Lookout Mobile Security on Tuesday published a report stating that a known malicious Android program has been updated with the ability to harm a device without depending on a user’s interaction. The new version of the “Legacy Native” (LeNa) app utilizes an exploit called GingerBreak to gain root permission on Android phones. The new variant of LeNa hides its payload just past the End of Image marker of an otherwise fully-functional JPEG. The malware is then able to communicate with a comma...

A few days ago Google was made aware that there were over 20 apps in the Android Market that were up to no good. These malicious apps gained system-level access to your handset when downloaded and would intercept and covertly transmit private data to 3rd party servers. Some of these apps have been downloaded more than 50,000 times. To try and fix the problem, Google has started using a remote kill switch feature in Android to wirelessly nuke those installed apps on user’s handsets. That’s not the ...

While investigating several Android Market applications that appeared to be duplicates, Reddit user lompolo discovered several apps that provide an extra, and definitely unwanted, service. The applications in question contain an exploit that, when downloaded, automatically root the Android handset. Not only that, the apps — 21 in total — also contain an embedded .apk file that can accept remote code and upload device information (like your IMEI) to a server in California. The malicious bundles ...

If you haven’t heard by now, you probably don’t have an iPhone, but you can unlock your iDevice by visting www.jailbreakme.com. However, the exploit used to jailbreak iPhone, iPod and iPad devices is reportedly about to be turned against the hacking community, we’ve been told. Once the exploitation method is disclosed to the public, black hat hackers would be able to take advantage of it by setting up their own websites that could load malicious code onto your device. This is done through t...

Ruh roh, as Scooby would say. Once relatively untouchable, security experts have now found what they claim to be two new pieces of malware specifically targeting OS X. The first, ‘OSX.RSPlug.D’, is a Trojan capable of rerouting internet traffic to a malicious DNS server which will draw users to phishing sites and ads. So far the only reported sources of the Trojan are porn sites where it sits masked as a codec needed to display certain videos. The second piece of malware, ‘OSX.Lamzev.A’...