Today is October 18, 2019. I admire Android for making great strides in securing their operating system. On this day, I read an article that really made me think. Even while I napped this afternoon, I was wondering how I could cover this news about the app entitled Yellow Camera.
According to Trend Micro’s Intellegance Security Blog, this app isn’t a photo editing app at all.
Here are some details from Trend Micro’s analysis of this.
• [MCC+MNC].log, which contains the WAP billing site address and JS payloads, is downloaded from hxxp://new-bucket-3ee91e7f[-]yellowcamera[.]s3[-]ap[-]southeast[-]1[.]amazonaws[.]com.
MCC is the SIM provider’s mobile country code; MNC is the mobile network code.
• The WAP billing site runs in the background; the site accessed/displayed is telco-specific, based on the [MCC+MNC].log.
• The JS payloads auto-clicks Type Allocation Code (TAC) requests — codes used to uniquely identify wireless devices.
This article links to other articles and information that Trend Micro has found and published blog posts on, and luckily, this app hasn’t hit the United States yet from what I’ve tread.
What can you do?
- Only get apps you’re searching for
- Down the app from the official store, and read carefully on what you’re getting so you understand what permissions it wants
- Don’t get anything from unofficial channels or linked you’re not expecting
I know looking may be of interest, but like I’ve said, it may be time to knock that off. It may be time to just say “I didn’t ask for it, I’m not looking, and I’m not wanting to get bitten.”
This is going to get rather interesting.
Have you seen this app, and what did you do when you saw it?
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.