apps

Wed
02
Oct
John Lister's picture

Necro Malware Infects 'Modified' Spotify, WhatsApp

"Modified" versions of popular apps have helped distribute a nasty piece of Android malware. The tactic expanded the reach of the Necro Trojan despite Google's security checks. Necro was able to survive for some time before discovery, largely ... because the infection wasn't obvious to users. Its main purpose was to hijack phones and use them to make money for the people behind the malware. This included displaying paid ads in the background so that users didn't see them, but the scammers were able to claim revenue from advertisers. The malware would also install apps on the phone to earn ... (view more)

Wed
11
Sep
John Lister's picture

Android to Tackle Data Harvesting Scam Apps

A key change to Android could reduce the risk of scammers stealing personal data or money. The update will mean sensitive apps won't open unless potentially risky apps are closed first. The idea is to tackle rogue apps which are designed to either ... capture personal data from another app, or to take control of the phone unbeknownst to the owner. Developer Choice Google's new tactic aims to find a balance between restricting the activities of such rogue apps and keeping the freedom of users to choose what apps they install, including those from sources other than the official Play Store. The ... (view more)

Wed
14
Aug
John Lister's picture

Android Malware Hidden For Years

Five rogue Android apps remained in the Google Play store for more than two years. They hosted notorious malware called Mandrake that was hidden through some creative means. According to SecureList, the apps were titled AirFS, Amber, Astro Explorer, ... Brain Matrix and CryptoPulsing. The good news is that the apps had hardly any downloads, one of the reasons they attracted little attention. The real concern is whether malware distributors are using the same tactics with other apps. (Source: securelist.com ) Mandrake has been known about since 2020, though appears to have been in circulation ... (view more)

Wed
03
Jul
John Lister's picture

No-Apps Phone Could Cost $799

The makers of a low-tech phone say they want people to use it as little as possible. But they've added a "proper" screen that brings the price up to $399. The third incarnation of the Light Phone continues to raise questions about exactly who the ... intended users are, though the makers say sales have topped 100,000. (Source: techcrunch.com ) Previous versions had virtually no features: the Light Phone 2 made phone calls and accepted text messages, but had no Internet browser or installable apps. Instead it simply performed a few basic built-in tasks such as playing music files, giving driving ... (view more)

Wed
12
Jun
John Lister's picture

Google Play 'Update' May Be Scam

Android scammers are using a creatively nasty way to spread malware. They've disguised it as an update for the Google Play store itself. It's a particularly cheeky way to try to get credibility for a malware scam. Not only is Google Play the ... official place to get Android apps in the first place, but the best and simplest Android security tip is to only use apps from Google Play. In this case, the malware doesn't originate as an app but instead as a bogus link. This could be on a web page, in a text message or in an email. The supposed source is Google itself and the link comes with a message ... (view more)

Fri
17
May
John Lister's picture

'Dirty Stream' Floods Android With Malware

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Wed
15
May
John Lister's picture

2.28 Million Rogue Apps Blocked By Google

Google says it blocked 2.28 million potentially malicious apps from getting into the official Play store last year. It stopped or paused a further 200,000 which didn't correctly use the permissions system. The figure for malicious app blocks is up ... almost half compared with 2022. Google didn't say conclusively whether that means more scammers are trying their luck or if it simply did a better job of detecting them. However, it did note the 2023 figure was "in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review ... (view more)

Mon
06
May
John Lister's picture

Some iPhone Users Could Bypass App Stores

Apple has confirmed some users will be able to download iOS apps from websites rather than an app store. But the relaxation of rules comes with a major limitation. The new policy applies to European Union countries and is part of Apple's response to ... the Digital Markets Act. That's a new rule that says operators of services with a very large number of users in Europe must remove some barriers to competition. These generally include opening services up to third party access. That includes iOS apps were historically Apple has strictly enforced a rule that users can only install apps from its ... (view more)

Fri
01
Mar
John Lister's picture

Android Malware Targets Banking Apps

The latest malware targeting banking users may have infected up to 200,000 Android devices. The criminals behind Anatsa have deliberately exploited what's meant to be a useful feature that makes users' lives easier. The attacks have some familiar ... features such as distributing the malware through free tools that perform some basic functions and finding ways around the Android permission system. What makes it a particularly nasty campaign is that it takes advantage of the Android Accessibility system. Security researchers at ThreatFabric spotted the malware in five apps with similar names: ... (view more)

Fri
02
Feb
John Lister's picture

Apple Loopholes Could Quash Third-party App Stores

Apple appears to be exploring loopholes in its recent agreement to allow iPhone users to install apps from sources other than its official store. It wants to continue reviewing apps and taking commission from developers, which could significantly ... undermine the effect of the changes. The company has until March 7 to comply with new rules in Europe. Rather than fight the rules or pull out of the market altogether, it decided to allow sideloading for users in European Union countries . Unlike with some physical device changes made to meet European rules, Apple won't be extending the policy to ... (view more)

Pages

Subscribe to RSS - apps