27
Feb
secuniatiny

Secunia PSI Is A Tech Preview Of A 'Security' App That Scans A Few Other Apps And Gives You Useless Information

Posted by in Applications, News

There are a lot of security apps for Android that go a little ways into overkill territory. Whether you're talking about superfluous task managers or "virus scanners" that may provide some minimal protection while generating more fear than is warranted, Android has a persistent problem with companies applying a Windows-era mentality on a completely different OS. Secunia PSI, however, takes the cake for being one of the least effective apps on the Play Store.

secunia1 secunia2 secunia3

Here's how it works: Secunia scans your apps for possible vulnerabilities. Not actual infections, mind you. It just checks to see if the currently installed versions of your application match any known security holes.

17
Oct
dan-rosenbergs-presentation-on-android-modding-for-the-security-practitioner-is-a-must-read

[Exclusive] Android 4.2 Alpha Teardown, Part 2: SELinux, VPN Lockdown, And Premium SMS Confirmation

Posted by in Android OS, APK Teardown, Exclusives, Features

We've got an LG Nexus system dump and endless desire to spoil every Googley surprise we can. Today's edition of the Android 4.2 Teardown could be alternatively subtitled "The Super-Serious Security Edition," because we're talking about the sort of stuff that should make your sysadmin jump for joy.

Please keep in mind this is just as forward-facing and time-ambiguous as all my other teardowns. This is a list of new stuff in the 4.2 dump, not a list of "confirmed for 4.2" features. Anything could be cut or not fully implemented by the time 4.2 rolls around; similarly to how bits of Android are currently multi-user aware, yet multi-user functionality isn't accessible.

11
Oct
google-play-logo

[APK Teardown] The Play Store Is Getting A Built-In Malware Scanner, Wish List Progress, And More

Posted by in Android OS, APK Teardown, News

A new app update means a new APK Teardown here at AP. Today's victim is the Google Play Store, which was just freshly updated to 3.9.16. We've got all sorts of stuff to talk about.

A Built-In Malware Scanner

Yes, it's hard to believe, but Google is working on a malware scanner for the Play Store. The string file doesn't lie:

    <string name="package_malware_title">App Check</string>
    <string name="package_malware_consent_text">"Allow Google to check all apps installed to this device for harmful behavior?
To learn more, go to Settings > Security."</string>
    <string name="package_malware_banner_warning">Installing this app may harm your device</string>
    <string name="package_malware_banner_blocked">Installation has been blocked</string>
    <string name="package_malware_recommendation_warning">Google recommends that you do not install this app.</string>
    <string name="package_malware_recommendation_blocked">To protect you, Google has blocked the installation of this app.</string>
    <string name="package_malware_app_name">App name: \"%s\"</string>
    <string name="package_malware_checkbox_label">I understand that this app may be dangerous.</string>
    <string name="package_malware_consent_title">Verify apps?</string>

Apparently, there are two parts to this.

04
Jun
image

Duo Security Sends A Trojan Horse Inside Google's Bouncer, Explores And Fingerprints Its Guts

Posted by in Android OS, Applications, News

The Google Play Store's "Bouncer," which Google launched back in February to protect Android users from malicious apps, is a service that scans potential Play Store apps by running them in a virtual phone environment, where the app's activities are monitored for any signs of mal-intent.

Taking advantage of that test period, security researchers Charlie Miller and Jon Oberheide have evidently found ways past Bouncer (which they will be presenting at the Summercon conference in New York this week). Their method, in short, allows an app to "know" that it is being run in a virtual environment, meaning malicious apps could conceivably resist carrying out malicious activities until they are running on a real system.

24
May
thumb

£50k Fine Slapped On Firm Responsible For Fake Angry Birds And Other Play Store Games That Sent Premium SMS Messages

Posted by in News

Fake apps in the Play Store are nothing new. We've seen countless fakes hit the Store, many of which contained some form of malware used to steal user data, or worse, charge premium features to their bill. A Latvian firm is now being fined for the latter due to fake apps designed to look like Angry Birds Space, Cut the Rope, and Assassin's Creed.

After downloading one of the aforementioned apps, though, the user wasn't greeted by flying birds or a hungry frog, but instead... nothing. The apps did absolutely nothing in the foreground. Little did the users who installed these apps know that they were being scammed behind the scenes.

30
Apr
Thumb

Lookout Gets Real (Time) With Anti-Malware Protection, Offers File System And Install Monitoring

Posted by in Applications, News

If you use an anti-spyware/anti-malware client on your device, then there's little doubt that you've tried Lookout at one time or another. While it is definitely one of the most well-known and popular anti-malware clients for Android, it has always had one huge shortcoming, in my opinion: lack of SD card scanning and real-time application monitoring for side-loaded apps.

That changes today, however, as the Lookout team has finally added these two crucial features to the array of others that Lookout is capable of. File System Monitor keeps a watchful eye on incoming files to your SD card in real-time, so it can catch potential "infections" before they can cause any real damage.

02
Feb
bouncer

Google Brings In The Muscle: Meet Bouncer, The Market's Anti-Malware Machine - And It's Already At Work

Posted by in Applications, Apps/Games, News

As Android has grown from a small hobbyists OS to the mainstream-conquering behemoth it is today, so has the amount of malware directed towards it. A large chunk of the problem comes from malicious apps that make it into the Android Market - often times, duplicates of popular apps with a few strings of code thrown in that allow the app to transmit personal information or hijack the device.

Makers of anti-virus apps claim that there's more malware in the market than ever, painting the picture of a wild west-esque place that's ever-more attractive to the scum of the app universe.

24
Jan
Mobile-Threat-Tracker-Icon1

Lookout Releases 'Mobile Threat Tracker' - A Pretty Way To Visualize How Many 'Threats' Lookout Finds On A Daily Basis... And That's About It

Posted by in Applications, News

We've all heard the debates (or been involved in them) about Android malware. Some say it doesn't really exist and is only used as a "scare tactic." Others insist that it's a threat and is becoming more prominent.

Regardless of your personal feelings on the matter, Lookout Labs would have us believe that it finds thousands of threats everyday. In order to help visualize this claim, Lookout released a new app to the Market called Mobile Threat Tracker that shows, in almost real-time, detected infections on Lookout-protected devices across the globe.

Screenshot_2012-01-24-13-01-57 Screenshot_2012-01-24-13-02-06 Screenshot_2012-01-24-13-02-17

Screenshot_2012-01-24-13-02-51 Screenshot_2012-01-24-13-02-57 Screenshot_2012-01-24-13-03-05

Each infection is dramatically flown into the screen and represented by a stream of glowing light that becomes a glowing dot of malware/spyware evil on its respective part of the globe.

22
Jan

[Weekend Poll] Do You Use An Antivirus App On Your Android Device(s)?

Posted by in Applications, Polls

This is the latest in our Weekend Poll series. For last week's, see If Android Ceased To Exist, What OS Would Your Next Device Be?

Antivirus apps are big business on Android. Just run a search on our site and you can see there are tons of big-name apps for our beloved OS that help protect users from malware, track lost devices, and manage privacy (among other things). Millions have downloaded such apps, and sometimes paid fairly large sums (in relation to other apps, anyway) for the protection they offer.

Simply put, then, do you use antivirus on any of your Android devices?

13
Jan
android-virus-1

First Malicious IRC Bot For Android Shows Up, Allows The Attacker Full Remote Control Of Your Device

Posted by in Android OS, News

We've seen our fair share of Android malware hit the scene, but the guys over at Kaspersky Labs have stumbled upon something rather alarming: the first IRC bot for Android. For those unaware, an IRC bot is a tool that provides automated function inside of an IRC channel. While very useful in many scenarios, IRC bots are also often used for malicious intent, such as the case at hand. It's worth noting here that, with the way this attack works, remote commands could be sent via any medium - SMS, webserver, etc. The attacker has just chosen IRC as the platform for this exploit.

Page 1 of 3123