Security News

Thousands of mobile applications for Android contain hidden behavior such as backdoors and blacklists, a group of researchers has discovered. Set to discover such behaviors, researchers from The Ohio State University, New York University, and CISPA Helmholtz Center for Information Security came up with a tool that can detect "The execution context of user input validation and also the content involved in the validation," thus finding any secrets of interest.

How to set up an Android phone as your security key for your Google account. Set up two-step verification for your Google account through your phone or a computer by signing into the webpage for your Google account.

Roid apps are snooping on other software on your device - and that could tell shady advertising companies more about you than you'd like. The researchers studied 14,342 free Android apps in the Google Play Store, along with 7,886 open-source Android apps.

Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps. Now in a fresh twist, third-party Android app developers too have begun to take advantage of the situation to use coronavirus-related keywords in their app names, descriptions, or in the package names so as to drop malware, perpetrate financial theft and rank higher in Google Play Store searches related to the topic.

Join Sophos experts for the latest cybersecurity news and advice.

More than 50 Android apps on the Google Play Store-most of which were designed for kids and had racked up almost 1 million downloads between them-have been caught using a new trick to secretly click on ads without the knowledge of smartphone users. While the offending apps have been removed from Google Play, the find by Check Point Research is the latest in an avalanche of ad fraud schemes that have plagued the app storefront in recent years, with malware posing as optimizer and utility apps to perform phony clicks on ads.

Researchers have discovered a new family of auto-clicker malware that commits mobile ad fraud, lurking in 56 apps on the Google Play store. Google's uphill battle against malware on Google Play is well known, and the vendor has made a concerted effort in the last couple of years to get rid of bad or unpatched apps and malware.

A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices. "Malware could steal cookie files of any website from other apps in the same way and achieve similar results."

Amid numerous malicious attacks leveraging the current COVID-19 coronavirus crisis, security researchers have discovered an Android surveillance campaign targeting users in Libya. One of the COVID-19-themed attacks appears to be part of a larger mobile surveillance campaign operating out of Libya and targeting Libyan individuals, Lookout reveals.

Do you know what information you share within the Google ecosystem? You can easily control what is visible or hidden, from with your Android device. Find out how.