Google turns Android phones into earthquake sensors; California to get alerts

By Paresh Dave

OAKLAND, Calif. (Reuters) – Alphabet Inc’s Google’s Android phones on Tuesday started detecting earthquakes around the world to provide data that could eventually give billions of users precious seconds of warning of a tremor nearby, with an alerting feature first rolling out in California.

Japan, Mexico and California already use land-based sensors to generate warnings, aiming to cut injuries and property damage by giving people further away from the epicenter of an earthquake seconds to protect themselves before the shaking starts.

If Google’s approaches for detecting and alerting prove effective, warnings would reach more people, including for the first time Indonesia and other developing countries with few traditional sensors.

Seismology experts consulted by Google said turning smartphones into mini-seismographs marked a major advancement, despite the inevitably of erroneous alerts from a work in progress, and the reliance on a private company’s algorithms for public safety. More than 2.5 billion devices, including some tablets, run Google’s Android operating system.

“We are on a path to delivering earthquake alerts wherever there are smartphones,” said Richard Allen, director of University of California Berkeley’s seismological lab and visiting faculty at Google over the last year.

Google’s program emerged from a week-long session 4-1/2 years ago to test whether the accelerometers in phones could detect car crashes, earthquakes and tornadoes, said principal software engineer Marc Stogaitis.

Accelerometers – sensors that measure direction and force of motion – are mainly used to determine whether a user is holding a phone in landscape or portrait mode.

The company studied historical accelerometer readings during earthquakes and found they could give some users up to a minute of notice.

Android phones can currently separate earthquakes from vibrations caused by thunder or the device dropping only when the device is charging, stationary and has user permission to share data with Google.

If phones detect an earthquake, they send their city-level location to Google, which can triangulate the epicenter and estimate the magnitude with as few as several hundred reports, Stogaitis said.

The system will not work in regions including China where Google’s Play Services software is blocked.

Google expects to issue its first alerts based on accelerometer readings next year. It also plans to feed alerts for free to businesses that want to automatically shut off elevators, gas lines and other systems before the shaking starts.

To test its alerting abilities, Google is drawing in California from traditional government seismograph readings to alert Android users about earthquakes, similar to notifications about kidnappings or flooding.

People expected to experience strong shaking would hear a loud dinging and see a full-screen advisement to drop, cover and hold on, Stogaitis said. Those further away would get a smaller notification designed not to stir them from their sleep, while people too close to be warned will get information about post-quake safety, such as checking gas valves.

Alerts will trigger for earthquakes magnitude 4.5 or greater, and no app download is necessary.

MyShake, an app launched by Allen’s Berkeley lab last year to provide Californians warnings and let them report damage, has drawn 1 million downloads.

Stogaitis also said Google has not discussed its plans with Apple Inc, whose competitor to Android comprises half the market in countries including the United States.

Apple was not immediately available for comment.

(Reporting by Paresh Dave; Additional reporting by Nathan Frandino; Editing by Sonya Hepinstall)

Google’s $2.1 billion Fitbit deal hits roadblock as EU opens probe

By Foo Yun Chee

BRUSSELS (Reuters) – Alphabet unit Google’s bid to take on Apple and Samsung in the wearable technology market by buying Fitbit hit a hurdle on Tuesday as EU antitrust regulators launched an investigation into the $2.1 billion deal.

The move by the European Commission on Tuesday came despite Google’s pledge last month not to use the fitness tracker’s data for advertising purposes in a bid to address competition concerns.

The EU antitrust enforcer said the data pledge was insufficient to allay its worries.

“The proposed transaction would further entrench Google’s market position in the online advertising markets by increasing the already vast amount of data that Google could use for personalization of the ads it serves and displays,” the Commission said.

It singled out online search and display advertising services and ad tech services, where analytics and digital tools are used in digital advertising, as two areas that would be affected by the deal.

It said data collected via wrist-worn wearable devices appeared to be an important advantage in online advertising, and the deal would give Google an edge in personalizing search engine ads and making it difficult for rivals to compete.

Ultimately this would result in higher prices for advertisers and publishers.

The investigation will also focus on digital healthcare and whether Google would make it difficult for rival wearables to function with its Android smartphone operating system.

The Commission will decide by Dec. 9 whether to clear or block the deal.

Google said the combination of its and Fitbit’s hardware would increase competition in the sector where players include Apple, Samsung, Xiaomi, Huawei and others.

“This deal is about devices, not data. We’ve been clear from the beginning that we will not use Fitbit health and wellness data for Google ads,” Rick Osterloh, senior vice president for devices and services, said in a statement.

“As we do with all our products, we will give Fitbit users the choice to review, move or delete their data.”

The deal has drawn criticism from healthcare providers, wearables rivals and privacy advocates.

Fitbit has a 3% share of the global wearables market as of the first quarter of 2020, far behind Apple’s 29.3% share, and also trailing Xiaomi, Samsung and Huawei, data from market research firm International Data Corp showed.

(Reporting by Foo Yun Chee; Editing by Jan Harvey)

Hackers hit Russian bank customers, planned international cyber raids

FILE PHOTO: The logo of Sberbank is seen on top of a building in central Moscow, Russia April 22, 2016. REUTERS/Maxim Zmeyev/File Photo

By Jack Stubbs

MOSCOW (Reuters) – Russian cyber criminals used malware planted on Android mobile devices to steal from domestic bank customers and were planning to target European lenders before their arrest, investigators and sources with knowledge of the case told Reuters.

Their campaign raised a relatively small sum by cyber-crime standards – more than 50 million roubles ($892,000) – but they had also obtained more sophisticated malicious software for a modest monthly fee to go after the clients of banks in France and possibly a range of other western nations.

Russia’s relationship to cyber crime is under intense scrutiny after U.S. intelligence officials alleged that Russian hackers had tried to help Republican Donald Trump win the U.S. presidency by hacking Democratic Party servers.

The Kremlin has repeatedly denied the allegation.

The gang members tricked the Russian banks’ customers into downloading malware via fake mobile banking applications, as well as via pornography and e-commerce programs, according to a report compiled by cyber security firm Group-IB which investigated the attack with the Russian Interior Ministry.

The criminals – 16 suspects were arrested by Russian law enforcement authorities in November last year – infected more than a million smartphones in Russia, on average compromising 3,500 devices a day, Group-IB said.

The hackers targeted customers of state lender Sberbank <SBER.MM>, and also stole money from accounts at Alfa Bank and online payments company Qiwi <QIWI.O>, exploiting weaknesses in the companies’ SMS text message transfer services, said two people with direct knowledge of the case.

Although operating only in Russia before their arrest, they had developed plans to target large European banks including French lenders Credit Agricole <CAGR.PA>, BNP Paribas <BNPP.PA> and Societe Generale <SOGN.PA>, Group-IB said.

A BNP Paribas spokeswoman said the bank could not confirm this information, but added that it “has a significant set of measures in place aimed at fighting cyber attacks on a daily basis”. Societe Generale and Credit Agricole declined comment.

The gang, which was called “Cron” after the malware it used, did not steal any funds from customers of the three French banks. However, it exploited the bank service in Russia that allows users to transfer small sums to other accounts by sending an SMS message.

Having infected the users’ phones, the gang sent SMS messages from those devices instructing the banks to transfer money to the hackers’ own accounts.

The findings illustrate the dangers of using SMS messages for mobile banking, a method favored in emerging countries with less advanced internet infrastructure, said Lukas Stefanko, a malware researcher at cyber security firm ESET in Slovakia.

“It’s becoming popular among developing nations or in the countryside where access to conventional banking is difficult for people,” he said. “For them it is quick, easy and they don’t need to visit a bank… But security always has to outweigh consumer convenience.”

CYBER CRIMINALS

The Russian Interior Ministry said a number of people had been arrested, including what it described as the gang leader. This was a 30-year-old man living in Ivanovo, an industrial city 300 km (185 miles) northeast of Moscow, from where he had commanded a team of 20 people across six different regions.

Four people remain in detention while the others are under house arrest, the ministry said in a statement.

“In the course of 20 searches across six regions, police seized computers, hundreds of bank cards and SIM cards registered under fake names,” it said.

Group-IB said the existence of the Cron malware was first detected in mid-2015, and by the time of the arrests the hackers had been using it for under a year.

The core members of the group were detained on Nov. 22 last year in Ivanovo. Photographs of the operation released by Group-IB showed one suspect face down in the snow as police in ski masks handcuffed him.

The “Cron” hackers were arrested before they could mount attacks outside Russia, but plans to do that were at an advanced stage, said the investigators.

Group-IB said that in June 2016 they had rented a piece of malware designed to attack mobile banking systems, called “Tiny.z” for $2,000 a month. The creators of the “Tiny.z” malware had adapted it to attack banks in Britain, Germany, France, the United States and Turkey, among other countries.

The “Cron” gang developed software designed to attack lenders including the three French groups, it said, adding it had notified these and other European banks at risk.

A spokeswoman for Sberbank said she had no information about the group involved. However, she said: “Several groups of cyber criminals are working against Sberbank. The number of groups and the methods they use to attack us change constantly.”

“It isn’t clear which specific group is being referred to here because the fraudulent scheme involving Android OS (operating system) viruses is widespread in Russia and Sberbank has effectively combated it for an extensive period of time.”

Alfa Bank did not provide a comment. Qiwi did not respond to multiple requests for comment.

Google <GOOGL.O>, the maker of Android, has taken steps in recent years to protect users from downloading malicious code and by blocking apps which are insecure, impersonate legitimate companies or engage in deceptive behaviors.

A Google spokesman said: “We’ve tracked this malware family for several years and will continue to take action on its variants to protect our users.”

FAKE MOBILE APPS

The Russian authorities, bombarded with allegations of state-sponsored hacking, are keen to show Russia too is a frequent victim of cyber crime and that they are working hard to combat it. The interior and emergencies ministries, as well as Sberbank, said they were targeted in a global cyberattack earlier this month.

Since the allegations about the U.S. election hacking, further evidence has emerged of what some Western officials say is a symbiotic relationship between cyber criminals and Russian authorities, with hackers allowed to attack foreign targets with impunity in return for cooperating with the security services while Moscow clamps down on those operating at home.

The success of the Cron gang was facilitated by the popularity of SMS-banking services in Russia, said Dmitry Volkov, head of investigations at Group-IB.

The gang got their malware on to victims’ devices by setting up applications designed to mimic banks’ genuine apps. When users searched online, the results would suggest the fake app, which they would then download. The hackers also inserted malware into fake mobile apps for well-known pornography sites.

After infecting a customer’s phone, the hackers were able to send a text message to the bank initiating a transfer of up to $120 to one of 6,000 bank accounts set up to receive the fraudulent payments.

The malware would then intercept a confirmation code sent by the bank and block the victim from receiving a message notifying them about the transaction.

“Cron’s success was due to two main factors,” Volkov said. “First, the large-scale use of partner programs to distribute the malware in different ways. Second, the automation of many (mobile) functions which allowed them to carry out the thefts without direct involvement.”

($1 = 56.0418 roubles)

(The story is refiled to fix typo in spelling of Societe Generale)

(Additional reporting by Maya Nikolaeva in Paris and Eric Auchard in Frankfurt; Editing by Christian Lowe and David Stamp)