According to the commission, this vulnerability can lead to unwanted app installations and code execution.
In an advisory, it said, “Meanwhile, NCC-CSIRT also advised users to update their Galaxy App Store following the discovery of multiple vulnerabilities in the Samsung Galaxy App Store Application can lead to unwanted app installations and code execution.
“It disclosed that Ken Gannon, a cybersecurity researcher from NCC Group, discovered the vulnerabilities in the Galaxy App Store application on Samsung devices that are running Android 12 and older.”
The advisory also warned against attackers using Microsoft OneNote attachments in phishing emails that infect victims with remote access malware, which may allow hackers to remotely access vital information on a victims’ devices.
The team advised users not to open files from people they do not know as such attachments may damage their computer or files.
It said, “The Team advised users not open files from people they do not know, not to click ‘OK’ and immediately exit the application if they receive a warning that opening an attachment or link can damage their computer or files and to promptly share an unknown email they believe to be genuine with a security or Windows administrator to assist in determining whether the file is secure.
“It had recently advised people not to open attachments in suspicious emails and to only purchase or download applications from official websites in response to the discovery of phishing malware that can gain unauthorized access to sensitive user data and download further malware.”
The NCC-CSIRT explained that the malware is a remote access tool that easily controls a victim’s Personal Computers and may allow attackers to remotely control any compromised computer’s mouse and keyboard, accessing the system’s file management and history and might even execute commands allowing them to install additional malware.
It further added that the ‘CRAFTED’ website spreading the malware is still online and claims to be home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.
It added, “In a related advisory, following the discovery of several phishing apps on the Google Play Store, NCC-CSIRT had also advised users not to give out sensitive information through untrusted platforms.
“NCC-CSIRT’s advisory on the discovery said the apps, which have been downloaded 450, 000 times in total, can be games or investment services, but that they are designed to steal sensitive user information.
“While some of the malicious apps have been removed, others are still active on the store, with the affected apps listed as Golden Hunt, Reflector, Seven Golden Wolf Blackjack, Unlimited Score, Big Decisions, Jewel Sea, Lux Fruits Game, Lucky Clover, King Blitz, and Lucky Hammer.”