Security News

A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. The same team of Norwegian cybersecurity researchers today unveiled details of a new critical vulnerability affecting the Android operating system that could allow attackers to carry out a much more sophisticated version of Strandhogg attack.

A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. The same team of Norwegian cybersecurity researchers today unveiled details of a new critical vulnerability affecting the Android operating system that could allow attackers to carry out a much more sophisticated version of Strandhogg attack.

UPDATE. A new Android malware family has been discovered, which targets popular messaging apps like WhatsApp and Facebook Messenger to gather intelligence on Android victims. Researchers assess with "High confidence" that the malware is operated by Wolf Research, a Germany-based spyware organization that develops and sells espionage-based malware to governments.

Security researchers at Bitdefender have identified a highly sophisticated Android spyware platform that managed to remain undetected for four years. Dubbed Mandrake, the platform targets only specific devices, as its operators are keen on remaining undetected for as long as possible.

A newly uncovered strain of Android spyware lurked on the Google Play Store disguised as cryptocurrency wallet Coinbase, among other things, for up to four years, according to a new report by Bitdefender. Beginning with an innocuous-looking dropper hosted on the Google Play store, masquerading as one of a number of legitimate apps, Mandrake allowed its Russian operators to snoop on virtually everything unsuspecting targets did on their mobile phone.

Privacy pressure group Noyb has filed a legal complaint against Google on behalf of an Austrian citizen, claiming the Android Advertising ID on every Android device is "Personal data" as defined by the EU's GDPR and that this data is illegally processed. The complaint against Google, which was filed with the Austrian Data Protection Authority, is based on the claim that Google's Android operating system generates the advertising ID without user choice as required by GDPR. "In essence, you buy a new Android phone, but by adding a tracking ID they ship you a tracking device," said Noyb lawyer Stefano Rossetti.

Comparitech security researchers have discovered that thousands of Android applications distributed through Google Play leak sensitive information due to Firebase misconfigurations. Overall, 4.8% of all mobile apps using Firebase are believed to be leaking personal information, access tokens, and other types of data.

Security researchers at Comparitech have reported that an estimated 24,000 Android apps are leaking user data because of misconfigured Firebase databases. Data is secured using rules which "Work by matching a pattern against database paths, and then applying custom conditions to allow access to data at those paths", according to the docs.

More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data. "4.8 percent of mobile apps using Google Firebase to store user data are not properly secured, allowing anyone to access databases containing users' personal information, access tokens, and other data without a password or any other authentication," Comparitech said.

More than 4,000 Android apps that use Google's cloud-hosted Firebase databases are 'unknowingly' leaking sensitive information on their users, including their email addresses, usernames, passwords, phone numbers, full names, chat messages and location data. "4.8 percent of mobile apps using Google Firebase to store user data are not properly secured, allowing anyone to access databases containing users' personal information, access tokens, and other data without a password or any other authentication," Comparitech said.