Monthly Archives: September 2017

Root Android Without Pc Apk Free Download

  • Android rooting is the way to gain root access to various sub systems of your android mobile. There are lot of android apps available on the web to root android without pc.
  • In this post am sharing complete guide to root your android mobile without using pc or any other.
  • This process only based on apk android app which gives superuser permission to your android mobile.
  • By rooting android devices, you can get lot of features in your device like increasing android phone performance and boost battery life.

Root Android Without Pc

  • The below app is 100% trusted and easy to use. But follow all steps carefully. Because in this tutorial, you have chance to getting damage in your android software.
  • The below root android without pc method working for root lollipop, marshmallow, oreo and nougat. Here am sharing all step by step guide to root android without pc.
  • Once you follow below steps in your android mobile, You will get superuser permission that gives full access to your android mobile.

Kingo Root is one of the best app to root all android mobiles without using pc. This is android app and you can use it similar to other apps in your android apps. Kingo root gives 100% success result on most android apps. So that here am sharing this tutorial with kingo root android app.

How To Root Android Without Pc :

  • Download Kingo Root in your android mobile.
  • Now enable unknown sources in your android mobile and install kingo root.
  • Then enable data connection and open kingo root.
  • Click on the One Click Root button and wait for download the files.
  • Finally your device will get root permission after reach 100% in kingo root.
  • You will get superuser application in apps menu after rooting.
  • Enjoy rooted android and use all features of rooted android device.

Then you will get kingo root superuser in your android mobile and you can allow root permission for any android app which requires rooting using kingo superuser. Also you can try another superuser like supersu from play store and use it on your android mobile by update your current kingo superuser.

Root Android Without Pc Apk

  • This app requires internet connection for resource files from server. So you need working internet connection or wifi for root your android mobile with kingo root.
  • So guys, Then you can enjoy all rooted android features with kingo superuser. Also read my post about how to root bluestacks 3 with kingroot for enable root access in bluestacks.
  • Comment here, If you have problem while using this app in your android mobile. Most of android users getting successful root permission using this kingo root on their android mobile

CCleaner Hack – Spreading Malware To Specific Tech Companies

The CCleaner Hack is blowing up, with it initially estimated to be huge, it’s hit at least 700,000 computers and is specifically targeting 20 top tech organisations including Cisco, Intel, Microsoft, Akamai, Samsung and more for a second, more intrusive and pervasive layer of infection.

CCleaner Hack - Spreading Malware To Specific Tech Companies


This could be classified as slightly ironic too as CCleaner is extremely popular software for removing crapware from computers, it was a clever assumption that a corrupt version would find itself installed in some very high-value networks.

Hackers have successfully breached CCleaner’s security to inject malware into the app and distribute it to millions of users. Security researchers at Cisco Talos discovered that download servers used by Avast (the company that owns CCleaner) were compromised to distribute malware inside CCleaner. “For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner,” says the Talos team.

CCleaner has been downloaded more than 2 billion times according to Avast, making it a popular target for hackers. Dubbed “crap cleaner,” it’s designed to wipe out cookies and offer some web privacy protections. 2.27 million users have been affected by the attack, and Avast Piriform believes it was able to prevent the breach harming customers. “Piriform believes that these users are safe now as its investigation indicates it was able to disarm the threat before it was able to do any harm,” says an Avast spokesperson.

Source: The Verge


This CCleaner Hack is a fairly advanced attack with some people making links to the Chinese government, an attack of this scale and focus does feel like a nation-state attack. There is some code reuse from the Group 72 also known as Axiom who are linked to the Chinese Government.

Some of the configuration files are also set in China’s time zone, which whilst it does indicate it probably is from China – it doesn’t link it for certain to the government.

Earlier this week, security firms Morphisec and Cisco revealed that CCleaner, a piece of security software distributed by Czech company Avast, had been hijacked by hackers and loaded with a backdoor that evaded the company’s security checks. It wound up installed on more than 700,000 computers. On Wednesday, researchers at Cisco’s Talos security division revealed that they’ve now analyzed the hackers’ “command-and-control” server to which those malicious versions of CCleaner connected.

On that server, they found evidence that the hackers had attempted to filter their collection of backdoored victim machines to find computers inside the networks of 20 tech firms, including Intel, Google, Microsoft, Akamai, Samsung, Sony, VMware, HTC, Linksys, D-Link and Cisco itself. In about half of those cases, says Talos research manager Craig Williams, the hackers successfully found a machine they’d compromised within the company’s network, and used their backdoor to infect it with another piece of malware intended to serve as a deeper foothold, one that Cisco now believes was likely intended for industrial espionage.

Source: Wired

And as a user, it means you should be careful. It seems the malicious version in this CCleaner hacking seems to have dug in pretty deep, even more so if it was installed inside one of the ‘target’ networks as the second piece of more intrusive malware was pushed in.

Avast is recommended computers be restored from backups taken before to the compromise happened.

It doesn’t appear to be ransomware at this point, hopefully, some more details will emerge, but it’s most likely a more insidious attack like NotPetya.

Tor Project boosts support for anonymous mobile browsing

or Project has announced measures to improve secure web browsing for mobile devices.

The Tor Project, a non-profit which develops and maintains the Tor network for anonymized browsing and as a way to skirt censorship-heavy government controls, keeps its eyes on the state of censorship worldwide.

Recently, areas with citizens forced to use low bandwidth connections and limited data plans have come under scrutiny.

China, North Korea, Iran, India, and Myanmar are only a handful of many countries worldwide which keep tabs on what citizens visit, see, and say online. The US and UK have entered this list now, too, but many residents in these countries have access to high-end mobile devices or traditional PCs.

But what happens to those that have no desktop system or laptop, and must rely on low-end mobile devices to access the Internet?

“Most people in these regions only use smartphones to access the internet, and we want to better support these users,” the organization says. “So we developed a strategy to do better for folks who have low-bandwidth connections, limited data plans, or who can only connect to the internet through low-end devices.”

Roughly a year ago, the non-profit and the Guardian Project, a developer of tools and hardware designed to circumvent censorship, began talks of how to tackle this problem. The teams began with the concept of Orfox, a Google Summer of Code (GSoC) project for Tor network mobile browsing.

According to the Tor Project, Orfox is well on the way to having “similar functionality and security guarantees” as the Tor Browser for desktop software.

The first improvement that has been made is the introduction of the Security Slider from the desktop system to Orfox, which allows users to choose between permitting all website features, banning some features which can be compromised — such as JavaScript — or only allowing basic website functionality which strips out everything which may be used to track a visitor or potentially compromise their device.

Videos which automatically load and play, for example, rely on scripts which a threat actor may be able to use to identify a visitor.

The UX Team and the Guardian Project reviewed the system and ran validation tests at the beta stage, and together with Orfox developer Amogh, tested the UI with 12 users in India and three in the United States for feedback.

“This was the first time Tor did a full development cycle following UX best practices, such as being involved with the conceptualization of the UI and performing user testing to validate our hypothesis,” the team says. “Since we don’t collect data on user behavior, we had to build a testing methodology so our community could help us perform these tests with our users. We are now applying UX best practices to all of our development cycles.”

Orfox, containing the new slider, is now available from the Google Play store and a GitHub repository. The Tor Project expects more updates in the near future.

Identity Theft and Organized Crime

Many identity thieves have a personal connection to victims, and they can even be family members, friends, employers or employees. Not all do, however, as they can also be total strangers who stole your mail, went through your trash or even come from a foreign country.

Why do these criminals do this? People who practice identity theft are usually driven by mental illness, desperation or greed. Some, however, are also organized criminals who will do what it takes to steal the money of others.

Hackers across the globe use tools to access databases that contain valuable information such as:

  • Birth dates
  • Credit card numbers
  • Social Security numbers
  • Home and business addresses
  • Bank account information

These people break into the networks that store this information, steal the data, and then use it to take over existing accounts. In only one day, they can make changes to a victim’s credit card account, transfer money and even take everything.

One of the most notorious cybercriminals in history is Albert Gonzalez. He began with reign of cyber terror at the age of 12, when his home computer became infected with a virus. By learning how to protect his computer from invasions, he also learned how to make a profit from them.

By the age of 14, Gonzalez was regularly using stolen account information to buy things online. He eventually hacked into the servers at NASA, and even after a visit from FBI agents at his school, he did not slow down.

Gonzalez was finally arrested at the age of 22 while at an ATM. He was wearing a woman’s wig, had a fake nose ring, and was using several debit cards in order to obtain cash. Police soon realized who he was, however, and had the leader of a cyber gang in their grasp.

Following his arrest, police convinced Gonzalez to turn on his gang, but he also was a double agent, of sorts.

While helping authorities to capture other cyber criminals, he was continuously stealing, and even pulled off a scheme to have into the network of ATMs at 7-Eleven.

When all was said and done, Gonzalez received A 20-year prison sentance, and it was found that he had access to more than 180 million debit and credit card accounts.

How Hacking is Done

So how do people like Gonzalez hack others? They use a number of different hardware and software, known as penetration-testing tools, to seek out any holes within a network. These holes may be found in an operating system or Internet connection. Hackers also commonly look for vulnerabilities within Internet browsers.

Approximately 15 years ago, criminals began creating viruses that got into a computer, deleted files or crashed hard drives. Today, this is no longer the case. These days, hackers want computers to run smoothly, and the viruses can sit dormant in the hard drive until they become activated in some way. For instance, a modern Trojan may have a design that detects when victims are doing online banking. At this point, they strike.

A virus can easily attack a computer without the operator knowing simply by visiting a website, clicking a link in an email or downloading a certain program.

These are the most common ways to get a virus on your computer, but there are many others. The latest studies should that the number of computer viruses have quadrupled over the past couple of years. On top of this, the criminal hackers will use technology that is brand new and evolving at a faster rate than the technology used by those who are trying to stop the viruses. This is why we should do all we can to protect our computers from viruses.

Why You Have to Protect Yourself Online

The process of protecting yourself on the internet is basically the same as they were a decade ago. At the same time, however, criminals are upping their game, too. This means that not only must you maintain vigilance when online, but also be aware of the tactics that the bad guys use. You surely know the basics of protecting yourself online, but there are also other tactics and tools that you can use to ensure that you are safe.

The Safest Internet Browser Is…

The major browsers are:

  • Mozilla Firefox
  • Safari
  • Google Chrome
  • Microsoft Internet Explorer (Now “Edge”)

Let’s look at Internet Explorer. Over the years, there is no question that it has taken a beating. The folks at Microsoft have worked tirelessly to redeem the browser, and it grew much more secure than it was ever been before. But with the last official version being Internet Explorer 11, it’s time to move on. There is a lot of debate over which browser is the ‘best,’ but the truth is, they are almost equal when it comes to reliability, speed, and security.

Internet Explorer, for instance, does a security update whenever Windows Update is done. Firefox offers unique safety features, such as scanning downloads automatically for malware and viruses, as well as offering a virtual keyboard. Google Chrome is very website-friendly, as it tends to have a better display than Firefox.

All of these browsers have security features and options that require the attention of the user, as these might not be enabled by default. For example:

  • Any pop-up blockers should be turned on
  • You must decide if you want the browser to remember your passwords. Though this is convenient, it could put you at risk.
  • You must decide if internet content should be manually or automatically downloaded, and you have to decide where data is stored. Again, this sounds convenient, but it could be a security risk.

Generally, you will have the option to do much of this automatically, but it’s best to be notified before the computer downloads anything. This way, you can make a determination as to what affect the download might have on your system.

Wireless or Wired Internet Connection: What’s Best?

One simple way to understand the differences in security between a wireless and wired internet connection is to think of a telephone cord. When a telephone is connected to the outlet with a cord, the line is naturally secured. On the flip side, handheld, cordless, and wireless phone conversations are easier to intercept thanks to the influx of scanning tools available. Though a wired telephone can also be tapped, to do so, you must have internal access.

Internet connections are the same. When the computer is directly connected to a modem with a cable or wire, no one can access the connection, unless it’s an internal job. However, when you have a wireless connection, it can be hacked from outside, and all of that information being sent can be stolen.

To secure a WiFi connection one must set up WPA versions of encryption and/or use a Virtual Private Network software.

Protecting Yourself From Phishing

Protecting yourself from phishing is easy when you think about it. Simply don’t click on any email links from a sender you don’t recognize. And always be suspect of emails that look legit. The psychology that goes into phishing emails today is capable of scamming most, if not everyone if you’re not paying attention. If you believe that the email is real, hold the cursor over the enclosed link to see the exact URL. If the link is correct for the site you want to visit, it is probably safe. However, it might also be a type of typosquatting, which is when the address is slightly different, i.e. vs If you are not sure if the link is safe, contact the person or company who sent the email to ask.

Alternatively, you can type the address directly into the address bar on the browser.

If you get an email alert from a site with an internal messaging system, such as from your financial advisor or bank, log in directly, not through the email link, and check for any new messages. Again, instead of clicking through the email, if you get a message notifying you that your online statement is ready, again, go to the website by typing the address into the bar yourself or use a bookmark.

If an email ends up in your spam folder, this could be a sign that it is a phishing email, even if you believe that it is real. Many email programs and browsers include some type of tool that detects these emails. Stay out of your spam folder.

Remember, legitimate companies will not send you an email asking you for your credit card information or ask you to change your password. If you get these emails, immediately delete them, and then notify the company.

Preventing the ‘Zombification’ of Your Computer

Both small businesses and consumers have relaxed security practices, and this gives scammers a launching point for their attacks. This allows them to create systems, such as botnets, that allow them to access data without detection. Hackers also use these botnets to send phishing emails, spam, viruses, and malware.

Botnets might be as small as a couple computers or hundreds of thousands of them. In fact, there are millions of computers that have the potential to be part of a botnet. When a computer becomes part of a botnet, they turn into zombies.

There are things that people do that can trigger an attack. These include:

  • Looking at pornographic websites
  • Playing games on sites that are hosted out of the country
  • Downloading pirated software from P2P sites

There is no such thing as honor when talking about thieves, so don’t involve yourself in risky behavior online. You will only be opening the door for hackers.

Computers that have unsupported or outdated operating systems, such as Windows XP, also put you at risk for turning your computer into a zombie. The same can happen when using outdated or old browsers, such as IE 7 or 8.

To get the most protection for your computer, make sure that you are setting Windows Update to automatically keep security patches up to date. You should also make sure that you are upgrading to an operating system that is still being updated, such as Windows 7, 8.1. etc. Also, make sure to set antivirus software to automatically update.

Those who have a Mac know that traditionally, they have not been as vulnerable to the same threats that PC owners face. However, the internet has leveled this playing field, and those who choose a Mac are just at risk of online threats as those with a PC. With more people than ever before using the Mac OS, hackers are working hard to create tools to access these, too. Thus, it is very important that Mac users make sure to always run the latest version of the OS and install Security Updates when they are released.

Protecting Yourself From Typosquatting

Typosquatters are those who create websites, such as, that looks almost identical to real websites, such as After these websites have been created, they send out emails to millions, asking them to click on a link…which looks like it is legitimate. The problem? Once the victim is at that site and puts in their username and password, the hacker has their info.

How can you avoid these scams? Try this:

  • When doing any type of internet search, thoroughly examine each link
  • When typing an address into the browser, check it to ensure that it is spelled correctly
  • Only do business with internet retailers that you are familiar with, and then take care to type the address in yourself or use a bookmark.
  • You might also want to consider using a program, such as McAfee’s SiteAdvisor, which identifies any risky website by using a color-coded rating in the search results. This way, when you are browsing, you will know immediately if a site is safe or not.

Protecting Yourself From Scareware and Ransomware

The best way to keep yourself safe from scareware and ransomware is to ensure that your computer is always updated with the newest OS version and antivirus definitions. You should also make sure that you do not click any email links or visiting websites that might be risky. To fully protect your computer, follow these tips:

  • Use the newest version of your browser. At a minimum, download all available security updates for the browser you have if you don’t want to update.
  • Use the pop-up blocker that comes with your browser. This is usually a default setting, just make sure it’s on.
  • Keep in mind that there are some pop-ups that are legitimate, and if a pop-up will not close, use Ctrl-Alt-Delete to close the browser. If you have a Mac, use Command-Option-Escape, choose the application, and then force it to quit. Alternatively, click the Apple logo at the top left of the screen, and then choose the Force Quit option.
  • Do not ever click on any links that appear with a pop-up. If pop-ups begin to seem out of control, shut down the computer.
  • Persistence and patience count here. Though it can be difficult to close a pop-up, keep in mind that the buttons you press within the borders of the pop-up could still force a virus onto your computer.
  • Make sure that your antivirus software is completely up to date, and set it so that it updates the virus definitions automatically.
  • Never click any link that suggests that it will update your browser. Only update it from the manufacturer’s website.

Most people do not have the time, resources, or even the knowledge to fully protect their identity online. It is also not totally possible to prevent all forms of identity theft or fraud, which is why it is best to be forewarned and forearmed. With the current state of cybercrime growing by leaps and bounds, it is essential that you make an investment into protecting your computer.

Beware – This giant ransomware campaign just sent millions of malware-spreading emails

Over 23 million emails containing Locky were sent in a short amount of time.

Image: AppRiver

Once considered almost dead, the Locky strain of ransomware has continued its resurgence with a new email distribution campaign, which researchers say is one of the largest malware campaigns of this half of the year.

Over 23 million messages containing Locky were sent in just 24 hours on 28 August, with the attacks spiking in time to hit US workers as they arrived at their desks on Monday morning.

The new campaign was discovered by researchers at AppRiver who say it represents “one of the largest malware campaigns seen in the latter half of 2017”.

Millions of emails were sent with subjects such as ‘please print’, ‘documents’ and ‘scans’ in an effort to spread Locky ransomware.

The malware payload was hidden in a ZIP file containing a Visual Basic Script (VBS) file, which if clicked, goes to download the latest version of Locky ransomware — the recently spotted Lukitus variant — and encrypts all the files on the infected computer.

Locky distribution email.

Image: AppRiver

While the delivery method might seem basic, it’s worth remembering that only a handful for the millions of messages sent need to successfully deliver the malicious payload to provide the attackers with a significant profit.


Victims unfortunate to succumb to Locky are presented with a ransom note demanding 0.5 bitcoin ($2,300/£1800) in order to pay for “special software” in the form of a “Locky decryptor” in order to get their files back.

Instructions on downloading and installing the Tor browser and how to buy Bitcoin are provided by the attackers in order to ensure victims can make the payment.


Unfortunately for victims of Locky, researchers are yet to crack the latest version of the ransomware in order to provide free decryption tools.

Locky is one of the most successful families of ransomware of all time, rising to prominence during 2016 following a number of high-profile infections. Indeed, Locky was so successful that at one point it was one of the most common forms of malware in its own right.

But Locky has since had its position as king of ransomware usurped by Cerber, although this sudden resurgence shows that it remains very much a threat, especially as there isn’t a free decryption tool available to victims.

This isn’t the first time Locky has reappeared after a period of inactivity — the ransomware appeared to stop spreading in December last year before coming back to life in January.



Take this a step further; HTTPS should be implemented on all your phishing sites regardless if they harvest sensitive data or not. You’ve got a much better chance of bypassing any web proxy servers in place by running a full encrypted stream.

Phishing Frenzy now supports using an SSL Certificate and hosting your websites over HTTPS. Since Phishing Frenzy is essentially a front end for the Apache web service, you can upload your SSL certificate, activate the campaign and watch it all come to life over HTTPS. Now that’s legit.

How it Works

Let’s Encrypt has a nifty command line tool that we can run from our phishing server to quickly obtain our valid SSL certificate. The command line tool has now been renamed to “certbot” and can be downloaded off github here:

Once you’ve downloaded the script onto your server, it’s really a one-liner to get the SSL certificate in your possession.

The first item to note is that Apache cannot be running while you run certbot. In order for Let’s Encrypt to validate that you own the domain, it will resolve the FQDN to an IP address of the server you are currently on. Certbot will then start up a mini web service hosting a token which proves to Let’s Encrypt that you’re authoritative over this domain name.

This means that if you have any active phishing campaigns they would be disabled temporarily while you obtain the SSL certificate. Keep this in mind to make sure you’re not disrupting an active campaign of yours or a colleague.


If you try to invoke the certbot script with Apache running you’ll be notified with a nice little warning like below:

SSL Certificate - Apache Already Running

So once you’ve properly disabled your active web server, you can then run the “certbot” command similar to below. Make sure to tweak this for the domain name that you’re configuring.

./certbot-auto certonly –standalone –d

The standalone flag is used to tell the “certbot” tool that you want it to run a mini web service to properly authenticate with Let’s Encrypt by hosting a web page temporarily. The “certonly” flag is used to tell “certbot” that you don’t want the tool to automatically configure Apache with the SSL certificate. Just provide us the certificate, and we’ll deploy them to Apache ourselves through the Phishing Frenzy Web UI.

Once you’ve invoked this successfully, you are the new proud owner of some valid SSL certificates; Congratulations. By default all of the certificates will be dropped to the /etc/letsencrypt/live/:fqdn which is really a symbolic link to the /etc/letsencrypt/archive/:fqdn directory as seen below:



Now that we have all of the SSL files required to host our phishing site over HTTPS.  Let’s start Apache back up and jump back over to our campaign within Phishing Frenzy. All we need to do is upload the SSL certificate as seen below and save. Make sure to assign the proper cert, key and chain properly using the dropdowns on the right.


Once this data has been uploaded and saved to the campaign properly, you can then activate the campaign and your phishing site is now live over HTTPS.  Anyone who tries to hit the phishing site over HTTP will be automatically redirected to HTTPS by default.



If you’re not leveraging HTTPS for all your phishing engagements you should be. is a great service and is changing the world of SSL certificate authorities. It’s no cost to you, and the tools are really slick to auto-magically configure your Nginx or Apache web server with a couple added flags.

In the future we may incorporate Let’s Encrypt into the Web UI itself so that it communicates with the Let’s Encrypt API to pull down the SSL certificate and apply it to the current campaign.

Hope you enjoyed, and enjoy phishing all the things over HTTPS.

Common Problems with Mobile Devices

So mobile devices are commonplace, and we know that just by opening our eyes and
looking around.

However, a lot of common problems also occur that could be easy ways for an attacker to cause you harm:

One of the more common problems with mobile devices is that they quite often do not have passwords set, or else the passwords are incredibly weak. While some devices do offer simple-to-use and effective biometric systems for authentication instead of passwords, they are far from being the norm.

Although most devices support passwords, PIN codes, and gesture-based authentication, many people do not use these mechanisms, which means if the device is lost or stolen, their data can be easily accessed.

Unprotected wireless connections are also a known issue with many devices and seem to be worse on mobile devices.

This is more than likely due to owners of these devices being out and about and then finding an open access point and connecting without regard to whether it is protected or not.

Malware problems seem to be more of an issue with mobile devices than they are with other devices. This is due to owners downloading apps from the Internet with little concern that they may contain malware and not having an antimalware scanner on the device.

Users neglect to install security software on mobile devices even though such software is readily available from major vendors without restriction and is free. Many owners of these devices may even believe that malware doesn’t exist for mobile devices or that they are immune.

Unmaintained and out-of-date operating system software is a big problem. Similarly to desktop systems, patches and fixes for mobile OS software are also released from time to time.

These patches may not get applied for a number of reasons.

One of the bigger ones tends to be a provider such as AT&T tweaking stock Android into something that includes their applications and bloatware, not to mention adjustments.

When this happens, the patches and updates that Google releases may not work on those tweaked versions. In this case you would have to wait for some update to be made for your device by your provider before you can apply the patch. This process could take months or even a year and in some cases never.

Much like the OS, there may be software on the device that is not patched and is out of date. Internet connections may be on and insecure, which can lead to someone getting on the system in the same ways we discussed in earlier chapters on scanning, enumeration, and system hacking.

Mobile devices may be rooted or jailbroken, meaning that if that device is connected to your network, it could be an easy way to introduce malware into your environment. Fragmentation is common with Android devices. Specifically, this refers to the fact that unlike iOS there are a vast number of versions of the Android OS with different
features, interfaces, capabilities, and more.

This can lead to support problems for the enterprise due to the amount of variation and inconsistency. While these are some of the known problems that exist with mobile devices, they don’t necessarily represent the current state of threats, and you must do due diligence if you will be managing an environment that allows these devices.

One way to help you get a snapshot of the known problems in the mobile area is to use the Open Web Application Security Project (OWASP). OWASP is an organization that keeps track of various issues such as web application concerns, and it also happens to maintain top 10 lists of various issues including mobile device problems. You may want to check their site,, periodically to learn the latest issues that may be appearing and that you could use in your testing process.