play store

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Google says it blocked 2.28 million potentially malicious apps from getting into the official Play store last year. It stopped or paused a further 200,000 which didn't correctly use the permissions system. The figure for malicious app blocks is up ... almost half compared with 2022. Google didn't say conclusively whether that means more scammers are trying their luck or if it simply did a better job of detecting them. However, it did note the 2023 figure was "in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review ... (view more)

Google has removed more than a dozen Android apps which offered loans to desperate users, but were actually a scam involving fraud and blackmail. As usual with such removals, it only affects the Play Store and the apps are not automatically deleted ... from phones. The 18 apps in question have been collectively dubbed SpyLoan, and have more than 12 million combined downloads from Google Play this year. They were listed in a variety of language with English variants including Cashwow, 4S Cash and EasyCash. The main target audience appears to be people in countries with a large population and a ... (view more)

Google says malware creators are using a simple workaround to bypass security on the official Play Store for Android apps. The problem is that the simplest fix would undermine one of the key differences between Android and closed systems such as ... Apple. In theory, all apps in the Play Store are vetted for security, including malware checks. That's one of the reasons Google recommends only using the Play Store, while still giving users the choice to get and install Android software from other sources. The problem is that scammers are using an extremely simply workaround called "versioning". ... (view more)

Google has started including detailed privacy information about the Android apps in the official Play Store. It's up to developers to fill out the details and Google won't be checking them in advance. The listings page for each app will now have a ... summary box listing key data privacy and security details. Users can then click or tap through to see more detailed information. The box will note how many types of data the app collects, whether it is stored in encrypted form, and whether user can easily delete it. It will also list if the developer has put the app through an independent privacy ... (view more)

A third-party Android app store has been hit by a big data breach. Aptoide users who registered between 21 July 2016 and 28 January 2018 may be affected. Aptoide works in a same way as Google's own Play app store, but isn't subject to its content ... regulations or security vettings. As with all third-party stores, users must confirm they accept security risks when installing apps from it. A hacker has published data from 20 million users and claims to have details of another 19 million users altogether. That's a big chunk of the 150 million people Aptoide claims have used its service at some ... (view more)

Security researchers have warned of 56 infected Android apps that could compromise performance. They've been deleted from the Google Play Store, but could still be on users' phones and tablets. According to Check Point, the apps contain malware ... designed to hijack phones and simulate user actions to click on ads. That could run down batteries and eat into mobile data allowances. (Source: checkpoint.com ) The 56 apps include 24 supposedly aimed at children, and 32 which offer simple utilities. They all work as designed: the problem is what's happening in the background. (Source: express.co.uk ... (view more)

Apple says it's banning any COVID-19 related apps unless it's certain they come from authoritative sources. It's also banning any game or entertainment apps related to the coronavirus pandemic. The move is particularly significant as it's almost ... impossible to install an app on an iPhone or iPad unless it's been approved by Apple. In contrast, Android users can install unapproved apps from sources other than the official Google Play store, albeit only after confirming they are willing to take the security risk. Apple says that when it comes to COVID-19 content it is "evaluating apps critically ... (view more)

Security researchers say a serious Android bug could let malware pose as a legitimate app and gain unwanted access to a phone's data and functions. The concept of the 'StrandHogg' bug has been known for several years, but now it's being actively ... exploited to target online banking. In simple terms, the bug has two unwanted effects: it can trick users into giving malware sensitive 'permissions' to access the phone, and it can hijack legitimate apps to trick users into handing over login details and sensitive information. Researchers at Promon explain the bug is with a security setting called ... (view more)

Facebook is launching an app that tracks what apps users use on their devices. In return, compensation will be provided. Facebook says only users over 18 years of age can take part in the 'research'. The app is named "Study" and is openly billed as ... being a "market research tool" for Facebook. It's designed for Facebook to learn more about its users, which the company says will help improve its services. Study will collect and transmit details of what apps are on the user's phones, how much time they spend using those apps, and - in some cases - what specific featured they ... (view more)