Android Police

Articles Tagged:

malware

10

Snaptube caught with ad click fraud scheme and unwanted subscription signups

There are a plethora of Android apps that allow you to download videos and music files from popular websites such as YouTube, Instagram, Facebook, and more. Since doing that isn't exactly legal or sanctioned by Google, these applications live completely outside the Play Store, which means they lack any substantial malware protection. Some apps take advantage of this, and popular third-party downloader Snaptube turns out to be one of those. Security platform Secure-D has found evidence of fraudulent advertisement clicks in the background and unwanted, automatically created subscriptions which the owner of the phone has to pay for.

Read More
39

[Update: Back in Play Store] CamScanner fell victim to rogue ad network, hopes to be back in the Play Store soon

CamScanner recently had to leave the Play Store after security researchers found that it distributed malware between June and July this year. Today, its developer released a statement saying that it fell victim to an advertisement SDK provided by AdHub that loaded the malicious module into its product. It has since cut ties with the network and removed the malware.

Read More
5

Play Store bug bounty program expands to all apps with 100 million+ downloads

Google has a plethora of bug bounty programs that help it stay on top of black hat hackers. To keep incentives high, the company is constantly tweaking these programs' general frameworks and has recently increased Chrome's vulnerability rewards. Today, Google announced an expansion of its bug bounty system on Google Play to include all apps with 100 million downloads or more. It also introduced privacy-focused rewards for researchers identifying data abuse issues in apps.

Read More
130

[Update: Rogue ad network] CamScanner booted from Play Store after discovery of malicious code

After CamScanner introduced intrusive, unskippable full-screen advertisements to its free PDF scanner back in April, it now finds itself in the middle of another controversy. This time, it might mean the end to its life on the Play Store altogether. Kaspersky security researchers found evidence of malware in multiple versions of the app, published between June and July this year. While our own tests conclude that the August versions are free of malware, Google still decided to pull the plug and banned the app that accumulated more than 100 million downloads from the Play Store altogether.

Read More
31

Android Q steps up the fight against overlay-based malware

One of the bigger developer-facing changes we've spotted in Android Q is a mild deprecation of the SYSTEM_ALERT_WINDOW permission which controls overlays. (Think Facebook's chat heads or those Pokémon Go stats apps and you should get the idea.) Sideloaded apps on Android Q will see that permission revoked after 30 seconds, Play Store apps on Q will see it revoked on reboot, and the permission is being taken away entirely on the "Go" version of Android Q.

Read More
22

Rogue adware SimBad found in the Play Store, over 200 affected apps with 150+ million downloads removed

Another day, another security problem. This time, we have what's been dubbed SimBad by the Check Point research team, a rogue adware campaign found to affect over 200 now-removed apps in the Play Store — these apps together accounted for over 150 million downloads. It shows out-of-context ads, exposes users to other malicious apps, and can even open a URL in the browser without the user's consent.

Read More
111

New Year's resolution: Make your friends and family get rid of garbage apps

Many of you are visiting family for the holidays, which means you're sharing meals, telling stories, and exchanging gifts. In fact, quite a few of you may be giving phones or tablets to family members this year. If you're a regular around here, you're probably also known as the resident gadget expert, an honor that is both a compliment and a curse — you know what I'm talking about. While you might be trying to avoid impromptu tech support work, we would like to encourage taking a few minutes to do something for the greater good: Clean the trash apps from your family members' devices.

Read More
46

Some Android devices from ZTE, Archos, and others shipping with 'Cosiloon' malware

ZTE is currently fighting with the US government to lift a trade ban, while federal intelligence committees accuse the company of spying on US consumers. It looks like ZTE might be in even more trouble, as pre-installed malware has been found on several phones from the company. Avast Software has released details about the 'Cosiloon' malware on its blog, which has also been found on devices from Archos, Prestigio, and others.

Read More
12

Kaspersky details super-advanced 'Skygofree' Android trojan

Security firms spot new malware variations all the time, but most of them aren't very sophisticated. They don't have to be to spam ads or track your location. However, the newly identified Skygofree is in a completely different league. According to Kaspersky, this piece of malware possesses features never before seen in the wild.

Read More
56

Cryptocurrency mining malware "Loapi" capable of physically damaging phones

Researchers at Kaspersky Lab have identified a family of modular Android malware dubbed "Loapi," which is capable of mining the Monero cryptocurrency, inundating users with advertisements, automatically subscribing the user to paid services, and participating in DDoS attacks, among other functions. The cryptocurrency mining module maintains a load sufficiently high enough to cause physical damage to a test device after two days—the above photo shows a device which overheated to the point the battery bulged.

Read More