Technology
Android banking Trojan evolves to evade detection and strike globally
Android banking Trojan Medusa has returned after almost a yearlong hiatus and is now even more dangerous. The new variant of the Trojan is lightweight and requests fewer device permissions to avoid detection.
First identified in 2020, Medusa is a Turkish-linked banking Trojan that initially targeted Turkish financial institutions.
It expanded rapidly by 2022, launching major campaigns in North America and Europe, causing significant monetary harm. Medusa’s new variant is now targeting Android users across the globe, including those located in the U.S., Canada, Spain, France, Italy, the U.K. and Turkey.
A man looking at his Android phone. (Kurt “CyberGuy” Knutsson)
How does the Medusa Android Trojan evade detection?
Since July 2023, Medusa attacks are back with a new version. Cybersecurity experts from Cleafy found a spike in the number of installs of an app called “4K Sports.” This app is being used by hackers to put malware on people’s Android phones. The new malware is an upgraded Medusa with big changes in how it works.
It asks for fewer permissions, making it sneakier. It still requests Accessibility Services, which is a big red flag. Android’s Accessibility Service is a powerful tool that helps people with disabilities use mobile devices more easily. When you grant an app Accessibility permissions, you’re essentially giving it the ability to do whatever it wants on your phone.
CLICK HERE FOR MORE U.S. NEWS
Cybercriminals are aware of this, so most malware that infects your phone will ask for Accessibility permissions. You should be immediately suspicious when an app requests permissions in this area. Medusa’s new variant also requests Broadcasting SMS, Internet Foreground Service and Package Management permissions.
The Android Trojan now has 17 fewer commands than before but adds five new ones, like setting a black screen overlay, taking screenshots and more.
Cleafy reveals that hackers are using not only the 4K Sports app to install Medusa but also fake apps like Google Chrome, InatTV, Purolator and 5G. In the U.S., Chrome, InatTV and Purolator are the main apps being misused by these hackers.
A person on their Android phone. (Kurt “CyberGuy” Knutsson)
BEST ANTIVIRUS FOR ANDROIDS — CYBERGUY PICKS 2024
What is the scale of the Medusa cyberattack?
Medusa is going after people all over the world, including the U.S. and Europe. Cleafy found two different Medusa botnet groups, each working in its own way.
The first group, with botnets named AFETZEDE, ANAKONDA, PEMBE and TONY, mainly targets people in Turkey but also hits Canada and the U.S. They use Medusa’s usual tricks, like phishing, to spread the malware.
The second group, including the UNKN botnet, shows a change in Medusa’s strategy. It mainly targets European users, especially in Italy and France. Unlike the usual variants, some of these new ones were installed through apps downloaded from untrusted sources. This means the hackers are trying new ways to spread the malware beyond the usual phishing tactics.
Illustration of a cybercriminal. (Kurt “CyberGuy” Knutsson)
ANDROID BANKING TROJAN MASQUERADES AS GOOGLE PLAY TO STEAL YOUR DATA
10 ways you can protect yourself from the Android banking Trojan
While a Trojan is hard to detect and can be dangerous once it enters your phone, there are several things you can do to protect your data.
1. Be cautious of phishing attempts: Be vigilant about emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request.
2. Have strong antivirus software: Android has its own built-in malware protection called Play Protect, but it’s not enough to stop all malicious software. Historically, Play Protect hasn’t been 100% foolproof at removing all known malware from Android phones. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.
3. Download apps from reliable sources: It’s important to download apps only from trusted sources like the Google Play Store. They have strict checks to prevent malware and other harmful software. Avoid downloading apps from unknown websites or unofficial stores, as they can pose a higher risk to your personal data and device.
4. Use an identity theft protection service: Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.
5. Monitor your accounts: If you think you have been affected by the banking Trojan, regularly review your bank statements, credit card statements and other financial accounts for any unauthorized activity. If you notice any suspicious transactions, report them immediately to your bank or credit card company.
6. Enable SMS notifications for your bank accounts: By enabling SMS notifications, you can monitor your accounts for any unauthorized transactions.
7. Set up two-factor authentication (2FA): 2FA is an extra shield that prevents hackers from accessing your accounts.
8. Use a password manager: A password manager can help you create and store strong, unique passwords for all your accounts, reducing the risk of password theft.
9. Regularly update your device’s operating system and apps: Keeping your software up to date is crucial, as updates often include security patches for newly discovered vulnerabilities that could be exploited by Trojans.
10. Be wary of granting permissions: Carefully review the permissions requested by apps. If an app asks for more access than it needs for its functionality, it could be a red flag.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
Kurt’s key takeaways
Hackers behind Medusa have made the malware hard to detect. They use apps that look legitimate to get the malware onto your phone and steal your personal data and sometimes your money. As a rule of thumb, only download apps from the Google Play Store. Google ensures it only allows secure apps on its platform and is safer than any other app store.
What are your thoughts on the increasing sophistication of mobile malware like the Medusa Trojan, and how do you think the cybersecurity industry should respond? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
We’ve seen Axiom Space and Prada’s collaboration on the Axiom Extravehicular Mobility Unit (AxEMU) spacesuit. Now the company has revealed the Liquid Cooling and Ventilation Garment (LCVG) that astronauts will wear underneath it when Artemis IV returns humans to the Moon in 2028.
The LCVG is the all-important base layer that will keep the crew cool and comfortable while inside the AxEMU and on spacewalks. Cold water is circulated through tubes embedded in the suit to whisk heat away from astronauts’ bodies. And, should the primary system fail, there is a backup, unlike older cooling suits. The LCVG also houses the ventilation system that supplies fresh oxygen to the AxEMU helmet and directs exhaled CO2 to a scrubber for recirculation.
The collaboration between Axiom Space and Prada isn’t the first time NASA has gotten involved with a project that blended high-tech materials and manufacturing with high-fashion design. It also funded the BioSuit concept created by MIT professor Dava Newman with help from renowned architect Guillermo Trotti.
Technology
Antares reaches reactor criticality under Trump pilot program, marking major nuclear milestone
NEWYou can now listen to Fox News articles!
Antares Nuclear, Inc. announced Thursday that its Mark-0 microreactor achieved criticality at Idaho National Laboratory, becoming the first advanced reactor to reach the milestone under a U.S. Department of Energy pilot program established after President Donald Trump’s 2025 executive order aimed at accelerating nuclear development.
The Torrance, California-based company said the reactor reached initial criticality under DOE authorization, making Antares the first private company to bring an advanced reactor to criticality through the Department of Energy’s Reactor Pilot Program.
“Hitting our commitments is everything to us. Nuclear in America has been defined for too long by delays, by companies that said they would and then didn’t,” Antares CEO Jordan Bramble said. “We said criticality in 2026, electricity production in 2027, and power to the warfighter in 2028. Today is the first of those commitments delivered on the schedule we set.”
Criticality occurs when a reactor achieves a self-sustaining nuclear chain reaction, a major milestone in reactor development. Antares said the demonstration validated key reactor physics parameters and produced testing data and control system performance information that will support future reactor development.
NEWT GINGRICH, JASON HAYES: THERE’S A NUCLEAR SOLUTION TO RECHARGING AMERICAN INDUSTRY
Energy Secretary Chris Wright said Antares Nuclear’s Mark-0 microreactor became the first privately developed non-light-water reactor to achieve criticality in the U.S. in more than four decades under the Department of Energy’s Reactor Pilot Program. (F. Carter Smith/Bloomberg)
The Department of Energy confirmed the achievement Thursday, describing it as the first privately developed non-light-water reactor to reach criticality in the U.S. in more than four decades.
“Today’s achievement is a historic moment for American nuclear energy,” Energy Secretary Chris Wright said in a statement. “By bringing the first American non-light water privately developed reactor to criticality in more than four decades, Antares has shown what is possible when American innovation is unleashed.”
The milestone comes just over a year after Trump signed four executive orders directing the federal government to accelerate reactor testing, expand domestic nuclear fuel production and streamline pathways for advanced nuclear technologies.
FLORIDA REPUBLICAN’S BILL WOULD MAKE TRUMP ORDERS PERMANENT IN BID FOR US ‘DOMINANCE’ IN KEY INDUSTRY
President Donald Trump holds a signed executive order in the Oval Office. Antares Nuclear said its Mark-0 microreactor achieved criticality under a Department of Energy pilot program created after Trump’s 2025 executive orders aimed at accelerating advanced nuclear reactor development. File photo. (Anna Moneymaker/Getty Images)
One of those orders, Executive Order 14301, directed the Department of Energy to establish a pilot program designed to speed testing and demonstration of advanced reactor designs. The administration set a goal of achieving criticality for advanced reactor concepts by July 4, 2026.
“The President and DOE set an ambitious timeline for reactor testing, and we met that challenge,” Bramble said. “I want to thank our partners at the Department of Energy, Idaho National Lab, BWXT, and the U.S. Army. This is what happens when industry and government work together to accomplish big things.”
Antares said the criticality demonstration was conducted in partnership with the Department of Energy, Idaho National Laboratory and BWX Technologies, while the U.S. Army participated as a future end user of the technology.
DEPARTMENT OF WAR TRANSPORTS NEXT-GENERATION REACTOR IN NUCLEAR ENERGY MILESTONE
The company said the Mark-0 used TRISO fuel fabricated by BWXT and benefited from fuel technology developed through Project Pele, a Defense Department effort to build transportable microreactors for military applications.
DOE officials said the achievement demonstrates the potential of the Reactor Pilot Program.
“The skeptics didn’t believe President Trump’s Reactor Pilot Program could achieve criticality in less than a year,” Assistant Secretary of Nuclear Energy Ted Garrish said. “Today, we celebrate the first of the pilot projects to reach criticality and the people who rolled up their sleeves to shape the future of nuclear energy in the United States.”
The company said engineers gained critical insight into reactor physics, control systems and supply chain performance during the demonstration. The data will be used to support future reactor development and eventual commercial licensing.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
“We went from concept to a critical reactor, safely, in less than 12 months. That doesn’t happen by accident. The team treated the schedule as non-negotiable,” Bramble said. “For the American nuclear renaissance to succeed, we need efficient, iterative reactor testing, not a decade per design.”
Antares said it expects to begin producing electricity from the same facility in 2027 and remains on track to deploy electricity-generating microreactors to U.S. military installations by 2028.
Both Sony and Microsoft used their showcases as a way to confirm they’re refocusing on tried-and-true strategies like exclusive games and single-player blockbusters. Meanwhile, every publisher in existence seemed to be avoiding going up against Grand Theft Auto VI on the release calendar, and there were some very welcome game announcements, particularly if you’re a fan of Final Fantasy or Persona.
If you couldn’t keep up with everything live, here are the most important storylines to catch up on.
After an ill-fated — and very expensive — foray into live-service games, it appears that Sony’s gaming division has a renewed focus on the single-player epics it’s known for. The company’s showcase was dominated by Insomniac’s Wolverine and the surprise announcement of God of War Laufey.
The next Grand Theft Auto wasn’t featured in any of the SGF showcases, but its presence was still felt. While lots of games got release dates, virtually none of them were during November, which just so happens to be when GTA VI launches. Instead, we have a very busy September and plenty of titles pushed into 2027.
Alan Wake studio Remedy hit a snag with the disastrous launch of the multiplayer shooter FBC: Firebreak. But based on our time with the upcoming sequel Control Resonant, it appears the developer is getting back to what it’s best at: mind-bending single-player action games.
Indie duo Metanet is back with yet another return to its N series of platformers, but this time the focus is on multiplayer. And for fans of the hidden object game Hidden Folks, it’s also getting a sequel, which will launch a full decade after the original.
We knew it was coming, and now it’s official: The third and final installment of the FFVII remake trilogy is coming. It’s called Revelation, and it launches next spring across basically all platforms simultaneously. And yes, Queen’s Blood is coming back.
It’s been a long wait since Persona 5, and it’ll likely still be a while longer. Atlus confirmed Persona 6 exists, but the developer didn’t provide much in the way of detail, suggesting that the RPG is still fairly early in development.
After years of pushing on a multiplatform strategy, Microsoft is reversing course — at least a little bit. Its next big Xbox Game Studios title, Gears of War: E-Day, will be an Xbox console exclusive, whereas many expected it to come to the PS5, much like last year’s Gears remake. However, outside of Gears, many first-party titles from Xbox — like Fable and Halo — are still coming to PlayStation, so it’s unclear just how significant this change is.
-
Lifestyle8 minutes agoTony Award winners list: ‘Schmigadoon!’ wins best musical, ‘Death of a Salesman’ lives on
-
Technology16 minutes agoNASA will wear high-tech Prada long johns to the Moon
-
World23 minutes agoHezbollah’s secret ‘kill, wound and maim’ bomb network exposed as Israel strikes Beirut
-
Politics26 minutes agoRaman overtakes Spencer Pratt in razor-thin race, AP count shows, but race remains uncalled
-
Health38 minutes agoScientists reveal surprising brain benefit of laughter: ‘It’s a mental workout’
-
Sports41 minutes agoKetel Marte frustrating Diamondbacks by opting to take days off with trade deadline looming: report
-
Technology46 minutes agoAntares reaches reactor criticality under Trump pilot program, marking major nuclear milestone
-
Business53 minutes agoEx-girlfriend of former Google CEO Eric Schmidt ordered to pay him $10 million after rape accusations
