Google's monthly patches help keep Android safe from malicious attacks (assuming your phone's manufacturer is willing to ship updates on time). So long as you're careful when downloading apps from outside the Play Store, keeping your device secure is pretty easy these days, even as new attackers try to distribute dangerous viruses. This week, mobile security researchers have discovered spyware that pretends to be a system update, only to take total control of the smartphone after being installed.
This week, it was uncovered that a Google Play Pass app with over 10 million installs turned into malware and distributed pesky popup advertisements. Google already long removed this app from the Play Store, but due to its generic name — "Barcode Scanner" — the original, legitimate Barcode Scanner app bearing the same name found itself caught in the crossfire and received numerous unwarranted 1-star ratings accusing it of being malware.
Google's reign over the Play Store often feels arbitrary, with legitimate apps disappearing for bogus reasons like out-of-context words or images while malware is striving. Another case has surfaced of an app turning into malware right under Play Protect's nose, and this time, the perpetrator is a Play Pass app with over 10 million installs: The generically named Barcode Scanner app. It has been removed since its discovery, but the developer's account remains active and offers other applications.
One more noteworthy feature snuck its way into Chrome 86. It's a small change, but it should help make a further dent in the growing problem of notification abuse. In this latest release, sites known for abusive notification content (things like distributing malware or falsely scaring users with fake system messages) will get the same silent treatment as sites that try to trick users into enabling notifications.
According to a report by Reuters, researchers at Awake Security uncovered a new spyware campaign that threatened the security of Chrome users. Google removed the more than 70 offending extensions from the Chrome Web Store last month after being alerted to the malicious activity, but not before they were downloaded 32 million times by unsuspecting users.
This story was originally published and last updated .
Earlier this year, a story madetherounds about a new kind of malware afflicting Android handsets. But it was this malware's pernicious nature that really made headlines, as it could even survive complete factory resets on afflicted phones. This insidious malware was named xHelper. At the time, we didn't know how it managed this impressive (but scary) achievement, but security researchers at Kaspersky have since dug into its inner workings, revealing an incredibly sophisticated system that installs itself to an Android phone's system partition, and even changes how the system works to prevent it from being "easily" removed.
As if the COVID-19 outbreak itself wasn't bad enough, there are also criminals exploiting people looking for guidance in this time of fear and misinformation. A malicious Android app has popped up that promises to help you track coronavirus cases near you and globally, but it's just a scheme to get some ransomware on your phone.
Gmail's spam and malware filters are among the best in the industry and block 99.9% of threats from reaching inboxes, according to Google. That doesn't mean there isn't room for improvement, as 0.1% can scale up to quite a substantial absolute number considering Gmail's big user base. Google has identified that malware in attachments (Office documents, in particular) tends to be dangerous due to its ever-changing nature, so it has developed an improved malware scanner that utilizes machine learning to stay ahead of the curve.
Windows is very far from a perfect operating system, but it's hard to complain about the built-in Defender antivirus. It generally doesn't disrupt the user experience, works well, and has largely eliminated the need for third-party antivirus programs on Windows PCs. Now Microsoft wants to bring Defender to... Android?
With recent scam apps incidents in mind, it might look like Google isn't very good at keeping malware and fraud out of the Play Store, but the company is hard at work to allow as little in as possible. It has shared today that thanks to security advancements, it could keep more than 790,000 policy-violating apps from entering the Play Store, and has also prevented more than 1.9 billion malware installs from sources outside of its distribution platform in 2019.