Posts Tagged ‘hacks’

Chinese Authorities Seize Ransomware Creators distributing WannaCry Copycat for Android

Friday, August 4th, 2017

Chinese Police caught a pair of young people who spread a type of SLocker Android ransomware virus that was modified to resemble WannaCry, another ransomware that stretched around the globe in the course of May infecting Windows users.

The two arrests happened in the beginning of June just several days after infosec specialists from Tencent and Qihoo 360 had discovered initial virus attacks.
Ransomware virus was masked to look like a plugin for widespread and trendy Chinese mobile game called King of Glory.

This WannaCry copycat was derived from a recent version of the SLocker ransomware, an Android virus type which has lately been seen a renaissance in the first Quarter of 2017.

Law enforcement representatives stated the ransomware authors managed to infect around one hundred user devices. The ransomware effect was minimal since its creators didn’t possess the expertise and knowledge required for massive distribution. The pair of criminals utilized hyperlinks on Chinese discussion boards and community forums to distribute their fake Kings of Glory plugin.

Ransomware authors had a number of opsec slipups and failures which led them to arrests.


Android Hacks: Scan Android classpath

Friday, December 10th, 2010

Why scan the classpath? There are various patterns that are often used in enterprise Java applications that require scanning of classpath and getting the list of all classes that are present in the application.

For example, if you want to discover all classes with a certain annotation (such as @Component in Spring Framework) to process them in a special way, you need a way to go over all classes in your application and select some of them based on which annotations they have.

However, neither Java SE nor Android have built-in facilities to safely get the list of all classes in your application in runtime. The reason for that is the theory behind classloaders in Java – the ability to go over all classes is neither needed in classic OOP nor feasible for all theoretically possible classloader implementations. However, in practice, scanning classpath and discovering the classes you need is quite possible in most cases, both in your web app and on Android. This is always going to be more or less a hack, but if it has been useful in web applications, it can also be useful in Android apps – with some caution, of course.

Thus, in this article I will show and explain a piece of code that does exactly that – scans your classpath and gives you the ability to go over all classes in your app.


Android Audio: Play an MP3 file on an AudioTrack

Friday, September 17th, 2010

In my previous article I outlined the stages you need to go through if you want to manually decode WAVs to PCM to play them on an AudioTrack. I promised to show how to do the same for MP3s and this is what this post is going to be about.

Again, the use case is more common than you might think. The only way you can play an MP3 file via direct Android API is MediaPlayer which is heavyweight, slow and presents only high-level API. If you need to mix or modify audio streams or manage them with low latency, you are on your own. But I will try to help you right now.


Android Audio: Problems, Hidden Limitations and OpenSL ES

Monday, August 9th, 2010

Thomas Edison and one of his early phonographs

Lately I’ve been digging into Android audio APIs. Earlier I wrote an introductory article that describes the three available APIs for WiseAndroid. Now this article assumes you are familiar with AudioTrack, SoundPool and MediaPlayer at the basic level.

What I want to present in this post is my experience with the existing audio APIs on Android, including the issues and problems I personally faced. I will also shortly cover OpenSL ES, the standard that is expected to be supported in one of the upcoming Android releases.


Android Tricks: Multitouch AND 1.5 Support, Same App

Tuesday, July 20th, 2010

I don’t know about you but I have an emotional attachment to old platforms and APIs. They are often sweet and nice in their primordial simplicity, even with their well-understood limitations. Even when they become obsolete, we developers still remember and miss them.

In case of Android, version 1.5 / API level 3 is technically obsolete but is far from being extinct from the device market. In fact, as of the day I write this article, it is one of the most widely installed Android versions on the market. (And if you add the not-so-different 1.6, they take almost half of the market together.) While subsequent versions brought us a lot of goodies in various areas of the platform API, 80% or more of all functionality our apps need today is present in 1.5.

Sure, there are cases when your app just isn’t meant to run on 1.x. For example, its core functionality is based on the APIs that are absent from API level 3 (e.g. you’re making a live wallpaper), or when you don’t want to support old devices for performance reasons, or due to a marketing decision. However, in many cases what makes developers raise the minSdkVersion bar is the need to use some of the 1.6+ APIs, such as the new contact management facilities, signal strength detection or better animation support.

The good news I’m trying to bring in this article – to those who aren’t yet familiar with this trick – is that you can actually use the new API yet keep minSdkVersion at 3. This trick might not work in all cases, and might look like a hack, but it will work for many situations like this – and who knows, might allow your app to reach out to its grateful, ready-to-pay customers who still use 1.5.