Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

Screenlogging malware can log swipe gestures on your mobile

Security researcher Neal Hindocha has developed a Screenlogging malware that logs finger swipes on smart devices in combination with taking screenshots. Pattern lock are not enough to protect our Smartphone because  hackers are able to log swipe gestures with a malware. The news was reported by Forbes, Neal Hindocha, a senior security consultant for Trustwave, has designed a Screenlogging malware that can […]

Screenlogging malware can log swipe gestures on your mobile

Security researcher Neal Hindocha has developed a Screenlogging malware that logs finger swipes on smart devices in combination with taking screenshots.

Pattern lock are not enough to protect our Smartphone because  hackers are able to log swipe gestures with a malware. The news was reported by Forbes, Neal Hindocha, a senior security consultant for Trustwave, has designed a Screenlogging malware that can monitor finger swipes on smart devices in combination with taking screenshots, painting a picture of exactly how the user is interacting with their phone or tablet.

screenlogging_malware

Hindocha is planning to demonstrate his Screenlogging malware at the upcoming RSA Security.
The security expert has developed a prototype malware that reproduces a behavior similar to classic keylogger  software, Screenlogging malware

 , this is the name assigned to the application, in fact

records the input typed into the keyboard and it is able to intercept users’ passwords for email, social media and any other service. 

Recording touch screen coordinates “has a certain value in itself,” “If you’re monitoring all touch events and the phone hasn’t been touched for at least one hour, then you get a minimum of four touch events, you can assume that is a PIN code being entered.” “The more interesting thing is, if you get a screenshot and then overlay the touch events, you’re looking at a screenshot of what the user is seeing, combined with dots, sequentially, where the user is touching the screen.” Hindocha says.

The Screenlogging malware  monitors the inputs taped and swiped on the screen recording the X and Y coordinates where the user has touched the screen, the data are then used to so a hacker would know what the user is doing and on which application.

There are a series of limitations for the current version of Screenlogging malware,  it needs the administrative privileges of host device for the execution, this means that he works on rooted Android devices and jailbroken iOS, and to install the malicious code the victim’s device should be connected to a computer via USB cable.
Both limitations could be bypassed in future version, that’s why security experts consider the POC for Screenlogging malware really interesting.
Try to image the application in the wrong hands!
(Security Affairs –  Screenlogging malware, mobile)