Android Police

Articles Tagged:



Malicious third-party SDKs obtained personal data from millions of Twitter and Facebook users on Android

Twitter and Facebook have both been targeted by malicious mobile SDKs on Android that accessed personal data, such as email addresses and user names. The companies have since informed Google about the issue, and Facebook sent cease and desist letters to the data collection firms behind the SDKs, oneAudience and MobiBurn.

Read More

Power Shade and Material Notification Shade removed from the Play Store — Google says malicious, developer responds coyly

From time to time we come across a story of an app being removed from the Play Store unjustly and the developer getting frustrated with the lack of warning or communication, and more frustratingly, the absence of a valid reason. The case of popular apps Power Shade (500K installs) and Material Notification Shade (1M+ installs) has proven to be a little different though, and possibly more head-scratching than that.

Read More

Inaudible smart speaker commands can be hidden in music, researchers say

In 2016, a group of students from University of California, Berkeley, and Georgetown University demonstrated that they were able to issue unheard commands to smart devices like Google Home and Amazon Echo by hiding them in white noise. Now, two of those Berkeley students have published a paper that says they can hide such commands in recordings of music or even human speech.

Read More

Google updates Play Store developer policies, provides additional information on malicious behavior, ratings manipulation, and more

Google's policy for developers on Google Play has been updated recently to include a few new changes. It has revised both the Malicious Behavior policy and the Ratings Reviews, and Installs policy, as well as introduced additional policy requirements for Instant Apps distribution. To make things easy, Google also has some new tips on how developers can stay on the right side of its policies in the future.

Read More

[Security] Vulnerability In Firefox For Android Discovered That Allows Hackers To Steal Files From The SD Card And Firefox's Privately Stored Data [Update]

The security of our mobile apps and private data is a very serious matter. This is particularly true for high value targets like web browsers, which often store login credentials that can be used to access many of the websites we use on a regular basis. Unfortunately, browsers are also very complicated applications with an extensive set of features that are difficult to lock down completely. Sebastián Guerrero Selma of viaForensics recently posted a video demonstrating a newly discovered vulnerability in Firefox for Android which would allow hackers to access both the contents of the SD card and the browser's private data.

Read More

[Security] Firefox For Android Can Be Tricked Into Automatically Downloading And Executing Malicious Code

A very serious security hole has been discovered in Firefox for Android that allows a website to force the browser to download and run potentially damaging files, usually without the user's knowledge or interaction. The vulnerability was first described and demonstrated publicly on September 9th as part of a posting meant to advertise the attack as being for sale. The method for exploiting the weakness simply requires a webserver to instruct Firefox for Android to initiate a download, after which the downloaded file is automatically opened or executed (depending on the file type).

Here's a demonstration using an apk crafted to look like an update to Firefox:

While the demo video above uses an apk and relies on a user being tricked into installing it, the potential vectors of attack aren't restricted simply to apks and can possibly leverage other weaknesses on a device.

Read More

Duo Security Sends A Trojan Horse Inside Google's Bouncer, Explores And Fingerprints Its Guts

The Google Play Store's "Bouncer," which Google launched back in February to protect Android users from malicious apps, is a service that scans potential Play Store apps by running them in a virtual phone environment, where the app's activities are monitored for any signs of mal-intent.

Taking advantage of that test period, security researchers Charlie Miller and Jon Oberheide have evidently found ways past Bouncer (which they will be presenting at the Summercon conference in New York this week). Their method, in short, allows an app to "know" that it is being run in a virtual environment, meaning malicious apps could conceivably resist carrying out malicious activities until they are running on a real system.

Read More

£50k Fine Slapped On Firm Responsible For Fake Angry Birds And Other Play Store Games That Sent Premium SMS Messages

Fake apps in the Play Store are nothing new. We've seen countless fakes hit the Store, many of which contained some form of malware used to steal user data, or worse, charge premium features to their bill. A Latvian firm is now being fined for the latter due to fake apps designed to look like Angry Birds Space, Cut the Rope, and Assassin's Creed.

After downloading one of the aforementioned apps, though, the user wasn't greeted by flying birds or a hungry frog, but instead... nothing. The apps did absolutely nothing in the foreground. Little did the users who installed these apps know that they were being scammed behind the scenes.

Read More

Lookout Team Pegs 25 Android Market Apps Infected With DroidDreamLight Malware

Remember DroidDream - one of the worst malware apps that we've seen since Android's inception? Well, it appears that the developer of said malware is back at it again, with a  reported 25 infected apps (so far) found in the Android Market. Dubbed DroidDreamLight by the Lookout Security team, this infection is a stripped down version of its predecessor. Make no mistake, though - that doesn't mean it's any less malicious.

This malware was actually found by a developer of one the infected apps, when he noticed that a modified version of his own apk was being distributed in the Android Market.

Read More

Critical Vulnerability Found In Adobe Flash For Android, Probably No Cause For Concern

With a great plugin comes great responsibility - to avoid malicious Flash files, that is. A zero-day exploit has been discovered in Adobe Flash that affects all Android versions of the software, Adobe announced today.

The most common vessel for the exploit is (fortunately) a Microsoft document (.doc) email attachment with an embedded Flash file (.swf) - and I'm not aware of any Word document viewers/editors in Android that support embedded Flash. Once the Flash file is executed, the exploiter can run malicious code on the target device. How, or whether, this could affect Android is unknown.

Still, it's important to remember that Adobe's products, ever the target of hackers and shady enterprise, share common elements across operating systems - including, at times, potentially dangerous flaws and exploits.

Read More