DKFBootKit - First Android BootKit Malware

Saturday, March 31, 2012 // by Saurabh // Labels: Android, News // No comments:

NQ Mobile Security Research Center has recently uncovered a new malware DKFBootKit. This malware is identified when monitoring and analyzing the evolution of earlier DroidKungFu variants. What sets DKFBootKit apart from malware like DroidDream, is that DKFBootKit replaces certain boot processes and can begin running even before the system is completely booted up.

DKFBootKit repackages legitimate apps by enclosing its own malicious payloads in them. However, the victim apps it chooses to infect are utility apps which require the root privilege to work properly. NQ says the malicious code has already infected 1,657 Android devices in the past two weeks and has appeared on at least 50 different mobile apps.
These apps seem to have legitimate reasons to request root privilege for their own functionality. It is also reasonable to believe that users will likely grant the root privilege to these apps. DKFBootKit makes use of the granted root privilege for other malicious purposes, namely comprising the system integrity.
In order to avoid being infected by this beast, NQ recommends three commonsense steps:

First, don't download any apps from sketchy app stores.
Second, don't accept app permissions from unknown sources and always be sure to read the permissions an app is requesting.
Third, download a security app that can scan your apps for you to search for malicious code.

EcDB Is an Online Database for Your Electronics Inventory

Tuesday, March 13, 2012 // by Saurabh // Labels: Tweaks // No comments:

Tweaks As most hobbyist and electronics hackers know, keeping tabs on all the tiny components, pieces, and parts inside your toolkit is almost impossible. It's especially troublesome when you go to start a new project only to realize that one piece you need is already in use elsewhere or lost inside a box. To help solve this, ecDB is a webapp organization tool that helps track your electronic components.
The webapp is still in beta, but its core feature set, the management and tracking of electronics components, works great. You have to manually enter in each of your different components, but once you do you can set them aside in projects, track a shopping list of what you need, and quickly see what you have on hand. If it's a complicated project you can upload images with schematics so you can keep of everything in a centralized place. If you're into electronics hacking this is a very handy organization tool.

ecDB | via Hack A Day