Apps

Kid’s Texting Shorthand – What Does It Mean?

How often do you see shorthand that your kids have texted but aren't sure what it means?  We've put together a list of some of the more cryptic and concerning shorthand currently being used.

  • IPN - I'm posting nude
  • WTTP - Want to trade pictures?
  • KPC - Keeping parents clueless
  • 99 - Parents gone
  • F2F - Face to face
  • 53X - Sex
  • 420 - Marijuana
  • CID - Acid
  • 1174 - Meet at or Party meeting place
  • WYRN - What's your real name?
  • GNOC - Get naked on camera
  • PIR - Parent in room
  • NIFOC - Naked in front of computer
  • CU46 - See you for sex
  • 9 - Parent watching
  • PRON - Porn
  • TDTM - Talk dirty to me
  • 8 - Oral Sex
  • POS - Parents over shoulder
  • CD9 or Code9 - Parents around
  • LH6 - Let's have sex
  • DOC - Drug of choice
  • GYPO - Get your pants off
  • MIRL or LMIRL - Let's meet in real life

Concerned parents who are looking for ways to check up on their kids phone activities look into mSpy.  mSpy allows parents to track Snapchat photo posts, texting, web surfing, Skype, GPS, has a keylogger and more.

cell_phones

Read more...

First WireLurker - Now Masque Attack

Reports are out on another even more dangerous iOS malware in the wild - Masque Attack.

Masque Attack shows that Apple's ban of the WireLurker infected apps have been ineffective as Masque Attack is utilizing the same provisioning loophole that WireLurker used. The vulnerability exists because iOS doesn't enforce matching certificates for apps with the same identifier.

Apple unfortunately has a history of being slow to patch security flaws, so the fact that this loophole has yet to be patched is not surprising.  The real question is how many more copycat infections will be out there before Apple does get the patch released...

WireLurker required the user to download the infected app to their computer and then attach their iOS device via USB to infect the iOS device. Masque Attack skips that overly complicated step and infects iPhones and iPads when the user visits infected webpages and agrees to install a new app. So there is a moment where the user could say no to that new app and stay safe, but...

The Masque Attack infected app can replace any app on the iPhone or iPad, excluding those pre-installed by Apple. This includes banking, email or any other third party app. Once the user inputs their credentials into the replaced app the information is sent to the malware's creators.

Now here's the kicker to Masque Attack, and this one really should irritate you, Security Firm FireEye reported the discovery of this malware to Apple on July 26th.  Three months plus and no patch.  According to FireEye the latest iOS 8.1.1, which is in beta, is still vulnerable.

One surprising "feature" FireEye discovered is that the infected replacement apps could get access to the data from the original apps.  In one of their tests, FireEye "used an in-house app with a bundle identifier 'com.google.Gmail' with a title 'New Flappy Bird'. When FireEye "installed this app from a website, it replaced the original Gmail app on the phone."  And just like that your iOS device is infected.  See below for the image and details showing how FireEye tested this malware.

Images from FireEye Masque Attack Experiment Images from FireEye Masque Attack Experiment

Details from FireEye - "Figure 1 illustrates this process. Figure 1(a) (b) show the genuine Gmail app installed on the device with 22 unread emails. Figure 1(c) shows that the victim was lured to install an in-house app called “New Flappy Bird” from a website. Note that “New Flappy Bird” is the title for this app and the attacker can set it to an arbitrary value when preparing this app. However, this app has a bundle identifier “com.google.Gmail”.

After the victim clicks “Install”, Figure 1(d) shows the in-house app was replacing the original Gmail app during the installation. Figure 1(e) shows that the original Gmail app was replaced by the in-house app. After installation, when opening the new “Gmail” app, the user will be automatically logged in with almost the same UI except for a small text box at the top saying “yes, you are pwned” which we designed to easily illustrate the attack. Attackers won’t show such courtesy in real world attacks."

You have to love the extra bit of humor FireEye showed in their test.  "yes, you are pwned"  :)

The same preventative measures hold true from WireLurker to Masque Attack:

  • Don't install apps from third-party app stores
  • Don't click "Install" from any popups found on webpages
  • If you ever have "Untrusted App Developer" appear, click "Don't Trust" and either abort the install or uninstall that app immediately
Read more...

The Hits Keep Coming To Apple's iOS

iPadAnother bit of malware, named WireLurker, has been discovered targeting iPhones and iPads.

iPhone and iPads are infected when the device is connected through USB to a Mac computer where an infected OS X app has been downloaded. The source of the infection is reported to be third-party OS X apps in the Maiyadi App Store in China.  For the time being most of the reports of infection are located in China.  Apple devices are at risk whether they've been jailbroken or not.

Security firm Palo Alto Networks researcher Claud Xiao has said this "heralds a new era in malware attacking Apple's desktop and mobile platform" and is "the biggest in scale we have ever seen."

The larger the Apple market share, the more attractive Apple becomes as a target for cyber criminals.

Palo Alto Networks says the infected WireLurker app has been downloaded over 356,000 times to OS X computers, how many of those computers have attached via USB to an iPhone or iPad is unclear.  Once infected the malware has the capability of stealing "a variety of information" from the mobile device.

The recommendation is the same for iOS or Android, don't download from third-party app stores.

If nothing else, this malware is a proof of concept for malware / virus developers that Apple devices are not impenetrable.

Read more...
Subscribe to this RSS feed

Contact us

Phone: (775) 852-1811

Toll Free: (866) 511-1331

Fax: (775) 852-1844

Email: info@tsis.net

Physical Address:

800 South Meadows Parkway

Suite 600

Reno, NV 89521

Log in or Sign up