01 Sep Android Users Bugged by Fake Popups
Google Android users were pestered last week by a series of fake notifications popping up on their devices.
According to Paul Ducklin of Naked Security by Sophos’, the string of phony popups first became an annoyance for users of the Google Hangouts app before bothering users of Microsoft Teams.
“Users all over the world, and therefore at all times of day (many users complained of being woken up unnecessarily), received spammy looking messages,” wrote Ducklin in a blog post published on August 28.
“To be clear, it wasn’t Microsoft testing notifications in the Teams app for Android. The bogus alerts caught the software giant off guard, too.”
From their content, the notifications don’t appear to be malicious or criminal in intent. No dubious links or calls to action were included, with messages simply stating the header “FCM Messages” followed by the text “Test Notification!!!!”
Pondering the identity of the sender and their motive, Ducklin commented: “The messages did indeed look like some sort of test—but by whom, and for what purpose?
“The four exclamation points suggested someone of a hackerish persuasion—perhaps some sort of overcooked ‘proof of concept’ (PoC) aimed at making a point, sent out by someone who lacked the social grace or the legalistic sensitivity of knowing when to stop.”
Ducklin suggests that the spate of fake notifications may be connected to a recent discovery made by a cybersecurity researcher and bug bounty hunter calling themself “Abbs.” On August 17, Abbs claimed to have earned $30K for identifying a coding vulnerability in numerous Android apps that could enable someone to highjack the Firebase Cloud Messaging (FCM) service.
Describing the weakness, Abbs exclaimed: “A malicious attacker could control the content of push notifications to any application that runs the FCM SDK and has its FCM server key exposed, and at the same time send these notifications to every single user of the vulnerable application!
“These notifications could contain anything the attacker wants including graphic/disturbing images (via the ‘image’: ‘url-to-image’ attribute) accompanied with any demeaning or politically inclined message in the notification!”
The author of the notifications, which were promptly halted by Google and Microsoft, has yet to be identified.
How can we help?
Here at VaraTech, we offer a broad range of IT support and consultancy services that aim to help small businesses extract maximum value from their IT. From proactive network monitoring/maintenance and hardware leasing to Cloud services, VoIP telephony and much more, we help our clients identify and roll-out the best-fit solutions for their businesses.
We’re cloud computing experts! We can help your business leverage the potential of some of the most empowering Cloud services, such as Microsoft 365. Why not get in touch today, to discover how the flexibility, scalability cost-efficiency, convenience and security of Cloud services can help your business realise its potential.