Author: admin

Mobile Device Malware “Judy”

The Korean company Kikiwini published 41 Android APPS under the name ENISTUDIO Corp.

It was discovered in 2017 that these could have infected up to 36.5 million Android devices by hidden malware that produced fake advert clicks.

Security firm Check Point identified these apps and realised these infected devices could be used to generate large amounts of fraudulent clicks on advertisements, generating revenues for the creators of the malware.

The malware was dubbed “Judy” by Check Point after the title character in Kiniwini’s apps. Chef Judy: Picnic Lunch Maker, for example, encourages players to “create delicious food with Judy

Google removed the apps from Google Play once it had informed of the problem.

How does Judy infect a device?

Hackers create a harmless app that can get around Google’s security screening and it is added to the app store.

Once it has been downloaded by users, it silently registers with the makers servers for update.  That update is not just latest software, content and adverts etc. It contains the code and list of web addresses. The APP then opens a browser window and starts to make clicks on the listed websites on the selected adverts. These clicks are registered by networks such as Google Ads and in time will produce payments to the makers.

This kind of cheating has been used in the past but this is one of the worst such examples and it circumvents Google APP security which they will not be pleased about.

Kiniwini also develop APPS for Apple devices but so far there are no reports of problems with those APPS.

This all happened a few years ago, but shows the dangers of relying on Google’s screening process for APPS. Be careful with any APPS you download.

Do enter your email address and click on the subscribe button

Fightback Ninja Signature

Child Abuse Protection Online

Facebook, Twitter, Microsoft, Google and other tech companies agreed to British government demands that they do more to keep young people safe on their online services.

This is a set of voluntary guidelines created by the UK, the U.S., Australia, Canada and New Zealand and it includes measures to stop new and existing child abuse photos and films appearing online.

The guidance also specifies that the companies must prevent streaming of such material and to work with Police to identify offenders and further develop their technology to stay ahead of offender’s behaviour online.

The countries have been clear that if the voluntary guidelines do not work then legislation will follow.

This is a big step forward – shame it has taken the tech companies so long to reach this point.

Do enter your email address and click on the subscribe button on top right to keep up to date with new

Fightback Ninja Signature

The Puppies and Kittens Scam

There have always been scams involving the sale of puppies and kittens but currently there are more, due to the social distancing rules that mean prospective buyers cannot visit to view the kittens or puppies and scammers are taking advantage of this.

The scammers offer animals for sale and you pay a deposit, but the animals are never delivered.

It’s always better to either wait until it is possible to view the animals or for someone on your behalf to view the animals but in current circumstances that is not always possible.

If you do choose to buy an animal seen only by photograph or recorded video, then take whatever steps you can to ensure the seller is genuine and that your payment is protected.

  • Insist on a Live view of the animal e.g. using Facebook Live or Zoom or similar video conferencing services
  • Verify the track record of the seller
  • Select a seller close to your location
  • Verify that payment details for the seller match the company name and address
  • Do not make full payment until the animal has been received and is what you expect

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Stupidest Spam of the Week Spiced Feet

“Place this herb under your tongue to destroy skin and nail fungus” is a very stupid email title and gives it away immediately as being a scam message.

The message starts with

“Doctors can’t explain why this insane method passes every lab test… “ which is a phrase commonly used by scammers trying to sell something ridiculous.

It never explains about the magic herb but moves on to claim that putting a spice in your shoes will destroy nail fungus and completely regrow your nails in no time.

Toe nails grow about one third of the rate of finger nails so to regrow a toe nail takes about 18 months.

Not quite immediately.

Complete rubbish of course. Never click on links in these emails as you don’t know what malware is hiding behind the link.

To enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

DMCA Takedown

The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization.

It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works (commonly known as digital rights management or DRM).

They are the guardians online of copyright material and are best known for being able to take-down websites where people have copied other’s content and not removed it when ordered to.

A “DMCA Takedown” is when content is removed from a website at the request of the owner of the content or the owner of the copyright of the content. It is a well established, accepted, internet standard followed by website owners and internet service providers.

Any owner of content has the right to process a takedown notice against a website owner and/or an Online Service Provider (e.g. ISP, hosting company etc.) if the content owner’s property is found online without their permission.

There is list of takedown conditions:

  • when copyright infringing content is removed or “taken down” from a website, by the website owner, upon receipt of a DMCA Takedown Notice from their ISP / Hosting company. This notice is generated by the, or on behalf of, the illegally published content owner, distributor, publisher etc.
  • when copyright infringing content is removed or “taken down” from a website by the website owner upon receipt of a DMCA Takedown Notice from the, or on behalf of, the content owner,distributor, publisher etc.
  • when copyright infringing content is removed or “taken down” from a website by the by the ISP or Hosting company of the website that is publishing the infringing content. This occurs because the website owner has not voluntarily complied with a DMCA Notice and the ISP or Hosting company must comply with the Takedown notice.
  • when an infringing website is taken down or “offline” by it’s ISP or Hosting company. This occurs because the website owner does not voluntarily comply with a Takedown notice as described above.

These Takedown actions occur upon receipt of a DMCA Takedown Notice which uses stipulations laid out in the Digital Millennium Copyright Act. (DMCA). This Act directly addresses the take down of (copyright) infringed content from a website which is publishing content in violation of copyright protection act or content being used without permission or not in accordance to the sworn statement of the content owner.

If you have needed to get a DMCA Take-down, do let me know, by email.

Fightback Ninja Signature