A sophisticated strain of malware capable of stealing user data from infected Android devices is masquerading as the System Update application.

The malicious mobile app, which functions as a Remote Access Trojan (RAT), is part of a sophisticated spyware campaign that has the ability to record audio from devices, take photos, and access WhatsApp messages, according to Zimperium researchers.

Once installed, it registers with its own Firebase command and control (C&C) server, normally used by legitimate Android developers, as well as a second independent C&C server, to send across an initial cache of information. This includes information about whether WhatsApp is installed or not, battery percentage, storage stats, and other information. It can only be installed from a third party store and not the Google Play store.

The malware then receives commands to initiate various actions such as the recording of audio from the microphone or data exfiltration. Researchers have also discovered the malware is capable of inspecting web browsing data, stealing images and videos, monitoring GPS locations, stealing phone contacts and call logs, and exfiltrating device information.

The device also asks permission to enable accessibility services, and abuses this to collect conversations and message details from WhatsApp by scraping the content on the screen after detecting whether the user is accessing the messaging service.

It hides by concealing the icon from the device’s main menu or app drawer, while also posing as the legitimate System Update app to avoid suspicion. When the device’s screen is turned off, the spyware creates a ‘searching for updates’ notification using the Firebase messaging service which allows it to generate push notifications.

The spyware’s functionality is triggered under various conditions, including when a new contact is added, a new text message is received or a new application installed. It does so by exploiting Android’s receivers including ‘contentObserver’ and ‘Broadcast’, which allows communication between the device and the server.

The Firebase messaging service is only used to initiate malicious functions, such as audio recording or data exfiltration, by sending commands to infected devices. The data itself is then collected by the second dedicated C&C server.

The spyware also only collects up-to-date information, with a refresh rate of roughly five minutes for location and networking data. The same applies to photos taken using the device’s camera, but the value is instead set to 40 minutes.

Researchers have so far been unable to determine who is behind the campaign, or whether the hackers are trying to target specific users. Given this spyware can only be downloaded outside of the Google Play store, users are strongly advised not to download applications to their phones from unsafe third-party sources.

Ingka Investments, owner and operator of 389 Ikea stores and e-commerce across 32 countries, has invested close to £12 million in London-based tech startup what3words.

What3words technology divides the world into a grid of 3-metre squares, with each square being assigned a unique combination of 3 words that can be used to pinpoint the area to a high degree of accuracy. This has a number of use cases, including helping emergency services locate 999 callers in locations that are difficult to describe, such as a remote hillside.

Ingka said that the technology would prove useful with efforts to reduce CO2 emissions and reduce the number of vehicles on the roads by ensuring more first-time deliveries are successful.

“As we look to a future of drone deliveries and autonomous vehicles, the system, also designed for voice entry, will provide the accuracy needed,” it added.

The investment is set to launch the startup into new international markets while continuing to develop partners within the e-commerce and logistics sector.

Krister Mattsson, managing director of Ingka Investments, said: “We are delighted with this new investment in what3words as they are an innovative company and we are confident of their continued growth. With an increasing demand for home deliveries, scalable and sustainable solutions are becoming increasingly important.

“We see value in helping to support the build-up of a universal addressing system that can lead to better customer experience, while the precise locations will allow for a reduction in overall miles travelled, reducing the carbon footprint of home deliveries.”

The Ingka Group has already made a number of investments to help support the core Ikea retail business, including in areas such as digitalisation, customer fulfilment, fintech, and sustainability.

“What3word’s ambition is to become a global standard for communicating location,” said Chris Sheldrick, CEO and co-founder of what3words. “We envisage a world where on every platform, in every checkout field, you can give your what3words address, with retailers able to deliver to that precise 3-metre square. The investment from Ingka Investments will help us unlock new markets while accelerating our position as a ‘must-have’ in the logistics industry.”

In November 2019, Capita integrated the what3words app into its “Vision” control systems to help emergency services locate 999 callers in difficult to pinpoint areas.

Slack has removed a capability that allowed users to customise external invites with a message after users expressed concerns that the function could subject users to harassment and unwanted messages.

The communications platform has said it “immediately” removed the function on Slack DMs, a new cross-organisational messaging service that only launched yesterday.

Slack DMs was designed as a new feature for Slack Connect, the platform’s external channel sharing feature that provides a secure way of collaborating with teams outside of an organisation, that first launched in June 2020. The DMs feature allowed users to connect with an external user by sending an invite with a bespoke message.

Shortly after its launch, Twitter product developer Menotti Minutillo revealed that the function could be used to send a seemingly unlimited number of malicious messages to external users. The feature would also email a copy of the invite to the target containing the message in full, which appeared to be impossible to block as they originated from a generic Slack address.

Following the initial backlash, Slack has now said that users will be unable to customise messages as part of the invite function.

“After rolling out Slack Connect DMs this morning, we received valuable feedback from our users about how email invitations to use the feature could potentially be used to send abusive or harassing messages,” said Jonathan Prince, Slack’s vice president of communications and policy. “We are taking immediate steps to prevent this kind of abuse, beginning today with the removal of the ability to customise a message when a user invites someone to Slack Connect DMs.

“We made a mistake in this initial roll-out that is inconsistent with our goals for the product and the typical experience of Slack Connect usage. As always, we are grateful to everyone who spoke up, and we are committed to fixing this issue.”

Slack DMs – and Slack Connect – is only available on paid businesses accounts.

This article originally appeared in Issue 14 of IT Pro 20/20, available here. To receive each new issue in your inbox, click here.

The great remote working experiment has been going on for so long that office life is slowly fading from memory. The banter, the pub lunches, cake on birthdays, it’s all too distant to recall now. But what about the people who have started a new job during the pandemic – how has the experience changed for them?

Nathaniel Ayling started working as a technology communications executive at Imagination Technologies in June 2020 having applied and interviewed for the role remotely. Several months into 2021, he is still yet to meet most of the people he works with in the flesh.

From virtual introductions to management meetings, Ayling takes IT Pro through his experience of remote onboarding. What worked, what didn’t and what felt just plain weird. 

Tools of the trade

“When it came to onboarding, the first step was the infrastructure, getting sent a laptop, or phone, all the kinds of technology that you use if you’re working from home,” Ayling explains. “And then there was the more HR learning side of onboarding.”

Laptop shipments have been increasing steadily during the pandemic, with Chromebook sales “through the roof”, according to analysts at Canalys. While it isn’t cheap to kit your organisation out, it isn’t unfeasible, either. Hot desking was a widely practiced strategy long before the outbreak of COVID and most businesses usually have ample laptop stocks. 

Due to the prolonged nature of the pandemic – and the prospect of some businesses never returning to the office – there may be other hardware needs to take into account, such as monitors, desks and chairs. Unfortunately your hardware allocations will be dependent on your employer; a work laptop is often the only tool you’ll get with a new job, as it’s all you need to get started, meaning you may well need to invest your own money in kitting out a home office.

Meet the team

We can all recognise that ‘new kid at school’ feeling on the first day of the job: You don’t know anyone and they certainly won’t have much information on you, so someone is given the task of showing you round and making introductions. Until last year, this was typically an in-person ritual of awkward smiles and handshakes (remember those?).

“The first thing you do in a lot of jobs is you go in on your first day, before you’ve started anything your boss says, ‘hello’, shakes your hand, and then you get walked around the office,” Aying says. “They introduce you to HR, this department, that department, whoever, and you obviously can’t do that when you’re remote.” 

Instead, Imagination Technologies attempted to recreate the welcome virtually, with an introduction video followed by recorded messages from team managers. This tactic has its benefits – Imagination Technologies has a global operation and Ayling was introduced to department heads from India and Argentina, whom he wouldn’t have met in person anyway. However, it has a significant flaw in that all the communication is one way: While Ayling met the team, the team didn’t get to meet Ayling. 

“We’ve been trying to get to know each other, but I think the one thing that you miss [when] working remotely, especially if you don’t know the people beforehand, is just the little vignettes of conversation,” he says. “Those more kind of informal moments where you might just end up on a topic of conversation, or just kind of down a rabbit hole and getting to know people. Those kinds of organic moments of interpersonal discovery aren’t quite there.”

Human Resources

Nearly all the tasks an HR department has to go through with a new starter can be done remotely, which was the case long before the pandemic and its resulting lockdowns. Correspondence over email, meetings on Microsoft Teams or Google Hangouts, personal details filed via any number of online platforms – thanks to the steady growth of HR-focused cloud services, there has been little difficulty in this area of onboarding. 

The process can still be a little surreal, given our preference for in-person meetings, but the reality is you may never actually meet the people responsible for your transition into the company. Depending on your employer’s plans for the future of office work, this can even mean that one-to-ones with line managers, meetings that assess your probation period or progress reports will be based entirely on how you’ve handled work remotely. 

“When people are working remotely, there’s got to be a lot more trust, but it also requires active communication,” Ayling explains. “Because if you’re new at another job, and you’re all set in the office, you can have those kinds of touch points where you get that informal, ad hoc feedback to make a point or just check in.”

“I think it’s potentially harder to prove your worth, if that makes sense. Because when you’re in the office every day, they can see that you’re up and about and moving, but when you’re working from home, there has to be an element of trust involved, because they obviously can’t just monitor you the whole time.” 

Beyond the pandemic

A study of between 6,000 and 7,000 UK residents during 2020 found that remote working increased 43% and with it a wealth of benefits for a greater life-work balance. From the employee perspective, 88% want to continue working from home beyond the pandemic. But whether they can stay at home is dependent on their employer’s discretion and, in some cases, the industry they work in. 

According to LinkedIn’s Workforce Confidence Index, 38% of respondents said they felt their employer would call them back into the office on a full-time basis – reverting back to pre-pandemic life, so to speak. However, 43% said they believed their work would be a mixture of in-office and remote, while only 10% felt their jobs would be completely done from home. 

This suggests most new starters won’t encounter remote onboarding after the pandemic, with at least some of it done in person in a dedicated office. When this oft-promised post-pandemic world will arrive, however, is another matter. Even as restrictions look set to gradually lift over the coming months, most offices and workspace will be subject to strict social distancing measures for some time, meaning sitting near some from HR, so they can talk you through your benefits package might not be feasible for at least a year, or even two. 

“I wouldn’t say [remote onboarding] is better or worse, I think it’s … different,” Ayling says. “At the start of lockdown, everybody on LinkedIn was saying ‘well, looks like the office is dead forever’, but I do miss the office to an extent. I think what we’ll probably see going forward, rather than a complete closure of offices, is a much more flexible approach.”

Amazon Web Services (AWS) has appointed Salesforce executive Adam Selipsky as its new CEO. 

Selipsky will replace Andy Jassy, who himself is replacing Jeff Bezos as the CEO of AWS’ parent company Amazon. 

The appointment will see Selipsky return to AWS after leaving in 2016 to become the CEO of Tableau. He previously spent 11 years at the AWS as vice president of sales, marketing and support, but his return as CEO has still come as a surprise to some in the industry who expected the role to go to a current AWS executive. 

“Whilst on first glance, hiring Selipsky to replace Jassy is a surprising call given that many expected this to be an inside job,” said. Nick McQuire, chief of research and enterprise at CSS Insight.

“In reality, few AWS execs have the raw CEO experience of running a hyper-growth technology business,” he added. “Selipsky fits this bill of course but the fact that he has extensive experience of the AWS ‘secret sauce’ culture as well, makes him an obvious bet.”

Selipsky’s tenure at Tableau saw the company’s value quadruple as he lead its move from perpetual licenses to subscriptions. In 2019 the firm was acquired by Salesforce, where Selipsky became a member of its executive leadership board while continuing as Tableau’s CEO.  

“Adam brings strong judgment, customer obsession, team building, demand generation, and CEO experience to an already very strong AWS leadership team,” Jassy wrote in a statement. “And, having been in such a senior role at AWS for 11 years, he knows our culture and business well.

“With a $51 billion revenue run rate that’s growing 28% YoY, it’s easy to forget that AWS is still in the very early stages of what’s possible. Less than 5% of the global IT spend is in the cloud at this point. That’s going to substantially change in the coming years. We have a lot more to invent for customers, and we have a very strong leadership team and group of builders to go make it happen. Am excited for what lies ahead.”

Selipsky is set to start his new role as AWS CEO on 17 May. 

ServiceNow is set to acquire India-based startup Intellibot, a one-stop robotic process automation (RPA) platform that helps enterprises undergo digital transformation. 

The addition of Intellibot will help the company to extend its core workflow capabilities by helping customers automate repetitive tasks for intelligent, end-to-end automation, said Karel van der Poel, senior vice president of NowX products at ServiceNow.

“ServiceNow intends to build Intellibot’s capabilities natively into the Now Platform® so customers can more easily integrate with both modern and legacy systems. This will help them drive productivity and strengthen existing artificial intelligence (AI) and machine learning (ML) efforts,” wrote van der Poel.

Furthermore, Intellibot’s RPA capabilities complement ServiceNow’s existing automation functionality, including Virtual Agent chatbots, Natural Language Understanding and more.

This means the cloud computing company will have a complete, end-to-end automation portfolio that can help customers identify opportunities for automation and execute them all on one platform.

Moreover, the new RPA capabilities mean that companies can undergo rapid automation without changing background processes or jettisoning all their legacy IT systems.

“For example, instead of having to look up a customer billing record in an old legacy custom app, cross-reference the customer order number in a heavily customized enterprise resource planning (ERP) system, and then find the original service contract in a 20-year-old client-server application, ServiceNow customers will be able to do it all in one customer workflow experience,” underlined van der Poel.

He added: “The acquisition of Intellibot will deepen our investment in powerful automation capabilities that boost productivity and allow users to focus on more complex and strategic work.”

With these RPA tools on the Now Platform, ServiceNow hopes to move closer to automating business processes front start to finish through a combination of technologies.

Van der Poel says the pandemic has highlighted the need for orchestrated, intelligent, end-to-end automation and this is what ServiceNow is delivering on. The acquisition is expected to be completed in Q2 2021 and the companies did not reveal the purchase price.

Many companies are looking to automate workflows across their organisation, including Accenture who invested £2.3 billion last September into a cloud migration support group to help clients accelerate their digital transformation.

Furthermore, Microsoft Teams added Zapier, an automation app, to its platform to allow users to connect their apps and create automated workflows, reduce busywork and improve productivity.

Cloud service Box is reportedly exploring a sale amid growing pressure from investors that are thought to be unhappy with its stock performance during the pandemic.

The San Francisco-based company has been in discussions with potential buyers, including private equity firms, according to CNN sources. 

The sources requested anonymity because the issue is confidential, but there have been reports that Box shareholder Starboard Value has already begun preparing a board challenge against the firm. 

Last week, the company extended the deadline for director nominations to its board from the middle of April to 11 May. However, Starboard is calling for Box to do more to boost its value, with many thought to be unhappy that the cloud company hasn’t fully capitalised on remote working during the pandemic. 

Box, which was founded in 2005, was thought to be well placed to grow during the pandemic as it offers file-sharing and cloud storage services to businesses. While it has benefited from the shift to working from home over the last 12 months, its growth has been far lower than rival cloud businesses. 

The company’s fourth-quarter earnings beat analyst expectations, but with revenues of $189.9 million, it had only seen 8% growth year-over-year.

The company has continued to grow since going public in 2015, but the pace of that growth has declined each year. In comparison, smaller file-sharing service Dropbox has doubled its net income during the pandemic, which may suggest that this market has a ceiling. 

Similarly, Google and Microsoft, which offer file-sharing products within their business packages, have seen accelerated growth due to the global situation. It’s thought that if Box is seeking a sale, these hyper-scale companies could offer a lifeline; both have sought partnerships with Box, with Microsoft recently announcing tighter integration with its Office 365 platform.

The UK Home Office has successfully transferred a handful of critical functions to Oracle Cloud in order to modernise central back-office processes. 

The central government department, which employs more than 35,000 people, has migrated HR, payroll, finance, customer support and employee analytics services to Oracle Cloud to automate, standardise and integrate these processes. 

The adoption of Oracle’s Fusion Cloud Applications suite of business services will also see the Home Office modernise and improve its finance, HR, procurement, customer support and expense systems. 

Specifically, the department has adopted Oracle Fusion Cloud Human Capital Management for HR functions, including payroll, and Oracle Fusion Cloud Customer Experience (CX) for service and support. This builds on the department’s previous implementation of Oracle Fusion Cloud Enterprise Resource Planning (ERP) for finance.

These cloud migrations aim to boost productivity and reduce long-term costs at a time where there’s growing pressure on public finances due to the government’s coronavirus response. 

“The Home Office is one of the largest and most complex government departments in the UK to have successfully migrated all of its finance, commercial, HR and payroll footprint to the cloud,” said the Home Office’s chief people officer, Jill Hatcher. 

“This programme has charted the path for other departments to build on our collective experience. This go-live is a critical step in delivering business technology that is more user-centric and allows the Home Office to continually evolve.”

The Home Office had previously worked with the Government Shared Service (GSS) to develop a blueprint that other government departments could use to move their own key business processes to the cloud.

Developed with help from Fujitsu, SSCL and Accenture, the project dubbed Metis began by moving the Home Office’s finance, procurement and expense systems to Oracle Cloud ERP. 

“Recent disruptions and challenging economic forecasts have put pressure on many government departments,” said Oracle’s executive vice president for Applications Development, Steve Miranda. 

“We’re proud to help the Home Office of the UK standardise and modernise the way it works. Moving finance, HR, and customer support to the cloud will help the department to deliver more value to UK citizens.”

The government, last year, signed a string of deals with major cloud providers, including AWS, UKCloud and Google Cloud in order to offer public sector organisations a plethora of options for easy cloud migration.

In October last year, Oracle launched a next-gen dual-region government cloud for use by UK public sector organisations and their partners, including access to a host of cloud-based services such as Oracle Cloud VMware and Kubernetes.

Google Cloud has hired Intel engineering veteran Uri Frank to lead new server chip design efforts as part of the firm’s increasing investments in custom silicon.

Frank has spent the last two decades at Intel, advancing to Director Of Engineering in 2011 and later becoming VP of Platform and Silicon Engineering. Last year, he was appointed corporate VP of Intel’s Design Engineering Group but chose to leave the role earlier this month. 

It has now been revealed that Frank has been hired by Google and appointed VP of Engineering for the tech giant’s server chip design division which is to be based in Israel.

Announcing the move on his LinkedIn profile, Frank wrote that he “look[s] forward to growing a team here in Israel while accelerating Google Cloud’s innovations in compute infrastructure”, before adding that the tech giant is currently hiring system-on-a-chip (SOC) designers to join its growing sever chip team.

Google Cloud’s VP of Systems Infrastructure Amin Vahdat said that the company is “thrilled to welcome Uri Frank as our VP of Engineering for server chip design”, adding that Frank “brings nearly 25 years of custom CPU design and delivery experience” that will help Google “build a world-class team in Israel”. 

“We’ve long looked to Israel for novel technologies including Waze, Call Screen, flood forecasting, high-impact features in Search, and Velostrata’s cloud migration tools, and we look forward to growing our presence in this global innovation hub,” he stated.

Vahdat also elaborated on the company’s decision to focus on in-house SoC design. 

“Instead of integrating components on a motherboard where they are separated by inches of wires, we are turning to “Systems on Chip” (SoC) designs where multiple functions sit on the same chip, or on multiple chips inside one package. In other words, the SoC is the new motherboard,” he wrote.

The decision to produce custom chips in-house as opposed to outsourcing follows similar moves from companies including AWS and Apple.

This trend has been largely influenced by the difficulties in fulfilling the growing demand for chips, which has resulted in a significant global shortage of components. By manufacturing chips in-house, companies can be more self-sufficient, instead of relying on their suppliers.

Zoom has launched new tools for developers to help them build video-based applications and websites with fully customisable, native user interfaces. 

The Zoom Video SDK will now be made available via a free subscription service and will allow developers to build video-based applications and interactive features such as on-the-go live streaming with interactive chat, the company says. 

The Video SDK is part of Zoom’s Developer Platform, which features various resources such as dev tools, infrastructure support and access to a dev community. Developers can now access the SDK via a new “Buy Now” option which will come with no initial charge for up to 10,000 minutes per month, with additional minutes being charged on a per-minute basis. There will be a full paid tier, with a plan that starts at $1,000 a year and includes 30,000 session minutes per month.
 
As well as specific features for Zoom users, the firm hopes more business applications will be created. This could include functions for retail organisations with “unique” shopping experiences and tailored customer services via video. 

A good example of what developers can do with the SDK is Lingmo, a cloud-based AI translation software provider that built a feature for instant captions in meetings that let users converse in different languages. 

“Zoom’s fully customisable Video SDK was a good fit for us because it worked seamlessly with our technology and enabled us to assist enterprise customers in a new way. Zoom’s Video SDK allowed us to accelerate the development of our solution, and gave us the flexibility to enhance our product offering for our customers,” said Danny May, CEO of Lingmo International.

As well as the SDKs, developers can access APIs, chatbots, webhooks and even an analytical platform that can provide real-time data on their builds, such as customer engagement and performance figures. 
 
The announcement comes shortly after the anniversary of the UK’s first lockdown where the country switched to working remotely. Zoom was one of the biggest beneficiaries of the pandemic, seeing a 355% increase in adoption as consumers and businesses adopted its simple and cheap video conferencing.