The Bharatiya Nyaya (Second) Sanhita, the Bharatiya Nagarik Suraksha (Second) Sanhita and the Bharatiya Sakshya (Second) Bills: These will replace the Indian Penal Code (IPC), the Code of Criminal Procedure (CrPC) and the Indian Evidence Act, respectively. Here are the bills passed in this session: The Lok Sabha was adjourned sine die on Thursday, a day ahead of the scheduled end of the session, and recorded a productivity of 74 per cent. These are the Bharatiya Nyaya (Second) Sanhita Bill, the Bharatiya Nagarik Suraksha (Second) Sanhita Bill and the Bharatiya Sakshya (Second) Bill, respectively.A bill to regulate the appointment of Chief Election Commissioner and Election Commissioners, the Post Office Bill that seeks to repeal the 125-year-old Indian Post Office Act, the Telecommunication Bill which lays provisions that the central government will provide authorisation for telecom-related activities, and the Press and Registration of Periodicals Bill were also among the Bills passed by the Lower House of Parliament. “It requires attention and action from system developers, device manufacturers, app developers and users, so that vulnerability fixes are patched, distributed, adopted and installed in time.The Lok Sabha passed 18 Bills in the Winter session of Parliament,including three to replace the Indian Penal Code, the Code of Criminal Procedure and the Evidence Act. “The Agent Smith campaign serves as a sharp reminder that effort from system developers alone is not enough to build a secure Android ecosystem,” researchers wrote. Check Point reported that Agent Smith is most prevalent in phones running Android version 5.0 (40 percent) and version 6.0 (34 percent), with 9 percent of infected phones running version 8.0. Google’s most recent version of its Android OS is Pie, version 9.0. Among multiple sub-domains, ‘ad.a***d.org’ and ‘gd.a***d.org’ both historically resolved to the same suspicious IP address.” They added, “We started with most frequently used C&C domains ‘a***d.com’, ‘a***d.net’, and ‘a***d.org’. “We connected the Agent Smith campaign to a Chinese internet company located in Guangzhou whose front end legitimate business is to help Chinese Android developers publish and promote their apps on overseas platforms,” researchers wrote. Researchers believe the threat actors behind the malware is a China-based organization located in Guangzhou, a large city located northwest of Hong Kong, based on analysis of the Agent Smith command-and-control servers. “In certain situations, variants intercept compromised apps’ original legitimate ads display events and report back to the intended ad-exchange with the Agent Smith campaign hacker’s ad IDs.”Ĭheck Point said that the Agent Smith dropper proliferates via third-party app store called 9App, patronized primarily by Indian (Hindi), Arabic and Indonesian users. “Upon kill-chain completion, Agent Smith will then hijack compromised user apps to show ads,” they wrote. To do this, the attackers rely on the Janus vulnerability ( fixed by Google in December 2017), which allows the threat actors to bypass Android’s APK integrity checks and replace any application on its “prey list” with an infected version.Ĭheck Point estimates that each victim could have as many as 112 apps replaced on their handsets with ones that display the rogue ads. The malware inspects the apps on the targeted phone, and then fetches updates to “patch” recognized APKs with malicious ad modules. “The core malware is usually disguised as Google Updater, Google Update for U or ‘’. The dropper program then downloads the Agent Smith payload.įor those victims with unpatched phones who download apps from third-party app stores, things go from bad to worse. Victims are enticed to download dropper program camouflaged as either an image editor, porn-related app or game from a third-party app store. The malware is tied to a China-based firm, according to Check Point researchers, and is targeting users in India, Pakistan and other parts of Asia.Īccording to research released Wednesday, the malware targets phones that have not been patched for a host of old vulnerabilities such as Janus, an Android flaw that dates back to 2017. Researchers are warning of a new breed of Android malware, dubbed “Agent Smith,” that they claim has infected 25 million handsets in order to replace legitimate apps with doppelgangers that display rogue ads.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |