Security News

Android 14 to let you block connections to unencrypted cellular networks
2023-08-08 16:00

Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. Roid 14 will allow consumers and enterprises to turn off support for 2G on their devices or a managed device fleet and disable support for null-cipher cellular connectivity at the modem level.

Google explains how Android malware slips onto Google Play Store
2023-08-04 17:04

The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google Play Store's review process and...

European Bank Customers Targeted in SpyNote Android Trojan Campaign
2023-08-01 11:11

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. What makes the malware strain notable is its dual functions as spyware and perform bank fraud.

Android n-day bugs pose zero-day threat
2023-08-01 11:08

In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google's review of zero-days exploited in the wild in 2022. The problem is considerable in the Android ecosystem, since Google's Android security team often quickly pushes out patches for zero-days but downstream original equipment manufacturers may take a while to release a fix for users to apply.

Hackers steal Signal, WhatsApp user data with fake Android chat app
2023-07-31 19:26

Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones. The Android spyware is suspected to be a variant of "Coverlm," which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.

Google: Android patch gap makes n-days as dangerous as zero-days
2023-07-30 14:16

Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. Once Google learns about it, it becomes an n-day, with the n reflecting the number of days since it became publicly known.

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
2023-07-29 08:10

A new Android malware strain called CherryBlos has been observed making use of optical character recognition techniques to gather sensitive data stored in pictures. Besides displaying fake overlays on top of legitimate crypto wallet apps to steal credentials and make fraudulent fund transfers to an attacker-controlled address, CherryBlos utilizes OCR to recognize potential mnemonic phrases from images and photos stored on the device, the results of which are periodically uploaded to a remote server.

New Android malware uses OCR to steal credentials from images
2023-07-28 15:31

Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. The malicious apps use various distribution channels, including social media, phishing sites, and deceitful shopping apps on Google Play, Android's official app store.

Flipper Zero now has its own app store for iOS, Android users
2023-07-24 17:22

The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool. With the launch of the Flipper Apps app store, the Flipper Zero community will be able to comfortably install apps specifically created for and confirmed to work on the device.

APT41 hackers target Android users with WyrmSpy, DragonEgg spyware
2023-07-20 11:01

The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers. While APT41 hackers usually breach their targets' networks via vulnerable web apps and Internet-exposed endpoints, Lookout says the group also targets Android devices with WyrmSpy and DragonEgg spyware strains.