Latest news with #APK
Indian Express
25-04-2025
- Indian Express
Over 25 mn devices at risk: What is FatBoyPanel, the new malware targeting Indian users?
A dairy businessman, 44, from Dharashiv, received a WhatsApp call from someone posing as a bank official. The caller warned him that his account would be suspended unless updated immediately. When the victim panicked and asked how this issue could be resolved, the 'official' offered a simple solution – downloading a 'banking application,' the link of which would be shared on WhatsApp. The link reached him, and the victim downloaded the Android Package Kit (APK) file and installed it. What followed was 26 rapid transactions that drained his entire bank account. A sophisticated, malicious piece of software, called malware, was the reason. This isn't an isolated case. In recent years, scammers have increasingly targeted users through APK files laced with malicious software that hijack devices. This week, we take a closer look at one such malware: FatBoyPanel. What is malware? Malware, short for 'malicious software', refers to intrusive programs designed by cybercriminals to steal data or damage systems. Common types include viruses, worms, Trojans, spyware, adware, and ransomware. Recently, in a blog post on the website of Zimperium, a tech company that provides AI-driven mobile security that protects devices and apps from phishing, malware, and zero-day threats, the company said that their research team has identified a malware that steals from the Indian bank accounts: FatBoyPanel. What is FatBoyPanel? Nico Chiaraviglio, chief scientist at Zimperium, told that FatBoyPanel is a mobile-first banking trojan that has been discovered across nearly 900 different applications, primarily targeting Indian users. The attack begins with social engineering: scammers pose as officials or trusted entities and approach users via WhatsApp. They then send a malicious APK, encouraging the user to install it. Once installed, the app gains access to sensitive data and steals one-time passwords (OTPs) to execute unauthorised transactions. 'FatBoyPanel is mobile-first, optimised for Indian banking apps, and even supports real-time session hijacking. That makes it especially dangerous in the hands of low-skilled attackers,' said Akshat Khetan, a cyber-legal expert and founder of AU Corporate Advisory and Legal Services (AUCL). What distinguishes this malware? 'It uses a centralised command structure that controls multiple variants across campaigns, abuses live phone numbers for OTP redirection, and has exfiltrated data from over 25 million devices. This makes it far more organised and dangerous than traditional banking trojans. It is also a new banker trojan that shows constant evolution of threat actors,' Chiaraviglio said. The malware requests permission to read SMS messages, enabling it to capture OTPs and bypass two-factor authentication in real time. 'It hides its icon after installation and disables Google Play Protect, allowing it to stay hidden and maintain access,' Chiaraviglio said. 'Once permissions are granted, it embeds itself into the system and communicates with its control panel,' Khetan said, Breach fueled by social engineering The attackers pose as government agencies or trusted services, sending fake APKs via WhatsApp. This social engineering drives up installation rates,' Chiaraviglio said. He also shared some numbers: Over 1,50,000 stolen messages were found on the attacker panel, with more than 25 million compromised device records, highlighting the massive scale of this breach. 'The breach exposes how easily users can be manipulated into side-loading apps and how SMS-based OTPs remain a weak link, especially in regions relying on them for banking authentication,' he said. Pavan Karthick M, threat researcher III at CloudSEK, said, 'This campaign, active since late 2023, uses consistent infrastructure across all samples–FatBoyPanel. It's part of a growing trend where everyday platforms host Command and Control (C2) servers, giving cybercriminals both scalability and operational cover.' Khetan elaborated on how the malware acts: 'Once deployed, the malware can intercept SMS-based OTPs, log credentials and perform keylogging. It may also use Accessibility Services to perform actions on behalf of the user such as initiating fund transfers within banking apps. In some cases, attackers use remote access tools (RATs) embedded in the payload to execute transactions manually from the victim's device, bypassing traditional fraud detection mechanisms. How to protect yourself – Avoid sideloading APKs: Only use official app stores. – Enable Google Play Protect: Keep it on to scan for harmful apps. – Use mobile security software: Opt for real-time threat detection. – Verify app sources: Never trust unknown or unofficial links. – Check app permissions: Avoid granting SMS, call, or gallery access to unverified apps. Some malware can even delete itself to avoid detection, making user vigilance critical. 'To better protect users, banks must move away from SMS-based OTPs and embrace stronger multi-factor authentication. In-app protections and local-language awareness campaigns are also key,' Chiaraviglio said. The Safe Side As the world evolves, the digital landscape does too, bringing new opportunities—and new risks. Scammers are becoming more sophisticated, exploiting vulnerabilities to their advantage. In our special feature series, we delve into the latest cybercrime trends and provide practical tips to help you stay informed, secure, and vigilant online.
Korea Herald
25-04-2025
- Politics
- Korea Herald
Kazakhstan vows stronger interethnic harmony
Kazakh leader calls for stronger interethnic unity amid global uncertainty Korea Herald correspondent ASTANA, Kazakhstan — Kazakhstan vowed stronger interethnic harmony to commemorate the 30th anniversary of the Assembly of the People of Kazakhstan on Thursday. Taking place at the Palace of Peace and Reconciliation in Kazakhstan's capital Astana, the assembly discussed the nation's statehood and societal cohesion. The APK was established on March 1, 1995, by the first President Nursultan Nazarbayev, and has evolved from an advisory body into a constitutionally recognized institution of the Kazakh government in 2007. Chaired by Kazakh President Kassym-Jomart Tokayev, the assembly brought together more than 2,000 members from diverse ethnic, social and professional backgrounds. 'Only where there is unity, there is life,' remarked the president at the assembly's 34th session, pointing to the value of unity amid global uncertainty. 'Some ethnocultural associations have gathered unique private collections of art and ethnography that should also become part of the national cultural heritage,' Tokayev suggested. 'Kazakhstan is home to nine Russian drama theaters and four unique ethnic theaters — Uighur, Korean, Uzbek and German,' said Tokayev. According to the president, Kazakhstan ensures equal opportunities regardless of ethnicity, language, or religion, calling the commitment to fairness the foundation of a just state. Kazakhstan's multicultural identity is reflected in its rich cultural infrastructure, including nine Russian drama theaters and four ethnic theaters — Uighur, Korean, Uzbek, and German, he said, applauding ethnocultural associations. Organizers say that the assembly unites people who value social harmony with over 1,000 ethnocultural associations, APK institutions, and community initiatives such as councils of mothers and elders, a youth wing and volunteer-driven centers. 'We are different, but equal,' Tokayev said, underscoring that all ethnic groups living on Kazakh soil have the opportunity to fully develop their language, culture and traditions. But he also warned against provocations targeting ethnic harmony. 'Any provocative actions aimed at inciting discord in our society or destabilizing the situation will be stopped and punished by law,' he said, reinforcing that 'ideological strife is absolutely alien to our (Kazakh) worldview.' Citing Kazakhstan's historical tradition of hospitality, Tokayev recalled how the nation received millions who resettled during the Soviet era. Kazakhstan has a long history of people moving there from other regions. In the 20th century, many Russians, Slavs and other Soviet ethnic groups arrived in several waves. In the 1930s, many came to work in factories, while others were forced to move due to Stalin's purges. In the 1950s and 60s, more people arrived as part of the Virgin Lands campaign. During World War II, Kazakhstan became a safe place for over a million people escaping the Nazis, and was also a destination for groups, such as Crimean Tatars, Germans, Koreans, and North Caucasus Chechens and Ingush who were deported from Russia. 'Kazakhs accepted them as brothers. Millions of their descendants are now full-fledged, responsible citizens of Kazakhstan,' he said. 'I have instructed the Akims to regularly hold meetings on interethnic and interethnic relations,' said Tokayev. An Akim is the head of a local government in Kazakhstan and Kyrgyzstan who looks after administrative duties to implement policies within their region. 'All ethnic groups living on Kazakh soil have the opportunity to fully develop their language, culture and traditions," Tokayev highlighted. Meanwhile, he also underscored Kazakhstan's friendly ties with Russia, China, Kyrgyzstan, Uzbekistan, Turkmenistan and Azerbaijan. 'There are no unresolved issues between us,' he noted, adding that regional cooperation is a hallmark of Kazakhstan's diplomacy. To mark the 30th anniversary of the Assembly of the People of Kazakhstan, citizens were awarded state honors by presidential order for promoting peace, friendship and interethnic harmony. "We need unity. Unity means happiness, kindness, support for each other, and love for people,' Anel Marabayeva, one of the recipients of the President's award, told The Korea Herald. 'Interethnic coexistence, unity, kindness, and mutual support are the backbone of a diverse society,' she added. sanjaykumar@
Hindustan Times
22-04-2025
- Automotive
- Hindustan Times
Google ‘Glasses' not happening. Android Auto 14.2 update drops all hints
Android Auto 14.2 is now being rolled out to users following its beta release earlier this month. If you haven't received the update yet, there's no need to be concerned, it's expected to become widely available in the coming days or weeks. Unfortunately, the update doesn't introduce any major new features. This update primarily addresses bug fixes and includes some minor adjustments. According to 9to5Google reports, the update does not include any significant changes for users, and most of the modifications are related to general stability and performance. As far as Android Auto drivers are concerned, there are no new features to discover this time around, and the update appears to be relatively short. Also read: Apple may launch sky blue colour option for iPhone 17 Pro in 2025: Report Although there is one notable change, it's the removal of the reference to "Glasses" within the Android Auto code. Previous reports on the APK (Android Package Kit) included mentions of "Glasses", which leads to speculation that a smart glasses feature was being developed for the platform. In the 14.2 update, these references have been removed, leading some to believe that the feature may have been dropped or delayed. Also read: Samsung Galaxy Z Flip FE launch delayed: Know when the cheaper foldable could arrive The first mention of "Glasses" was found in the Hindi version of the app, where the code referred to the ability to start navigation and launch "Glasses". This discovery led to rumours that Google could be working on integrating smart glasses with Android Auto. However, these references did not match up with the English version of the app, which raised questions about potential translation issues or misunderstandings in the code, Android Central reported. As a result, it's unclear whether Google is still considering such a feature, and it may not appear in the near future. Also read: How to use ChatGPT to colourise old black-and-white images: Step-by-step guide In other developments, Android Auto users can look forward to other improvements in future updates. Recent APK teardown reports have hinted at the addition of new features, including those related to air conditioning controls, such as recirculation and windshield defrosting options. Although the timeline for these updates remains uncertain, these additions could offer more convenience for drivers once they are officially released. For now, Android Auto 14.2 users can expect a smoother experience with bug fixes and minor tweaks, but the potential for new features, like smart glasses integration or enhanced climate control, remains uncertain. Mobile finder: Google Pixel Pro XL LATEST price, specs and all details
