Android Police

Articles Tagged:

malware

10

Malicious third-party SDKs obtained personal data from millions of Twitter and Facebook users on Android

Twitter and Facebook have both been targeted by malicious mobile SDKs on Android that accessed personal data, such as email addresses and user names. The companies have since informed Google about the issue, and Facebook sent cease and desist letters to the data collection firms behind the SDKs, oneAudience and MobiBurn.

Read More
4

Google announces App Defense Alliance, brings three security companies on board to fight bad apps

Google has always maintained that its own Play Store security mechanisms were strong enough to keep your devices safe from malware and other bad actors, but this was proven wrong again and again and again. Thus it makes sense that the company has announced the App Defense Alliance, a partnership with ESET, Lookout, and Zimperium that aims to stop bad apps before they can reach anyone's Android devices.

Read More
12

[Update: Rogue third-party SDK removed] Snaptube caught with ad click fraud scheme and unwanted subscription signups

There are a plethora of Android apps that allow you to download videos and music files from popular websites such as YouTube, Instagram, Facebook, and more. Since doing that isn't exactly legal or sanctioned by Google, these applications live completely outside the Play Store, which means they lack any substantial malware protection. Some apps take advantage of this, and popular third-party downloader Snaptube turns out to be one of those. Security platform Secure-D has found evidence of fraudulent advertisement clicks in the background and unwanted, automatically created subscriptions which the owner of the phone has to pay for.

Read More
39

[Update: Back in Play Store] CamScanner fell victim to rogue ad network, hopes to be back in the Play Store soon

CamScanner recently had to leave the Play Store after security researchers found that it distributed malware between June and July this year. Today, its developer released a statement saying that it fell victim to an advertisement SDK provided by AdHub that loaded the malicious module into its product. It has since cut ties with the network and removed the malware.

Read More
5

Play Store bug bounty program expands to all apps with 100 million+ downloads

Google has a plethora of bug bounty programs that help it stay on top of black hat hackers. To keep incentives high, the company is constantly tweaking these programs' general frameworks and has recently increased Chrome's vulnerability rewards. Today, Google announced an expansion of its bug bounty system on Google Play to include all apps with 100 million downloads or more. It also introduced privacy-focused rewards for researchers identifying data abuse issues in apps.

Read More
130

[Update: Rogue ad network] CamScanner booted from Play Store after discovery of malicious code

After CamScanner introduced intrusive, unskippable full-screen advertisements to its free PDF scanner back in April, it now finds itself in the middle of another controversy. This time, it might mean the end to its life on the Play Store altogether. Kaspersky security researchers found evidence of malware in multiple versions of the app, published between June and July this year. While our own tests conclude that the August versions are free of malware, Google still decided to pull the plug and banned the app that accumulated more than 100 million downloads from the Play Store altogether.

Read More
31

Android Q steps up the fight against overlay-based malware

One of the bigger developer-facing changes we've spotted in Android Q is a mild deprecation of the SYSTEM_ALERT_WINDOW permission which controls overlays. (Think Facebook's chat heads or those Pokémon Go stats apps and you should get the idea.) Sideloaded apps on Android Q will see that permission revoked after 30 seconds, Play Store apps on Q will see it revoked on reboot, and the permission is being taken away entirely on the "Go" version of Android Q.

Read More
21

Rogue adware SimBad found in the Play Store, over 200 affected apps with 150+ million downloads removed

Another day, another security problem. This time, we have what's been dubbed SimBad by the Check Point research team, a rogue adware campaign found to affect over 200 now-removed apps in the Play Store — these apps together accounted for over 150 million downloads. It shows out-of-context ads, exposes users to other malicious apps, and can even open a URL in the browser without the user's consent.

Read More
109

New Year's resolution: Make your friends and family get rid of garbage apps

Many of you are visiting family for the holidays, which means you're sharing meals, telling stories, and exchanging gifts. In fact, quite a few of you may be giving phones or tablets to family members this year. If you're a regular around here, you're probably also known as the resident gadget expert, an honor that is both a compliment and a curse — you know what I'm talking about. While you might be trying to avoid impromptu tech support work, we would like to encourage taking a few minutes to do something for the greater good: Clean the trash apps from your family members' devices.

Read More
46

Some Android devices from ZTE, Archos, and others shipping with 'Cosiloon' malware

ZTE is currently fighting with the US government to lift a trade ban, while federal intelligence committees accuse the company of spying on US consumers. It looks like ZTE might be in even more trouble, as pre-installed malware has been found on several phones from the company. Avast Software has released details about the 'Cosiloon' malware on its blog, which has also been found on devices from Archos, Prestigio, and others.

Read More