John Bumstead, who works for a company called 404Media that fixes and sells used electronics, found an iPhone-to-HDMI adapter that seemed normal at first. However, the app that came with it was tricky because it asked users to scan a QR code.
This code leads to an ad-filled website, prompting downloads of an invasive app that requests various permissions, collects data, and sends it to China.
Bumstead tweeted about a spy-themed lightning cable, and unlike the HDMI adapter, this cable is a knockoff but resembles Apple’s design.
MG, the researcher behind the malicious Lightning cables, included the risky adapter, anticipating users installing questionable apps.
The researcher used an old iPhone to connect the cord, which displayed a QR code and “LIVE TV” branding. Scanning it led to EZ Cast’s website, boasting over 10M users worldwide.
Check Point previously analyzed an insecure EZCast device, which could be easily brute-forced due to a weak 8-digit password. The company contacted EZCast in 2016 but received no response, indicating a lack of security considerations.
The website displayed ads for a streaming service called ‘FANJESTIC,’ known for difficult cancellations, unrelated to the EZ Cast app obtained via the QR code.
The app requested location access and Privacy Policy acceptance from Actions Microelectronics Co., Ltd., outlining the collection of the following data:-
The data collection aimed at targeted ads and required access to the Local Network, photos, settings, Bluetooth, and camera.
While fascinated by unusual cables and gadgets, the adapter’s significance is tied to the FTC’s Amazon lawsuit which highlighted the site navigation issues and spammy ads.
Recyclers often acquire Amazon returns, including cables Bumstead collects from them. While not entirely certain it all comes from Amazon, recyclers have indicated so, as Amazon disposes of unsold FBA inventory.
Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.
A new research report released today by Progressive International, Expose Accenture, and the Movement Research…
Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent…
The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as Golden…
Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed "RedisRaider," specifically targeting Linux…
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit…
Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for…