Android

OnePlus Will Continue Software Updates After US and Europe Exit (9to5google.com) 15

OnePlus has confirmed that it will exit the North American and European markets, consolidating its operations under parent company Oppo. Existing customers will continue to receive "software updates, security patches, and applicable support," but OxygenOS will be replaced by Oppo's ColorOS. 9to5Google reports: As a part of its shutdown in global regions, OnePlus has confirmed that its flavor of Android, OxygenOS, is going away. Instead, all active OnePlus devices will be moving over to Oppo's ColorOS starting with their Android 17 updates. This includes in India, where OnePlus is adamant it will continue operations -- reliable reporting disagrees.

OnePlus explains: "As part of an operational adjustment to our software strategy, following the official release of ColorOS 17, users globally with existing OnePlus devices that fall within the eligible upgrade scope will have the option to voluntarily update to the latest ColorOS. This enables us to streamline software development, accelerate update delivery, improve software quality, and make better use of our shared engineering and R&D capabilities."

[...] OnePlus will continue "maintenance support" for OxygenOS versions on older models not included in the Android 17 update scope, but newer devices will likely need to make the switch to ColorOS for all forms of continued support. OnePlus does explain that rollback versions to OxygenOS will be available for those who prefer the prior experience: "OnePlus devices will be able to choose whether to update to the latest ColorOS system. Older models that are not included in the update scope will also continue to receive version maintenance support. If users update to ColorOS, they will be able to roll back to OxygenOS. The specific rollback versions available will be subject to future official announcements."

Security

Iran Abused Mobile Networks' Vulnerabilities To Locate US Military In Middle East (techcrunch.com) 141

An anonymous reader quotes a report from TechCrunch: The Iranian government abused well-known vulnerabilities in the global telecoms infrastructure to locate U.S. military personnel in the build-up to the Iran War, as well as in the early days of the conflict, according to Financial Times. The Iranian government exploited Signaling System 7, or SS7, a set of protocols for 2G and 3G networks that has long been the backbone of how cellular networks connect to each other to route subscribers' calls and texts around the world, the newspaper reported, citing research by the Mobile Surveillance Monitor, as well as anonymous government officials with knowledge of the spy campaign.

Intelligence agencies have long abused SS7 to track cellphones abroad, which is what happened in this campaign. Using this technique, Iran was reportedly able to locate U.S. military forces stationed in military bases as well as hotels in Iraq, Bahrain, and other countries in the Middle East, which allowed the regime to strike them. These attacks resulted in several injuries. Apart from SS7, Iran also abused advertising technology used to serve tailored ads to cellphone users, another well-known surveillance technique that relies on everyday technology.

Cellphones

OnePlus Is Reportedly Shutting Down In the US, Europe (9to5google.com) 65

OnePlus will reportedly announce this week that it is shutting down its brand in the U.S. and Europe, following months of signs that parent company Oppo was winding down the brand's global presence. India and China are reportedly unaffected, but it's unclear whether Oppo will replace the brand directly in those markets. The move also raises questions about future support for existing OnePlus users. 9to5Google reports: WinFuture reports that OnePlus is gearing up for an official withdrawal from the U.S. and European markets, with the announcement due in the "coming days" this week. Closed-door press conferences have apparently happened, with no details shared on the exact reason OnePlus as a brand is shutting down in these markets. India and China are, as far as this report claims, not affected. The report, citing "well-informed sources," notes that this OnePlus announcement will come amid "fundamental changes" to Oppo's strategy, but the big point here is the global death of OnePlus.
Security

US Government Warns That Russia State Hackers Are Coming After Your Router (arstechnica.com) 76

CISA and allied governments are warning users to secure their routers as Russian state-backed hackers continue compromising the devices and turning them into proxy nodes to disguise attacks against critical infrastructure. The advisory urges users to disable outdated SNMP versions, use strong passwords, update firmware, and turn off unnecessary router services to reduce the risk of being swept into these botnets. Ars Technica reports: "Russian Federal Security Service (FSB) Center 16 cyber actors continue to exploit poorly configured and vulnerable networking devices worldwide, opportunistically compromising multiple critical infrastructure sector networks," the Cybersecurity and Infrastructure Security Agency said Monday. The hacking groups are tracked under various names, including Berserk Bear, Energetic Bear, Crouching Yeti, Dragonfly, Ghost Blizzard, and Static Tundra. The advisory was co-issued by governments from around the world, including Australia, Denmark, New Zealand, and the UK.

The primary means of compromise the agency warned about was hackers scanning IP ranges with active Simple Network Management Protocol (SNMP) agents that accept common or default authentication credentials. These scans are run by the very sorts of router botnets the actors are trying to enroll the targeted device in. By sending malicious traffic from spoofed addresses, the hackers can use the SNMP agent on poorly configured routers to run malware. SNMP allows users to collect and organize information about managed networking devices or to modify that information to change device behavior.

With control of a device, the hackers then use it as an exit node when probing or attacking targets in the communications, defense, energy, financial services, and government sectors. By funneling the malicious traffic through a benign-appearing device on a trustworthy IP address, the attackers are able to lower the chances of getting blocked by firewalls and other security defenses. Monday's advisory made no mention of identical operations carried out in recent years by China. So-called residential proxies are also a go-to tool used by financially motivated criminal hackers to obscure their true IP address. In many cases, these sorts of proxies are made up of millions of streaming devices that are sold with preloaded malware.

Slashdot Top Deals