Malicious Code

Malicious Code

Due to a security flaw in the Samsung Galaxy S3 your phones data can be wipe just by surfing web pages (on a compromised website). Hackers have become aware of this security flaw and they are placing hidden code in webpages that will trigger the remote wipe feature of this phone without the permission or any input from the phones user. This code is presently circulating online through websites but it’s also possible that attackers may adopt the code to a test message distribution method, QR code or NFC tag.

Other reports on the internet are saying that they have uncovered more codes built into Samsung devices that could be used in other attacks like killing the phones SIM card. Beside claim we have not seen any evidence of such code yet.

It is also believed that this code may also trigger a factory reset on Galaxy S2 and other Samsung devices that use Samsung's "TouchWiz" interface.

How to Protect you self for this issue:
Backup you Smart Phone content, and check regularly on the Samsung website to see if they have released an update to fix your phone.
The only way to guard against the attacks is to switch off "service loading" in settings, and disable QR code and NFC apps.

How to Test your Phone
You can test your phone by entering any one of the two codes provide here:

*2767*688#
or
*2767*2878#

Please make BACKUP of your all data on your phone before use this code because it you phone is vulnerable the code will wipe all data on your phone and reset it back to factory default.

Devices from other Android manufacturers appear to be unaffected
 

The Stuxnet Worm was first discovered in July 2010 by a security firm in Belarus, but did not make global headlines until months later when Iranian state media announced the Middle East nation had been the target of a coordinated attack.

The Stuxnet worm was "the first of its kind. It was written to specifically target mission critical control systems running a specific combination of software and hardware.

There are a lot of concerns that the Stuxnet worm could be altered to attack key components of any nation's infrastructure, from electricity grids to oil rigs.

Many experts believe that the Stuxnet worm was only the beginning of a new kind of cyber attacks against critical infrastructure.

It’s quite possible the in 2011 or 2012 that we will see copycat versions of Stuxnet been used by terrorists to try and cripple the infrastructure of some of the major powers.

Spotify has apologized for an attack that exposed users of the free version of its music streaming service in Europe to malware through tainted  advertisements.  The ads served content that attempted to infect users' machines with scareware.  Spotify disabled third-party advertisements on Friday, March 25 after learning of the problem.  The company isolated and removed the offending ad, and service was back to normal in the next few days.

According to various reports, in the past few days a large number of websites created using WordPress have been hacked. . Unconfirmed reports by WPSecurityLock suggest that other PHP-based management systems, such as the Zen Cart eCommerce solution, have also been targeted.

The hacked web pages appear to have been infected with scripts, which not only install malware on users’ systems, but also prevent browsers like Firefox and Google Chrome, which use Google’s Safe Browsing API, from issuing an alert when users try to access the page. When Google’s search bot encounters such a specially crafted page, the page responds by simply returning harmless code. This camouflage strategy takes advantage of the browser switch normally used by developers to return browser specific code to suit functional variations in different browser, such as Internet Explorer and Firefox.

Experts are currently still puzzled over which hole was actually exploited for the large-scale attack. The only thing that seems certain at this point is that the problem didn’t originate in WordPress, because if this was the case considerably more pages would have been infected. It is still unknown which version of wordpress are been attacked.