Connect with us

News

What is Vultur malware and how do you remove it?

Published

on

First discovered in mid-2021, Vultur is a very dangerous malware that has infested many cell phones around the world. The threat is focused on devices running the Android operating system and primarily aims to access digital payment services, cryptocurrency wallets and social networks in order to steal victims and spread to other destinations.

According to a report by security company Threat Fabric, the malware had infected more than 8,000 cell phones worldwide on July 29. According to PC Risk, the main victims are in Australia, Italy and Spain, but attacks are already being detected in the Netherlands, the UK and other parts of the world.

How does Vultur work?

Vultur is considered a Remote Access Trojan (RAT) and enables an attacker to access affected systems remotely. It works by gaining access to Android’s Accessibility Services which allow it to read victims’ screens and simulate what happens when the user touches it.

Do you want to catch up on the best tech news of the day? Access and subscribe to our new Canaltech News YouTube channel. Every day a summary of the most important news from the tech world for you!

In order to gain more access to the system, the malware displays a series of pop-up notifications that require the features that need to be enabled. When the user grants the requested permissions, Vultur hides in the system and begins collecting data in a discreet manner.

Image: Disclosure / Avira

Unlike other popular Android threats, it doesn’t tend to display fake pages that fool users, which doesn’t make it any less powerful. Vultur is able to remotely record the screen of an infected device and record all keystrokes. This compromises the victim’s bank details, email and social network logins, and the victim’s entire privacy.

As if that wasn’t enough, the threat can get the list of apps installed on the system, thereby preventing the user from deleting certain names and even disguising themselves as legitimate apps that promise to increase the security of the affected device . In many cases, malware activity can only be detected after it has already caused damage, which usually happens in the monetary area.

An indication that your smartphone has been infected is the display of the image streaming icon, even if you are not connected to a device. This is because Vulture is constantly communicating with its command center to allow device monitoring and the installation of additional threats.

How does Vultur enter the system?

As with other threats affecting Android, Vultur enters with loopholes in fake apps that offer something useful to the user. The analysis shows that the threat is infiltrating cell phones through health-related apps that promote authentication solutions, many of which are available on the Google Play Store itself.

According to research by PC Risk, although the applications containing the malware had already been removed from the store, they did not do so until after they had been downloaded a few thousand times. Another way the malware infiltrates cell phones is through apps sold outside the Google Store, which increases the likelihood that they have downloaded code that has not been approved by the company.

How can you get rid of Vultur?

If you suspect Vultur may be present on your device, there are a few things you can do to ensure it doesn’t do too much damage. The first step is not to use the device, and even turn it off completely, while reviewing the next few steps. Since the threat is complex and persistent, there are a number of precautions that need to be taken to keep your device from compromising again.

Start by clearing navigation data from your device. Let’s take Google Chrome as an example, but Firefox and Brave have similar steps that you should follow.

Open the application, click on the configuration window and select “History”;

Image: Screenshot / Felipe Gugelmin / Canaltech

Click on “Clear browsing data”;

Image: Screenshot / Felipe Gugelmin / Canaltech

Then click on “Advanced” and “Clear data”. By default, the “Cookies and Site Data” field is not activated, but it is recommended that you delete these files from your system as well;

Image: Screenshot / Felipe Gugelmin / Canaltech

Now that you’ve cleared your browsing data, you’ll need to manage your Chrome notifications. To do this, open the options menu again and click on the “Settings” option;

Image: Screenshot / Felipe Gugelmin / Canaltech

Then click on the “Site Settings” option.

Image: Screenshot / Felipe Gugelmin / Canaltech

And in “Notifications”;

Image: Screenshot / Felipe Gugelmin / Canaltech

In this window you can check which websites are allowed to send notifications to your device. Select and block anything that looks suspicious – this will prevent your device from being flooded with pop-ups convincing you to free up system resources for Vulture.

Image: Screenshot / Felipe Gugelmin / Canaltech

Finally, go to the Android menu, choose Applications, find Google Chrome and select it.

Image: Screenshot / Felipe Gugelmin / Canaltech

Click on “Storage”;

Image: Screenshot / Felipe Gugelmin / Canaltech

Finally, select the option “Erase all data”. This guarantees that all changes made by Vultur have been removed from your device.

Image: Screenshot / Felipe Gugelmin / Canaltech

eliminate the threat

Clearing your browsing data will help keep the threat from infiltrating your system again, but that doesn’t mean it has been removed. You still have to uninstall the fake application that Vulture is hiding – an operation that is not always possible as the threat can prevent you from uninstalling applications.

Hence, it is necessary that you restart your device in Safe Mode. To do this, press and hold the power button on your device until the normal options appear (shutdown, restart and emergency mode). Press and hold the Off button for a few seconds until you see Safe Mode.

Image: Screenshot / Felipe Gugelmin / Canaltech

Tap on it to reset the device with the option that temporarily disables downloaded apps to help you troubleshoot your phone. After your device has rebooted, it’s time to uninstall the application that is hiding Vulture. An easy way to find out the culprit is to check each individual’s battery usage. To do this, click on the Android settings and then select the option “Device and battery support”.

Image: Screenshot / Felipe Gugelmin / Canaltech

After an analysis, the system will assign a score to your device and indicate what problems may be present on it.

Image: Screenshot / Felipe Gugelmin / Canaltech

If you click on “Battery”, you can see which apps are showing malicious behavior and deserve your attention. Each manufacturer has its own interface for this area – in the case of the Samsung device we use, it is possible to determine the charging consumption in the last hours, in the last 7 days and the percentage of battery consumption of each app in the device. Since Vulture is active all the time, the app connected to it tends to use up the charge on your device.

Image: Screenshot / Felipe Gugelmin / Canaltech

After checking your battery usage, you can also see how each app on the system is using cellular data. To do this, open the Android settings again and select the “Connections” option.

Image: Screenshot / Felipe Gugelmin / Canaltech

Select the Data Usage option and tap Mobile Data Usage and Wi-Fi Data Usage to see which apps are transmitting the most information.

Image: Screenshot / Felipe Gugelmin / Canaltech

The data usage analysis is very reliable in identifying Vulture, which tends to convey a large amount of information to attackers. If you find a strange app doing this, it is likely responsible for hiding the threat.

Image: Screenshot / Felipe Gugelmin / Canaltech

After determining which software is responsible for hiding the malware, just go to Android settings and uninstall it normally. Since the device is in Safe Mode, the protections used by criminals will be disabled to prevent this from happening so that you can proceed with the process.

  • Even if you haven’t been a victim of Vulture, there are a few basic safety precautions you need to follow:
  • Always keep your device and the apps it contains up to date;
  • Avoid downloading apps from outside of Google Play;
  • Even if the apps are on the Android Store, always read other users’ reviews and be careful of those with suspicious names and descriptions or with lots of misspellings. Unfortunately, many malicious apps manage to infiltrate this area before being eliminated by Google filters.

Another recommendation that is becoming increasingly important is to have reliable antivirus and antimalware software installed on your device. Not only do they block applications with suspicious codes from entering, but they can also help you eliminate threats that have infected your phone and keep your data and contacts safe.

Source: PC risk, Sensor Tech Forum, Tom’s instructions

Did you like this article?

Subscribe to Canaltech’s email to receive daily updates on the latest technology news.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

Marvel’s Guardians of the Galaxy: PC Game Requirements

Published

on

By

Eidos-Montréal and Square Enix have published the minimum requirements to play Marvel’s Guardians of the Galaxy, the game of Guardian of the Galaxy, on the PC. The information is available on the game’s official Steam page.

Get ready to thoroughly clean out your computer’s memory: the game requires a staggering 150GB of free space to run. That’s little compared to Call of Duty Modern Warfarethat requires 231 GB, but compared to pretty much Microsoft flight simulator, which requires 127 GB. We don’t yet know if the console versions will also take up that much storage space.

Check the minimum and recommended specifications below:

Do you want to catch up on the best tech news of the day? Access and subscribe to our new Canaltech News YouTube channel. Every day a summary of the most important news from the tech world for you!

Minimum requirements

  • Operating system: Windows 10 64 Bit Build 1803
  • Processor: AMD Ryzen 5 1400 or Intel Core i5-4460
  • Memory: 8 GB RAM
  • Graphics card: NVIDIA GeForce GTX 1060 or AMD Radeon RX 570
  • DirectX: version 12
  • Storage: 150 GB available space

Recommended requirements

  • Operating system: Windows 10 64 Bit Build 1803
  • Processor: AMD Ryzen 5 1600 or Intel Core i7-4790
  • Memory: 16 GB RAM
  • Graphics card: NVIDIA GeForce GTX 1660 Super or AMD Radeon RX 590
  • DirectX: version 12
  • Storage: 150 GB available space

Marvel’s Guardians of the Galaxy will be released on October 26th for PC, PlayStation 4, PlayStation 5, Xbox One, Xbox Series S and Xbox Series X. The game will also be released for Nintendo Switch via the cloud, but the feature is not available for Brazilian accounts.

Source: Eurogamer, steam

Did you like this article?

Subscribe to Canaltech’s email to receive daily updates on the latest technology news.

Continue Reading

News

The Galaxy S22 line has released more renders with new looks and dimensions

Published

on

By

The Galaxy S22 range has been the focus of several rumors in recent weeks, particularly due to a new look for the Galaxy S22 Ultra and smaller dimensions for the other two models in the series, the Galaxy S22 and the Galaxy S22 Plus. Recently released new images confirm this information through 3D renderings and CAD drawn designs.

Images from the LetsGoDigital portal illustrate how the most expensive smartphone in the line should be. Contrary to previous rumors, the S22 Ultra is not said to have a module that connects all of the rear view cameras, and therefore the lenses must be attached directly to the rear cover. The change should only be aesthetic, because the placement of all cameras, sensors and flash remains the same as with the Galaxy S21 Ultra. The information has been verified through the popular @ UniverseIce profile.

Do you want to catch up on the best tech news of the day? Access and subscribe to our new Canaltech News YouTube channel. Every day a summary of the most important news from the tech world for you!

On the front, the Galaxy S22 Ultra should have a display with a heavily curved aspect on the sides, a feature that was toned down in previous generations of the phone. The selfies camera will remain in a hole in the center of the top of the screen with the speaker near the top.

One of the most important innovations of the S22 Ultra is the implementation of a special compartment for the S Pen stylus in order to attract fans of the Note line, which has not been updated since 2020. FrontTron Twitter profile, the new input is on the bottom of the device, closest to the left corner and near the lower speaker, USB-C input and microphone.

The @ FrontTron release also confirmed the dimensions of all devices on the line, with differences in the size of the three smartphones. The Galaxy S22 will be 145 x 70 x 7 mm (compared to 151 x 71 x 7 mm on the Galaxy S21), while the S22 Plus will be 157 x 75 x 7 mm (compared to 161 x 75 x 7 mm on the Galaxy) has S21 Plus) and the S22 Ultra with 163 x 77 x 9 mm (vs. 165 x 75 x 9 mm for the Galaxy S21 Ultra).

While the change in numbers seems subtle, it could mean relevant changes in the ergonomics of the devices, with a larger footprint and a screen ratio between 19.3: 9 and 19.5: 9 – for comparison purposes, the S21 range has a 20: 9 -Relationship. On the front, the S22 and S22 Plus should stay with symmetrical edges, but they may be significantly thinner.

With the new size, some changes are to be made in the battery aspect. The capacity of the S22 will be reduced from 4,000 mAh to 3,700 mAh, while that of the S22 Plus will be increased from 4,800 mAh to 4,500 mAh – only the S22 Ultra will remain with the same 5,000 mAh energy tank.

There’s no official date for the launch of the Galaxy S22 range yet, but it is possible that it will be released in January 2022, about a year after the S21 range was launched.

Source: Twitter (1,two)

Did you like this article?

Subscribe to Canaltech’s email to receive daily updates on the latest technology news.

Continue Reading

News

Lenovo confirms Yoga Pro 14s Carbon 2022 with a focus on lightness

Published

on

By

The notebook market is very hot as a number of different companies offer their products. Within this industry there are categories such as gamer models or ultra-thin models, which are also quite light, which makes portability easier.

Recently, Lenovo unveiled four new devices with Windows 11 ex-factory, namely the Ideapad Slim 3i, Ideapad Slim 5i, Lenovo Legion 5 Pro and Lenovo Legion Slim 7. Now the brand has confirmed the launch of a new model in the series Yoga, the so-called Yoga Pro 14s Carbon 2022 – which will be a simpler version of the Yoga 16s 2022 – through a post on its official profile on the Chinese social network Weibo.

(Image: Reproduction / Lenovo)

The screenshots show that the Lenovo Yoga 14s Carbon 2022 will have a sleek design with a slimmer case, similar to Apple’s current MacBook Air. So far, the company has only shown one side of the model, as you can see on the teasers, just with a USB Type-C port and an apparent slider to cover the webcam and a button.

Do you want to catch up on the best tech news of the day? Access and subscribe to our new Canaltech News YouTube channel. Every day a summary of the most important news from the tech world for you!

(Image: Reproduction / Lenovo)

Here it is clear that it will have a body made of carbon fiber and an aluminum-magnesium alloy and will therefore weigh only 1.08 kg. Compared to Apple’s ultra-thin notebook, it is 210 grams lighter.

Unfortunately, Lenovo has not yet confirmed when the Yoga Pro 14s Carbon will be released in 2022. But everything indicates that the company will first launch the device in China and then, possibly under a different name, end up in other countries around the world.

Source: Weibo, Notebook check

Did you like this article?

Subscribe to Canaltech’s email to receive daily updates on the latest technology news.

Continue Reading

Trending