Tuesday, December 18, 2012
A serious exploit that affects certain Exynos devices has been found. It appears that the Samsung kernel allows read and write access to all physical memory on the device, including the kernel itself. In essence, the kernel is the "brain" of the operating system. With this vulnerability, it is easy for anyone to obtain root access to the device and also makes it possible to execute code code injections and RAM dumps from apps containing malware available in the Google Play store.
The exploit appears to work on any device running a Exynos 4210 or 4412 processor. We have previously seen other vulnerabilities in Samsung Galaxy devices. This one, in particular, is very dangerous given the amount of malware-infected apps in the Google Play store.
A new variant of the SMSSend Trojan is targeting Mac users. A variation of his trojan originally started by tricking users into entering their cell phone number in order to continue the installation of what appeared to be an official software installer. After supplying attackers with their phone number, the victim would unknowingly agree to terms of a chargeable subscription and a fee will be debited from their mobile phone account on a regular basis. This particular Trojan imitated the VKMusic 4 program, a popular Russian music client. VKMusic 4 Mac has now been added to Apple's Xprotect.plist blacklist. Apple promptly patched the issue.