some content owners and broadcasters have or are preparing to launch 4K programming, video resolution delivered to mobile devices will continue to lag behind screen pixel densities. While mobile device components, such as processor, memory and in some cases batteries, are gearing up to handle 4K, network and infrastructure elements remain challenging.

“Key video services like several under the UltraViolet umbrella, for instance, still largely distribute content to mobile devices in SD. Content protection and data utilisation concerns are part of the issue, but consumers also have not demanded higher resolution video in adequate numbers for services to respond,” he adds.

Although UHD displays aren’t expected to arrive until next year, the ability to use a smartphone to create 4K content is already here. The latest Samsung and LG flagship handsets both record video in 4K and as such join a growing list of UHD devices, such as the GoPro action cam.

However, even with more user-generated UHD content, disseminating it among friends or even hosting it to sites like YouTube is still an issue in terms of streaming or downloading due to the size of the file involved and consumers’ hatred of videos that buffer.

“Over The Top (OTT) video services will carefully weigh the costs of 4K delivery, the impact on viewing on mobile devices, and the brand halo high resolution services can bring,” said practice director Sam Rosen.

Rosen believes companies that use the internet to deliver content will initially focus on bringing UHD to televisions but there are emerging connection technologies that could mean that smartphones become a hub for streaming rich content to other devices around the home.

“New connections like wired MHL 3.0 and wireless 802.11ad can help position mobile devices as a hub for streaming high quality video and gaming to TVs. Qualcomm’s acquisition of Wilocity and push of 802.11ad could further encourage OTT companies and TV manufacturers to embrace the technology and bring high resolution video to TVs via mobile devices,” he adds. — AFP/Relaxnews 2014

Indonesian capital threatens to ban Uber car app

TARGETED: The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said. — AFP

TARGETED: The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said. — AFP

JAKARTA: The Indonesian capital is threatening to shut down controversial smartphone car-hailing service Uber due to licensing issues a week after it officially launched in the city, an official said Wednesday.

Jakarta authorities are just the latest to target Uber, an app that has sparked protests from taxi drivers in several countries as it allows customers to hail private rides via their phones.

“In our opinion, the service Uber provides is just like a taxi service, but it doesn’t have a licence to operate as one in this city,” Jakarta transport agency chief Muhammad Akbar told AFP.

“Registered taxis in Jakarta have to meet certain standards, including some to do with safety, so if Uber wants to operate here, it must be held to the same standards — otherwise it’s not fair.”

Authorities are concerned that Uber’s service will undercut the current market for taxis and that the company may evade tax if not registered legally, Akbar said.

The agency is working with the ministry for IT and communications to have the app shut down, Akbar said, adding that it had invited Uber to a meeting a month ago but never received a response.

Uber could not be immediately contacted for comment, but has fended off similar criticism in the past by explaining its service merely links customers looking for a ride with those who have a car, and does not own or operate its own fleet.

Uber began by linking users of its apps to luxury car operators, but then decided to offer a broader selection of cars and include a ridesharing option.

In Jakarta, it currently only links to services offering paid-for trips in upmarket cars.

The California-based app, operating in 170 cities spread across dozens of countries, is the most prominent of several that are shaking up the traditional taxi landscape in cities around the world.

Uber has already faced significant resistance from regulators in several countries, who accuse it of unfair competition and lack of standards.

Jakarta is flooded with some 20 million people on any given work day and taxis are a common mode of transport in the congested city, which is poorly covered by public transport. — AFP

沙首家电子广告平台 ~ JuiceSky闯出蓝海

Sin Chew Daily News - 22 May 2014周末到了,不懂要去哪里消遣?肚子饿了,不懂哪里找好吃的?要添新衣了,不懂哪家服饰店有折扣?很简单,只要下载全沙巴第一的电子商业广告平 台JuiceSky,所有的问题都可迎刃而解.上架逾两年、全年浏览量达400万的JuiceSky,成了本地各领域商家宣传的新宠,让商家与消费者的关 系更为密切.

萤火虫生长期作比喻

JuiceSky创办人之一的刘驟强指出,JuiceSky会以萤火虫为电子商业广告平台的吉祥物,因萤火虫孵化效应的4个生长阶段恰恰反映了网络宣传的生态系统.

刘 骤强表示,萤火虫在产卵时,正如一间正要启动的公司,需要完整的规划,而JuiceSky可以从旁协助,让客户了解网络宣传方式.萤火虫的卵经孵化后,将 进入幼虫阶段,刚成立的公司犹如幼虫般脆弱,广告也鲜少人知,JuiceSky就会在这时候为客户在当地的媒体进行宣传.

“幼虫经过几次的蜕皮后会变成蛹,萤火虫虽然看起来是完全静止的,但内部则渐渐进行着从幼虫的形态变化到成虫的过程,在这期间也就是让客户参与各界的活动及组合,提高客户对外的曝光率,酝酿着下一次破蛹而出的最佳时机.”

“当萤火虫成功蜕变为成虫时,也就意味着客户的广告已经达到最有效率及速成的宣传方式,好比四处飞翔的萤火虫,带着那微弱的光芒照耀着世界的每一个角落.”

颠覆传统经商手法

JuiceSky 突破了传统的商业手法,以更生动及吸引人的方式,全年无休地为用户提供更快、更准确的资讯.该公司的制作团队巧妙地利用现今时代的手机全球定位系统功能, 即使客户的地理位置不是很理想,用户也能透过卫星导航的协助找上门.此外,一些乏人问津的广告也不必担心会被该平台冷落,因这些广告可藉着优化的谷歌搜索 引擎(Google Search Engine Optimization)被寻见.

刘骤强表示,JuiceSky里人气最旺的饮食类 广告,平均每年每个广告可达25万的浏览人次.就算是最不热门的广告,也可达每年逾8千的点击率,对客户来说已算是一个不错的反映.客户可透过 JuiceSky管理平台得知用户统计,即时得到消费者统计汇报,为客户带来更大的便利.

此外,透过该平台举办的JuiceSky People’s Awards最佳人气奖活动、微电影竞赛和赢取旅游套票等活动,不仅加强客户与用户之间的互动,更成功吸引和接触到更广大的用户群.

刘骤强表示,JuiceSky每年都会将所赚得的一部分回馈社会,受惠的团体为沙巴亚庇博爱辅导中心.

他 表示,JuiceSky这个商标的成立也是很有趣的,因它本是JuiceAPac(Join Us In Company Expansion-Asia Pacific)的缩写,然而现在该公司涉及的是云端上的商业平台,因此把Juice带上了云端(Sky),成立了今天JuiceSky.