Security News

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. A report from Fox-IT, part of the NCC Group, warns that a new, more evasive version of Vultur spreads to victims through a hybrid attack that relies on smishing and phone calls that trick the targets into installing a version of the malware that masquerades as the McAfee Security app.

Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of an app and facilitating interactions with the Dalvik VM, other apps' IPC endpoints, and the operating system.

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. HUMAN discovered the first PROXYLIB carrier app in May 2023, a free Android VPN app named "Oko VPN." The researchers later found the same library used by the LumiApps Android app monetization service.

With iOS 17.4, Apple introduced a new choice screen that asks EU users to select a default web browser from a list of randomly listed browsers, including Opera. Google also rolled out a similar browser choice screen to Android users on March 6th, which will be shown during the initial setup of an Android smartphone or tablet.

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed. PixPirate is a new Android malware first documented by the Cleafy TIR team last month seen targeting Latin American banks.

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The...

RiskInDroid is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. "A user should be able to quickly assess an application's level of risk by simply glancing at RiskInDroid's output, and they should be able to compare the app's risk with others easily," Gabriel Claudiu Georgiu, developer of RiskInDroid, told Help Net Security.

Microsoft has unexpectedly announced they are ending support for the Windows Subsystem for Android next year on March 5th. The Windows Subsystem for Android allows users to run native Android apps in a virtualized environment with sound, graphics, and network connectivity. Released in October 2021, WSA quickly became a novelty for allowing users to install apps from the Amazon App Store in Windows 11.

Brave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called "Leo" is rolling out on the Android version of its browser through the latest release, version 1.63. Brave says its AI assistant stands out for its ability to provide high-quality, relevant answers with fewer errors, thanks to leveraging several advanced large-language models like Mixtral 8x7B, Claude Instant, and Llama 2 13B, with Mixtral set as the default for its multilingual capabilities and superior performance.

In 2004, Android was two people who wanted to build camera software but couldn't get investors interested. Roid is a large team at Google today, delivering an OS to over 3 billion devices worldwide.