Android Apps With a Million Downloads Led Users to Phishing Sites
Security experts at Malwarebytes have discovered a group of four apps totaling millions of downloads overall that have been infected with the HiddenAds malware. The apps are listed on google Play and were published by Mobile apps Group. The apps pertain to Bluetooth functions such as ‘Bluetooth Auto Connect’ and
7 password-stealing Android apps removed from Google Play
Security researchers at Trend Micro reported that seventeen malicious apps designed to infect Android users have been removed from the Google Play Store. The apps used banking malware and have been dubbed DawDropper. The malware campaign leverages four types of banking trojans, Octo, TeaBot, Hydra, and Ermac. The attack type
Millions of Android Users Scammed in SMS Fraud Driven by Tik-Tok Ads
Threat actors are reportedly using malicious Android apps to scam users into signing up for fraudulent premium SMS subscription services. The scam results in victims’ racking up massive phone bill charges. The campaign is reportedly being driven by TikTok ads. Security firm Avast first uncovered the campaign, which it has
Android app users targeted with cryptomining scams
More than 170 Android apps, including 25 from Google Play were caught trying to scam people by offering cryptomining services for a fee but failing to return anything. Security firm Lookout said these apps did not get caught for scamming people because they didn’t do anything malicious but acted as
Cloud Cryptomining Swindle in Google Play Rakes in Cash
According to Lookout, at least 25 different apps available in the Google Play store have lured thousands of victims into downloading malicious applications that promise to help users gain cash through crypto mining. The Android apps are estimated to have scammed more than 93,400 victims to date, totaling roughly $350,000
Google Play developer accounts to require 2FA and a physical address
Google is attempting to validate whether app developers are real people by changing the information requirements for people with Play Store developer accounts. Currently, developers simply need to provide an email address and phone number to create an account. Google plans to change the requirements to asking developers whether the
Fifth of Google Play Apps Violate Child Protection Law
A recent study by consumer rights firm Comparitech found that one in five apps available on the Google Play Store that are designed for children break federal law regarding child protection. Comparitech analyzed the top 300 free and top 200 paid apps on the marketplace under the children and family
New wormable Android malware poses as Netflix to hijack WhatsApp sessions
A new variant of Android malware has been discovered by researchers at Check Point, who reported that the mobile malware was discovered in the Google Play Store. The wormable malware has been named FlixOnline and disguises itself as a legitimate Netflix brand application. The app then appears to target the
With one update, this malicious Android app hijacked millions of devices
Google Play has been battling malicious apps for years, and the most recent to sneak into the Play Store has hijacked roughly 10 million devices. The application in question is a popular barcode scanner app that was transformed into malware with one update. The app had been available on the
Google Duo may soon stop working on uncertified Android devices
Google Duo may soon fail to operate on Andriod devices that are uncertified, following suit with the Google Messages app which made the same move. Earlier this week, Google Messages included a notice that the app would cease to work on uncertified Andriod devices or certain devices that are not