Major Vulnerabilities found in Car Sharing Apps in Android Devices as per Kaspersky Labs

Car Sharing attacks


Traffic is not just a nuisance for riders; it is also a public health hazard and disappointing news for the economy. Transportation studies reveal that the annual cost of congestion is $160 billion.
With Global warming at its peak, to avoid sun strokes, people prefer to travel in air conditioned cars even if it is out of their budget to own one. Though it is considered a necessity,  the global issues pertaining to the use of AC cars  cannot be ignored.
New travel alternatives devised by the latest technology have provided individuals with a vast number of  choices other than public transportation.
Requesting a ride from your phone is not only convenient;  sharing a ride with co- passengers or grabbing a bike outside your home have also had a positive social impact with respect to congestion, energy consumption and pollution.
Car Sharing Attack
This day by day growing popularity of car sharing has caught the eyes of the cyber criminals as well! They have already started to work  on the loopholes in the design on popular vehicle sharing apps to launch Car Sharing attacks to extort users.

Reasons to launch car Sharing attacks could be:

  1. Criminals may aspire to travel on somebody else’s expense. However, this is a short term benefit as after booking the first ride using someone else’s account would alert the owner who would most likely contact the service line support for being charged for the ride he/she never booked. The second attempt to book the ride from the same account is susceptible of being tracked and caught red handed. Hence this makes it a least possible scenario for hijacking someone else’s account.
  2. Most viable option would be to sell the hijacked account to someone who need to travel frequently but doesn’t own a driving license or have been refused registration to the app by the service’s security personnel.
  3. Additionally a car could be illicitly rented on someone else’s name and driven to a remote place to steal the car or its spare parts.
  4. Tracking someone’s ride to rob them would be another reason to hijack someone’s account.

Vulnerabilities in Android Apps that makes it susceptible to unauthorized access:


Comments

Post a Comment

Popular posts from this blog

How to remove Speedtest-guide.com redirect from your system

Image
Guide to Remove Speedtest-guide.com redirect Speedtest-guide.com redirect is a nasty browser hijacker that changes the default browser settings such as home-page, search engine & new tab functionality. In addition to that, it displays annoying ads & causes infuriating redirects to dubious sites, thus deteriorating the web-browsing experience. This rogue browser redirector claims to be a free tool that can be used to test Internet speed & customize the web search. It also enables the users to keep a track of the previous tests & access speed boosting tips. While Speedtest-guide.com appears to be a useful & legit application, the users have reported of its questionable behavior. Firstly, to operate on a system, it requires modifying the browser settings without user’s permission. It does so to promote a fake search engine - Speedtest-guide.com. It causes unnecessary browser redirects & possesses the capability of tracking down user’s online
Read more

The novel DNS protocol helps Mozart Malware evade detection

Image
The nasty Mozart Malware has made a major comeback in the cyber-world. Yes, the devious malware known for infecting the Home Depot Inc, United States & breaching data is now using a novel DNS protocol to communicate with the remote hackers. This new DNS Protocol is also being used by Mozart Malware to remain under the radar of security solutions & other intrusion detection systems. Read on to know more about this backdoor malware. The First Attack of Mozart Malware Mozart malware made its first appearance in September 2014 after it hacked the Home Depot Inc., United States. According to the sources, this earlier unknown & unseen malware was specifically crafted to attack the Home Depot, the largest home development vendor in the United States. The word “Mozart” was observed in the software’s malicious code& it is suspected to have connections with the hacker’s system, the sources state. Read Full Article
Read more

How to remove ZUpdater.exe Trojan from your system?

Image
Guide to Remove ZUpdater.exe Trojan - ZUpdater.exe Trojan is a nasty threat to the Windows OS based devices. It uses the infected system’s resources to generate illicit crypto currency without the user’s permission or knowledge. Software Bundling & Free Programs are the prime methods used by ZUpdater.exe Trojan to proliferate its infection. Some of the free downloads offered on the internet do not reveal if other software is being installed in the background. Thus, they easily make their way into the system without user’s consent. Once ZUpdater.exe virus is installed, it consumes over 90% of the CPU’s power & graphics card power of the targeted system. This way, it makes the system extremely sluggish & deteriorates the performance of the PC. According to cyber-security analysts, while the system is running slow, hackers use computer’s resources to generate illicit revenue for themselves. Victims from around the world are looking for ways to remove
Read more