New Android Spyware Threat Disguises Itself as Google+ App

Security researchers from Trend Micro warn of a new information stealing Android trojan that disguises itself as an app for Google's new social product Google+.

This latest threat is a variant of a recently discovered trojan called ANDROIDOS_NICKISPY which is able to record phone calls.

This new version stands apart from the rest because it is capable of answering incoming calls if the phone's screen is turned off and if the calls originate from a number predefined by the attackers.

"From the looks of it, the developer of this app went for the more real-time kind of eavesdropping as well, apart from the one ANDROIDOS_NICKISPY.A used, which involved recording calls," the Trend Micro researchers write.

"The 'auto-answering' function of this malicious Android app works only on Android 2.2 and below since the MODIFY_PHONE_STATE permission was disabled in Android 2.3," they add.

In addition to phone call answering and recording, the trojan has a full set of spyware features, such as stealing text messages and call logs or monitoring the GPS location.

ANDROID_NICKISPY.C installs a large number of services, all of them bearing the Google+ logo. It also installs itself as an application called Google++ in an attempt to confuse users.

The services are called MainService, AlarmService, SocketService, GpsService, CallRecordService, CallLogService, UploadService, SmsService, ContactService, SmsControllerService, CommandExecutorService, RegisterService, CallsListenerService, KeyguardLockService, ScreenService, ManualLocalService, SyncContactService, LocationService, EnvRecordService.

The increasing sophistication and prevalence of Android malware reinforces the need of antivirus products for such devices. Fortunately, there are several free solutions from vendors like AVG, Lookout, BitDefender or Symantec that users can choose from.

According to a recent report from Lookout, Android users are twice and a half more likely to encounter malware now then they were six months ago. Furthermore, one in three users are likely to encounter web-based threats while using their devices.

Read more »

Intel Z77 Motherboard Lineup for Ivy Bridge Processors Revealed

Together with the launch of its first Ivy Bridge processors, Intel is also expected to release a series of new LGA 1155 motherboards based on the Z77 PCH (platform controller hub) that will offer native support for USB 3.0.

No less than 11 LGA 1155 models will be introduced in the first half of 2012, two of them belonging to the company's extreme performance series.

These are the DZ77RE and DZ77GA and both feature “Max-OC” support (whatever that might mean), are two-way SLI and CrossFireX compatible and use the standard ATX form factor.

The DZ77RE however will also get support for the Thunderbolt interconnect, making it one of the first motherboards to integrated this technology.

Intel's remaining 2012 LGA 1155 solutions in the Media and Executive series are less exciting than the two top models, but one has to appreciate the fact that Intel plans to release no less than nine such boards using various form factors such as ATX, micro-ATX, mini-ITX as well as thin mITX.

Furthermore, most of these will be built around the advanced Z77 chipset, only two models being designed to use the lower-end Z75 PCH.

As many of you know, the Z77 is Intel's most advanced 7-series platform controller hub and it features native support for quad USB 3.0 ports, integrated graphics support, Intel's Smart Response technology, as well as six SATA ports (two of these of the 6Gbps variety).

The most distinctive feature of the chipset when compared with the rest of Intel's Ivy Bridge PCHs is its capability to split the 16 PCI Express Gen 3 lanes available from the CPU into a pair of x8 links or into a single x8 link and dual PCI Express x4 slots.

The first 22nm Tri-gate Ivy Bridge processors are expected to arrive in March or April of 2012, and will replace the current Sandy Bridge chips launched at the start of this year. (via Donanim Haber)

Read more »

Google+ Moving Away from Early Adopters to 'Early Mainstream' Users

Unsurprisingly perhaps, but Google+ is moving away from the early adopters crowd to a more mainstream group of users, according to new research. Of course, this trend is unavoidable, but this is happening a little over a month after Google+ launched.

Granted, Google+ is not exactly mainstream yet, but it is becoming more popular with what Experian Hitwise, the company doing the research, calls 'early' mainstream users.

"Using the Experian Hitwise sample of over 10mm Internet users in the U.S., combined with our New Mosaic segmentation system launched this summer, its possible to visualize the adoption of Google+," Hitwise writes.

"Careful analysis of the Mosaic segments since launch; reveal that in just over six weeks, we’ve moved from innovators to early adopters to early mainstream users visiting the new social network," it says.

When Google+ first became available, it was a quick hit with what Hitwise calls the "Colleges and Cafés" and the "Status Seeking Singles" crowd. Those falling into these categories were a lot more likely to visit Google+ than anyone else. 

This peaked two weeks after Google+ launched, but since, visits from other groups of users are becoming more likely to the point that these early adopters are no longer the ones visiting the site the most.

These days, the average Google+ visitors falls into either the "Status Seeking Singles" group or the equally interestingly named "Kids and Cabernet" group.

Perhaps it's best to explain how these groups are defined. Colleges and Cafés are recent college graduates who still frequent the same places and interact with the same type of people they did in college.

On the other hand, the group that is more likely to visit Google+ now, Kids and Cabernet, is described as "Prosperous, middle-aged married couples living child-focused lives in affluent suburbs."

Read more »

Google Analytics Changes the Criteria for What Counts as an User Session

Google is making a slight change to what counts as a session for visits measured by Google Analytics. The change is small, but will affect some visits and will most likely alter the data reported for most websites.

"Beginning today, there will be a small change in how sessions are calculated in Google Analytics. We think this update will lead to a clearer understanding of website interactions," Google said.

Until now, Google Analytics would end a session for a visitor in three cases:

• More than 30 minutes have elapsed between pageviews for a single visitor.
• At the end of a day.
• When a visitor closes their browser.

The first two cases remain intact, but the third one has been changed to make it more specific and detailed. A session will end: 

• When any traffic source value for the user changes. Traffic source information includes: utm_source, utm_medium, utm_term, utm_content, utm_id, utm_campaign, and gclid.

When any of the events listed happens, the next page view from that visitor will count as a new session. 

Google says that the change makes a session more similar to how a visit is defined. Notably, if a user arrives at your site, even within a short time span, from two different sources, for example, once from a search result, the other time from a link on another site, these will count as two different sessions.

This will make it easier to see what traffic comes from where and how different sources generate sessions. Google also says that not counting browser restarts as two different sessions is a more accurate measure.

On the whole, the change may result in an increase in the number of sessions a site sees. However, the change will be of about one percent in most cases, according to Google's own testing.

Read more »