Security Blog

  Hong Kong Computer Emergency Response Team (HKCERT) Coordination Centre cooperates with the National Institute of Network and Information Security (NINIS) for detecting malicious and suspicious behaviors of Apps from the Google Play Store, in order to study the security risk of apps in the Google Play Store in Hong Kong area. NINIS provides us analyzed result, and we collate the detection result and publish security alerts to the public.   In the report of August, we have downloaded 147 apps from Play Store, where 6 apps have been identified as high risk. None of them was removed from Play Store (on or before 28-August). The detail of report is shown as follow.   Target scope Top 50 Free Applications in Hong Kong area Top 50 New Free Applications in Hong Kong area Top 50 Free Games in Hong Kong area Top 50 New Free Games in Hong Kong area   Scanned Apps Successful downloaded and scanned: 147 apps Unable to download via the system: 53 apps Downloaded date: 5-August 2014 List of the downloaded apps: "Appendix 1" [download]   Analysis Overview   In this analysis, 147 apps were scanned for bad behaviors. Based on the level of security threat, the apps were divided into 2 categories: apps with malicious and apps with suspicious behaviors. Malicious behavior refers to apps having malicious purpose explicitly, which could cause direct harm to systems and users' interests. Suspicious behavior refers to apps having behavior, which could cause direct harm to systems and users' interests, but no malicious behavior can be explicitly identified.   1. Scanning Result   Among the 147 scanned apps, 6 apps were identified as security high risk. These 6 Apps were identified with the following high risk behavior signatures Android.Adware.AdMogo, Android.Adware.SKplanet, Android.Adware.SmsReg, Android.Adware.Igexin, Android.Trojan.SmsSpy, Android.Trojan.Generic, Android.Trojan.SmsSend, etc.   List of security high risk apps   Application High risk behavior signature / Ad plug-in Malware detection ratio by VirusTotal Status # 1. 姓名測試—九宮姓名 臺灣妙樂大師精心製作  姓名配對愛情配對    (v1..4) Category: New Free App Installs: 1,000-5,000...

  Favourite Security Reads of the Week (22 August 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@...

To make a phishing site live longer, cybercriminals use various tactics to avoid exposing the site to investigators, e.g. a phishing site hosted in Hong Kong but targeting German users can only be viewed from Germany, so that the investigators in Hong Kong cannot...

  Favourite Security Reads of the Week (15 August 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@...

  Favourite Security Reads of the Week (8 August 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@...

  Favourite Security Reads of the Week (1 August 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@...

August 2014 Issue of Security Newsletter is available now: /my_url/en/newsletter/1408   Cover Story Point of Sale (POS) Systems' Servers in Hong Kong Likely Infected by Malware Hong Kong Security Watch Report (Q2 2014) Hot Topic ...

  Favourite Security Reads of the Week (25 July 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@...

  Adapted "System recepcyjny HORECA13" by Travelarz   POS malware infection uncovered in Hong Kong   In the past 6 months, security vendors FireEye [1] and ArborNetwork [2] released reports on point of sale (POS) malware, which mentioned that IP...

  Favourite Security Reads of the Week (18 July 2014)   "Favourite Security Reads of the Week". Each week we share five news or articles that we like. We hope you will love this column and we welcome your comment via email to hkcert@...