Google has a lot of moving parts behind the scenes, trying to keep malware off of the Play Store. But with seven figures of apps posting and updating constantly, even it doesn't have a perfect record. Such is the claim from a security researcher last week, which said they found ten apps with variations on a trojan horse program. The apps are fairly innocuous based on their title and description, but each is designed to scrape a user's phone for Facebook login credentials.
If you tried to sync your Garmin fitness band or smartwatch to the company's servers over the last few days, you may have noticed that something's awry. After initial reports pointed to a ransomware attack (via ZDNet), Garmin has now publicly confirmed that it's been hit by a cyber attack and that it's working to bring its servers back online over the next few days.
Researchers at Kaspersky Lab have identified a family of modular Android malware dubbed "Loapi," which is capable of mining the Monero cryptocurrency, inundating users with advertisements, automatically subscribing the user to paid services, and participating in DDoS attacks, among other functions. The cryptocurrency mining module maintains a load sufficiently high enough to cause physical damage to a test device after two days—the above photo shows a device which overheated to the point the battery bulged.
Computer security is important, even if the computer in question fits in your hand. There should be no doubt about that fact. However, you should be just as wary of security software as any other app. Case in point: there's a slick new app in the Play Store called Virus Shield. It's got a cool look and it's easy to operate. Just press a single button and your virus shield is activated.
You hear a lot of reports about malware and other undesirable third-party apps these days, especially from security researchers (and people who want to sell you something to make you feel safe). It's undeniable that malicious apps are a problem on an open system, but new data from Google indicates that the amount of actual harm being done might be negligible. QZ.com reports on a presentation from Google's Android Security Chief Adrian Ludwig at the Virus Conference in Berlin. He estimates that .001% of Android apps are able to get past Google's defenses.
A new piece of Android malware has been discovered by security researchers at Kaspersky Labs. That by itself wouldn't be big news, but this Trojan does things no other malicious app has done. It exploits multiple vulnerabilities, blocks uninstall attempts, attempts to gain root access, and can execute a host of remote commands. Backdoor.AndroidOS.Obad.a, as it has been dubbed, is the most sophisticated piece of Android malware ever seen.
There are two previously unknown Android vulnerabilities exploited by Obad. The malware installer contains a modified AndroidManifest.xml file, which is a part of every Android apps. The first big vulnerability is in the processing of this file by the system – it shouldn't be processed at all, but the app installs just fine.
We talked a little bit about Bitdefender's new antivirus offering earlier today in our giveaway post, but now we want to dive a little deeper into the app and explain what makes it good, how it differs from Bitdefender's paid mobile security service, and how it compares to similar antivirus offerings.
The first question you may have is "since Bitdefender's Mobile Security app was already free(mium), why release this?" That answer is actually pretty simple: as of today, the model for Mobile Security has changed to a trial period-only. Basically, you can try the full suite for two weeks, and after that are presented with the option to buy.
We've got an LG Nexus system dump and endless desire to spoil every Googley surprise we can. Today's edition of the Android 4.2 Teardown could be alternatively subtitled "The Super-Serious Security Edition," because we're talking about the sort of stuff that should make your sysadmin jump for joy.
Please keep in mind this is just as forward-facing and time-ambiguous as all my other teardowns. This is a list of new stuff in the 4.2 dump, not a list of "confirmed for 4.2" features. Anything could be cut or not fully implemented by the time 4.2 rolls around; similarly to how bits of Android are currently multi-user aware, yet multi-user functionality isn't accessible.
Yes, it's hard to believe, but Google is working on a malware scanner for the Play Store. The string file doesn't lie:
<string name="package_malware_title">App Check</string> <string name="package_malware_consent_text">"Allow Google to check all apps installed to this device for harmful behavior? To learn more, go to Settings > Security."</string> <string name="package_malware_banner_warning">Installing this app may harm your device</string> <string name="package_malware_banner_blocked">Installation has been blocked</string> <string name="package_malware_recommendation_warning">Google recommends that you do not install this app.</string>
Even if you haven't played it before, there's a decent chance you've seen Plague Inc. around the internet. Usually, it involves seeing a screenshot that informs you your mom has killed thousands of people. If you've ever wondered how you—yes, you!—can also create silly-named diseases that annihilate Earth's population with your Android phone, the answer has arrived! Go here, download the game, then spend 15 minutes staring at the screen trying to come up with something clever. Fair warning: "BieberFever" has already been done to death.
Of course, there is actually a game part to this game. The action is rather slow-going at first, but that's the point.