Search This Blog

Showing posts with label Huawei. Show all posts

500,000 Huawei Devices hit by the Joker Malware


Security researchers have discovered that over 500,000 Huawei smartphone users who inadvertently subscribe to premium mobile services have downloaded apps contaminated by the Joker malware. For the past couple of years the malware family of Joker has infected apps on Google's Play Store, but it is the first time on Huawei phones. Using the company's in-house platform - App Gallery, Huawei users are not actually able to access the Google Play Store due to business restrictions in the USA. Researchers also discovered in the App Gallery some 10 apparently harmful applications containing malicious command and control server connectivity code for installation and additional components. 

A source noted that “Doctor Web’s virus analysts have uncovered the first malware on App Gallery―the official app store from the Huawei Android device manufacturer. They turned out to be dangerous Android. Joker trojans function primarily to subscribe users to premium mobile services. In total, our specialists discovered that 10 modifications of these trojans have found their way onto App Gallery, with more than 538,000 users having installed them.”

However, the researchers mentioned that the malware might subscribe the user to up to five services, but that restriction could also be changed at any time by the threat actor. Digital keyboards, a camera app, a launcher, an online messenger, an adhesive set, coloring programs, and a game were included in the malicious applications list. Most of the applications were developed by one (Shanxi Kuailaipai Network Technology Co., Ltd.) developer and two from separate developers. More than 538,000 Huawei users have installed these 10 applications, as per the Doctor Web’s reports. 

Doctor Web notified Huawei of these applications and the company detected and removed them from the App Gallery. Although new users cannot download them anymore, whereas if the applications were on the devices of other users then they must be cleaned manually. Upon being enabled, the malware transmits a configuration file to the remote server, including a task list, premium service websites, and JavaScript which imitates user interaction states the researchers. 

The history of Joker malware goes back to 2017 and has consistently made its way through the Google Play store distributed games. In October 2019, Kaspersky Malware Researcher Tatyana Shishkova tweeted over 70 compromise applications that made it official. And the malware reports in Google Play continued to surge. In early 2020, Google announced the removal of some 1,700 Joker-infected applications. Joker remained in the shop last February and even in July of last year he still slips through Google's defenses.

BT Tower Delays Huawei's Removal from EE Company's Network by 2 Years

BT Tower, which is a communication tower in London, further suspends the replacement of Huawei from the EE company's core network. EE is a British ISP and mobile network company which deals with 4g/5g phones, broadband, and sims. According to the reports, Huawei is expected to continue as a part of the EE network. The news comes as a surprise because in 2018, the company BT said that within two years, it would remove Huawei equipment from its network hub.

But now, after two years, BT says that the new 100% core mobile traffic would be ready by 2023 on its new Ericsson built equipment, even though the government deadline was January 2020. Besides this, BT condemns the government for also controlling 65% of the network's perimeter to get relieved of Huawei's equipment.

About 5G core and its importance- 
A smartphone's network's core is like a brain or the heart of the device. Inside the 5G center, voice and other data are directed over different sub-networks and network servers to make sure the data reaches the destination. The process goes like this-

  • Authentication of users to make sure only the subscribed users get the benefits 
  • Calling the correct radio tower for connecting with different person's smartphone networks. Controlling call-forwards and voicemail facilities. 
  • Sending SMS and multimedia from one smartphone to others. 
  • Communicating the data to 3rd party websites and apps. 
  • Tracking the data used to calculate user customer usage. 

To make sure that the targets are completed in the given time scale set by the government, and side by side follow with their attention on 5G networks, it is essential to prioritize the transfer of customers to the new Ericsson core network, for both the 5G and 4G customers, says a spokesperson. Whereas, the US is continuously pressuring officials to the urgent prohibition of Huawei. Earlier this month, some conservative MPs even went against their party for urging this outright ban on Huawei. "Recent events have shown how necessary it is to disentangle China from UK security infrastructure. Any delay will meet with great resistance," says former MP Liam Fox, International Trade and Defence Secretary.

America Vs China! The USA Alleges Huawei to be a Technology Thief and Spy for China?

In view of recent reports, China and the US have taken their technology war to court. Now, the US firms allege that the telecom colossus, Huawei has been planning to rip them off of their technology for “decades”.

Hence, the American organizations decided to expand the premises of their lawsuit against the Chinese mega-company.

The prosecuting attorney mentioned that Huawei did indeed violate the terms of the contract with the companies of the US by stealing robot technology, trade secrets and such.

Per sources, Huawei has straightaway denied all the allegations and has cited that the US is merely threatened by the competition and hence are trying to run down the name of Huawei.

Per newspaper reports, the mega smartphone maker’s chief financial officer and the founder’s daughter are held captive in Canada, struggling against extradition.

According to sources, there are charges of fraud and “sanctions violations” on the founder’s daughter, which she has waved off and denied.

Huawei pretty strong-headedly is maintaining that this lawsuit and the charges on the company are trivial attempts at tarnishing the reputation of their company and attempts at depleting stakes of competition.

Per reports, the fresh accusations of the US against Huawei include trade secret embezzlement, racketeering and even sending spies to obtain confidential information.

Sources reveal, that the persecution attorney also said that Huawei with its stolen data cut both times and cost in the research and development for the company which helped it climb the steps faster than the others.

Per Huawei, the newer charges are just another way of bringing up older claims. Nevertheless, it doesn’t look like the US plan to withdraw their claims or the lawsuit in the near future or at all.

This technological rift has a strong possibility of transforming into a political dispute between America and China. The US is forcing countries like the UK to pull back their support from Huawei, continuing to say that the equipment could be used by China for spying.

Relations between China and the US are down a very flimsy and unpredictable road. All the same, the UK still continues its business ties with Huawei but with possible limits.

India Invites Huawei and ZTE to Participate in 5G Trials

The demands for bringing fifth-generation (5G) technology of mobile networks in India are on a rise and the government is looking forth to begin the 5G trials, The Department of Telecommunications (DoT) has invited all applicants to show use-cases of 5G network in India, including Chinese telecom company Huawei Technologies Co. Ltd and ZTE. On Monday, telecom minister Ravi Shankar Prasad was specifically asked about Huawei, wherein he told that at this stage, all stakeholders are invited.

“5G trials will be done with all vendors and operators,” telecom minister Ravi Shankar Prasad told media. “We have taken an in-principle decision to give 5G spectrum for trials.”

Amid all the ongoing economic and diplomatic tensions between the US and China, the invitation for the 5G trial comes as the very first official stance taken by India on the matter. It also offered Huawei some breathing space after the global scrutiny it has been subjected to regarding network security concerns. The claims made by the US put into perspective the probable exploitation of the equipment, that China can do to spy onto other nations; meanwhile, to its defense, Huwaei constantly denied the allegations.

The US has also alerted the Indian government about the potential risks that will come along with these Chinese companies being allowed to deploy next-generation technology in India, Morgan Ortagus, the US state department’s spokesperson while acknowledging the important role 5G networks will be playing in the upcoming era, also told how high are the stakes of letting companies under the command of authoritarian regimes deploy technology in other nations. “All countries should adopt national security policies in order to prevent untrusted companies from misusing any part of their future 5G network plans,” Ortagus further added.

As India is yet to finalize the framework and devise a clear plan for 5G technology, Prasad said in the Rajya Sabha that, “The government is creating an enabling framework for the deployment of affordable and secure 5G services in India.”

Referencing from the statements given by Vimal Wakhlu, a former chairman of Telecommunications Consultants India Ltd., “Whether it is Huawei or Ericsson or any other company, India needs to build a system, which can detect any malware and not depend on the brand of a company or a country."

“Any country is capable of snooping on us. The reason some people have been advocating a ban on Huawei is that if it is barred, the market for equipment becomes slightly less competitive and hence it can be sold at higher prices."

Huawei to Reward Hackers for Discovering Any ‘Secret Backdoors’ In Its Smartphone Technology

With the hopes of outdoing Google, Huawei announced in a "big bounty launch" to reward hackers for exhibiting a "critical" weakness in one of its Android devices.

Revealing the program at a private event for a few of the world's top Android hackers at Munich, Germany, a week ago, so much so that it even gave an example as to how the hackers could bag the first prize, as they would need to get remote access to the device without the target 'having to click anything'.

A high-severity hack would even see that the hacker could assume control over a phone when they had direct access to it.

The company is said to have been following Apple's lead in keeping the 'bug bounty invite-only'. As revealed on Twitter by Forbes 30 Under 30 alum Maria Markstedter, who was one of the invited guests, the researchers who were welcomed would likewise be offered tokens to invite other altruistic hackers too.

The bug bounty was at first announced by TechCrunch recently, yet no subtleties on payments or logistics have been uncovered.

Huawei additionally announced that for a "high"- severity issue, hackers can procure up to $110,000 (€100,000), while Google, in the interim, presents to $200,000 and $100,000 for exhibits of comparative attacks on its Pixel phones.

While bug bounties are very basic among major smartphone makers, it's Apple and Google fundamentally who are behind two of the most well-known.

Anyway, one significant explanation suspected as to why Huawei did this might be on the grounds that could provide solid evidence that it isn't concealing any 'secret backdoors' in its most prevalent phones that the Chinese government could use.

Google restricts Huawei’s access to Android apps

Google restricts the access of its Android operating system and apps for Chinese tech giant Huawei after US’s President Donald Trump administration blacklisted the firm.

The order not only impacted Google but the US chip-makers as well.  Intel Corp, Qualcomm Inc., Xilinx Inc., and Broadcom Inc. have all stopped doing business with the Chinese tech giant

"We are complying with the order and reviewing the implications," a Google spokesperson said on Monday. Huawei, the world's No. 2 smartphone seller, relies on a suite of Google services for its devices, including the Android system and the Google Play app store.

Huawei will now only be able to use the public version of Android and the new phones will not have Google play store, Gmail, and other services provided by Google.

The users who are now using the Huawei smartphones will not be affected by this order, but they won’t be able to update their phones. 

However, the Chinese tech company claim that for the last three years that have been working on their own operating system.

"Huawei has been building an alternative operating system just in case it is needed," said Huawei spokesperson Glenn Schloss. "We would like to be able to continue operating in the Microsoft and Google ecosystems," he added.

The company has bought Microsoft’s operating system license for its laptops and tablets. Meanwhile, Microsoft (MSFT) did not immediately respond to a request for comment.

US Pressures Its Allies against the Usage of Chinese Firm Huawei’s Technology; Suspects the Products to Spy on Other Countries

The US pressures its allies to not utilize Chinese firm Huawei's innovation to assemble the new 5G networks as its authorities are worried that China could be utilizing the Huawei products to spy on different nations.

"It's a hugely complex strategic challenge," said GCHQ chief Jeremy Fleming, all the while giving accentuation on the requirement for better cyber-security practices in the telecoms industry. In spite of the fact that the National Cyber Security Centre - some part of GCHQ - said a few weeks earlier that any hazard presented by the company could be overseen.

The vast majority of the UK's mobile companies, for instance Vodafone, EE and Three are known to have been working with Huawei on 5G, yet as of now they are anticipating the results of a government review, due in March or April, that will further choose to decide whether or not they'll be permitted to proceed with it.

An on-going report from the Royal United Services Institute said it would be "naive" and "irresponsible" to permit Huawei the access.

 “We have to understand the opportunities and threats from China's technological offer - understand the global nature of supply chains and service provision, irrespective of the flag of the supplier. Take a clear view on the implications of China's technological acquisition strategy in the West, and help our governments decide which parts of this expansion can be embraced, which need risk management, and which will always need a sovereign, or allied, solution." Said Fleming in his speech at an event in Singapore.

Focusing on the requirement for more grounded cyber-security over the telecoms sector, Fleming stated: "Vulnerabilities can and will be exploited. But networks should be designed in a way that cauterises the damage."

Since 5G is critical to the UK government therefore in order to guarantee that Britain stays competitive as a country, as per Gartner senior research director Sylvain Fabre, “They are reviewing the situation, in a way that hasn't been done in the past, but it sounds like all options are still on the table," he told the BBC.

Meanwhile the US is seeking after criminal allegations against Huawei and its CFO, Meng Wanzhou. Talking at a round table at Portable World Congress in Barcelona on the 24th of February, Huawei's rotating chairman, Guo Ping, says that,

"Huawei needs to abide by Chinese laws and also by the laws outside China if we operate in those countries. Huawei will never, and dare not, and cannot violate any rules and regulations in the countries where we operate."

A Botnet Compromises 18,000 Huawei Routers

A cyber hacker, by the pseudonym Anarchy, claims to have made a botnet within 24 hours by utilizing an old vulnerability that has reportedly compromised 18, 000 routers of Chinese telecom goliath Huawei.

As indicated by a report in Bleeping Computer, this new botnet was first recognized in this current week by security researchers from a cyber-security organization called Newsky Security.

Following the news, other security firms including Rapid7 and Qihoo 360 Netlab affirmed the presence of the new danger as they saw an immense recent uptick in Huawei device scanning.
The botnet creator contacted NewSky security analyst and researcher Ankit Anubhav who believes that Anarchy may really be a notable danger who was already distinguished as Wicked.

The activity surge was because of outputs looking for devices that are vulnerable against CVE-2017-17215, a critical security imperfection which can be misused through port 37215. These outputs to discover the vulnerable routers against the issue had begun on 18 July.

While the thought processes have still not been clarified, the hacker revealed to Anubhav that they wished to make "the biggest and the baddest botnet in town...”
"It's painfully hilarious how attackers can construct big bot armies with known vulns," the security researcher later added.

The working endeavor code to compromise Huawei routers by utilizing this known defect was made public in January this year. The code was utilized as a part of the Satori and Brickerbot botnets, and also a series of variations which depended on the scandalous Mirai botnet, which is as yet going quite strong.