app

A useful web feature could be a serious phishing risk according to security researchers. They say scammers are using "progressive web apps" to bypass Android and iOS security features. In simple terms, a progressive web app is a mix of a website and ... a standalone application. It's technically a website and uses web technologies, allowing for instant updates. However, it looks and feels more like a standalone app and can often access more of a device's resources than a web browser. Security firm ESET says scammers are using progressive web apps as a way to overcome a major limitation in scams ... (view more)

Android scammers are using a creatively nasty way to spread malware. They've disguised it as an update for the Google Play store itself. It's a particularly cheeky way to try to get credibility for a malware scam. Not only is Google Play the ... official place to get Android apps in the first place, but the best and simplest Android security tip is to only use apps from Google Play. In this case, the malware doesn't originate as an app but instead as a bogus link. This could be on a web page, in a text message or in an email. The supposed source is Google itself and the link comes with a message ... (view more)

A new form of Android malware can hijack legitimate apps. "Dirty Stream" take advantage of a legitimate function designed to make life easier for users. The function is called ContentProvider and allows one mobile app to access data from, or ... communicate with, another app. It makes it possible to, for example, open a PDF attachment from a messaging app in a dedicated PDF reader app. The people behind the DirtyStream malware found a vulnerability in the way ContentProvider worked. This made it possible not only to force another app to open a compromised file, but to then use the contents to ... (view more)

Google says it blocked 2.28 million potentially malicious apps from getting into the official Play store last year. It stopped or paused a further 200,000 which didn't correctly use the permissions system. The figure for malicious app blocks is up ... almost half compared with 2022. Google didn't say conclusively whether that means more scammers are trying their luck or if it simply did a better job of detecting them. However, it did note the 2023 figure was "in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review ... (view more)

Apple has confirmed some users will be able to download iOS apps from websites rather than an app store. But the relaxation of rules comes with a major limitation. The new policy applies to European Union countries and is part of Apple's response to ... the Digital Markets Act. That's a new rule that says operators of services with a very large number of users in Europe must remove some barriers to competition. These generally include opening services up to third party access. That includes iOS apps were historically Apple has strictly enforced a rule that users can only install apps from its ... (view more)

Major tech companies including Microsoft and Meta say Apple is trying to weasel out of a court ruling on the way it handles app payments. They've weighted in on a court dispute about how to enforce a judgment against Microsoft. The case centers on ... in-app payments where people who've already installed an app give extra money to the app developers. Common examples include subscriptions to a digital service or payments for additional content in games. Apple demands a cut of either 15 or 30 percent of such payments made through its payment handling services. Critics, including games maker Epic, ... (view more)

Apple appears to be exploring loopholes in its recent agreement to allow iPhone users to install apps from sources other than its official store. It wants to continue reviewing apps and taking commission from developers, which could significantly ... undermine the effect of the changes. The company has until March 7 to comply with new rules in Europe. Rather than fight the rules or pull out of the market altogether, it decided to allow sideloading for users in European Union countries . Unlike with some physical device changes made to meet European rules, Apple won't be extending the policy to ... (view more)

Apple is reportedly planning to allow iPhone owners to use third-party app stores and "sideloaded" apps. But the move appears to be limited to Europe, complying with local regulations. Throughout the existence of the iPhone and iPad, Apple has been ... adamant about only allowing users to install software downloaded from the official Apple store. It argues that's necessary to maintain security and ensure compatibility and performance to make sure users get the best experience. Cynics counter it's actually about maintaining a monopoly on supplying apps, giving Apple more power to charge ... (view more)

Apple says it will demand a court order before handing over details of a user's push notifications. It follows revelations that foreign officials were using the tactics for surveillance, with questions asked about whether the Department of Justice ... does the same in the US. A push notification is a message created by an app and shown on the phone screen even if the app itself is closed. This could be anything from a summary of a new email to a breaking story from a news app. Senator Ron Wyden wrote to the DOJ earlier this month to report a tip that both US and foreign governments (said to be ... (view more)

Google has removed more than a dozen Android apps which offered loans to desperate users, but were actually a scam involving fraud and blackmail. As usual with such removals, it only affects the Play Store and the apps are not automatically deleted ... from phones. The 18 apps in question have been collectively dubbed SpyLoan, and have more than 12 million combined downloads from Google Play this year. They were listed in a variety of language with English variants including Cashwow, 4S Cash and EasyCash. The main target audience appears to be people in countries with a large population and a ... (view more)