Android Police

We found 228 results for 'malware'

Sort by:

Android Q steps up the fight against overlay-based malware

One of the bigger developer-facing changes we've spotted in Android Q is a mild deprecation of the SYSTEM_ALERT_WINDOW permission which controls overlays. (Think Facebook's chat heads or those Pokémon Go stats apps and you should get the idea.) Sideloaded apps on Android Q will see that permission revoked after 30 seconds, Play Store apps on Q will see it revoked on reboot, and the permission is being taken away entirely on the "Go" version of Android Q.

Read More

Some Android devices from ZTE, Archos, and others shipping with 'Cosiloon' malware

ZTE is currently fighting with the US government to lift a trade ban, while federal intelligence committees accuse the company of spying on US consumers. It looks like ZTE might be in even more trouble, as pre-installed malware has been found on several phones from the company. Avast Software has released details about the 'Cosiloon' malware on its blog, which has also been found on devices from Archos, Prestigio, and others.

Read More

Cryptocurrency mining malware "Loapi" capable of physically damaging phones

Researchers at Kaspersky Lab have identified a family of modular Android malware dubbed "Loapi," which is capable of mining the Monero cryptocurrency, inundating users with advertisements, automatically subscribing the user to paid services, and participating in DDoS attacks, among other functions. The cryptocurrency mining module maintains a load sufficiently high enough to cause physical damage to a test device after two days—the above photo shows a device which overheated to the point the battery bulged.

Read More

Toast overlay being used by malicious Android apps to install additional malware

Recently, Google has notified developers of apps that use Accessibility features for purposes other than helping users with disabilities to cease using those APIs or otherwise unpublish their app. The impetus for this move appears to be existence of (now removed) apps in the Play Store which use Accessibility features in conjunction with a vulnerability patched as part of the September security update to install malware.

Read More

Google's Play Protect didn't catch obfuscated malware with up to 20 million installs on the Play Store

At this year's I/O, Google announced Play Protect, a user-facing security screening process for apps on Android phones based on the old Verify Apps. Basically, it scans apps you install, comparing their content against known malware components, and notifies you if any potential risks are found. And it turns out, it's not infallible, as an older "packed" malware package was able to trick it. 

Read More

Chrome Beta 60 adds new search widget, limits the Vibration API to combat malware ads, and more [APK Download]

Chrome 59 was just released, which means Chrome 60 has graduated to beta status. This version includes a few interface changes, like a new context menu and file picker, as well as a new search widget. The Vibration API also has some new limitations to combat malware ads. Let's take a look.

Read More

Security firm Check Point says millions infected with botnet malware via Play Store

The conventional wisdom is that limiting your app downloads to the Play Store will help you avoid malware. That's true for the most part, but every now and then we hear about something sketchy that fell through the cracks. For instance, the security firm Check Point says that a number of "game guide" apps in the Play Store were hiding malicious code, and they may have accumulated millions of downloads.

Read More

Google and Lookout detail super-sophisticated 'Chrysaor' Android malware

An unusually advanced strain of malware was discovered on iOS last year, dubbed Pegasus by Lookout and other security firms that analyzed it. Now, an Android version of Pegasus has been discovered. The new malware is known as Chrysaor, and a full analysis of its origins and capabilities has been published by Google and Lookout. It's a serious piece of malware, but you don't have to worry about it showing up on your phone.

Read More

Google had to disable 900,000 ads in 2016 for spreading malware, and that's just the tip of the bad ad iceberg

Spend any amount of time on the internet (without an ad-blocker) and you'll run across at least a few Google AdSense ads. They're everywhere—including on AP. Being such a huge ad platform, it's also utilized by scammers, malware creators, and other internet ne'er-do-wells. Google has a new blog post up detailing what it did in 2016 to limit the use of AdSense for scams and illegal activity. The most relevant statistic for us is 900,000 ads disabled for spreading malware. That's a lot of malware.

Read More

[So Smart] This man's smart television with Google TV caught some malware, and now it's bricked

You know what's great? Having lots of streaming content available on your TV. What's not so great is when your quest to stream content results in ransomware bricking your TV. One fellow on Twitter shared the story of an LG TV that caught some nasty malware, and now it's apparently useless. Perhaps technology has gone too far.

Read More