Security News
Google on Tuesday officially began rolling out a new "Data safety" section for Android apps on the Play Store to highlight the type of data being collected and shared with third-parties. "Users want to know for what purpose their data is being collected and whether the developer is sharing user data with third parties," Suzanne Frey, Vice President of product for Android security and privacy, said.
Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if left unresolved, could allow an adversary to remotely gain access to media and audio conversations from affected mobile devices. According to Israeli cybersecurity company Check Point, the issues could be used as a launchpad to carry out remote code execution attacks simply by sending a specially crafted audio file.
Security analysts have found that Android devices running on Qualcomm and MediaTek chipsets were vulnerable to remote code execution due to a flaw in the implementation of the Apple Lossless Audio Codec. We encourage end users to update their devices as security updates have become available.
A banking trojan for Android that researchers call Fakecalls comes with a powerful capability that enables it to take over calls to a bank's customer support number and connect the victim directly with the cybercriminals operating the malware. While the victim sees the bank's real number on the screen, the connection is to the cybercriminals, who can pose as the bank's customer support representatives and obtain details that would give them access to the victim's funds.
A banking trojan for Android that researchers call Fakecalls comes with a powerful capability that enables it to take over calls to a bank's customer support number and connect the victim directly with the cybercriminals operating the malware. While the victim sees the bank's real number on the screen, the connection is to the cybercriminals, who can pose as the bank's customer support representatives and obtain details that would give them access to the victim's funds.
A new Android banking malware named Octo has appeared in the wild, featuring remote access capabilities that allow malicious operators to perform on-device fraud. Octo is an evolved Android malware based on ExoCompact, a malware variant based on the Exo trojan that quit the cybercrime space and had its source code leaked in 2018.
Google has announced several key policy changes for Android application developers that will increase the security of users, Google Play, and the apps offered by the service. These new developer requirements will take effect between May 11th through November 1st, 2022, giving developers enough time to adjust to the new changes.
Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million installs of the apps. The apps collected this data through a third-party SDK that includes the ability to capture clipboard content, GPS data, email addresses, phone numbers, and even the user's modem router MAC address and network SSID. This sensitive data could lead to significant privacy risks for the users if misused or leaked due to poor server/database security.
Malicious Android apps found masquerading as legitimate antivirus tools. In a report released Thursday, the cyber threat intelligence provider detailed its discovery of six apps in Google Play that appeared to be antivirus software but actually tried to install malware capable of stealing credentials and financial data.
If you go off-market, things can get much more dangerous, not least because there are many unofficial Android app stores out there where pretty much anything goes, including some app repositories that deliberately pitch themselves as a handy place to get at software that Google "Doesn't want you to have". As an aside, you might think that no one would deliberately seek out apps that clearly wouldn't be permitted on Google Play, or that have already been rejected by Google.