Security News

An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "Serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies and labels of the 20 most popular paid apps and the 20 most popular free apps on the app marketplace.

Operators of high-yielding investment scams known as "Pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps. After gaining the victims' trust, the scammers say that they have an uncle working for a financial analysis firm and launch an invitation to trade cryptocurrency via an app on Play Store or App Store.

A new category of activity tracking applications has been having massive success recently on Google Play, Android's official app store, having been downloaded on over 20 million devices. Dr. Web says all three apps communicate with the same remote server address, indicating a common operator/developer.

A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. One app illustrated by Dr. Web that has amassed one million downloads is TubeBox, which remains available on Google Play at the time of writing this.

Photos: IRISSCON 2022IRISSCON, the annual cyber crime-themed conference organized by the Irish Reporting and Information Security Service, was held in Dublin, Ireland on Thursday, November 10, 2022. Security "Sampling" puts US federal agencies at riskTitania launched an independent research report that uncovers the impact of exploitable misconfigurations on the security of networks in the US federal government.

Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis published Thursday.

Roid users are often advised to get mobile apps from Google Play, the company's official app marketplace, to minimize the possibility of downloading malware. "Distribution through droppers on official stores remains one of the most efficient ways for threat actors to reach a wide and unsuspecting audience. Although other distribution methods are also used depending on cybercriminals targets, resources, and motivation, droppers remain one of the best option on price-efforts-quality ratio, competing with SMiShing," Threat Fabric researchers recently pointed out, after sharing their discovery of several apps on Google Play functioning as droppers for the Sharkbot and Vultur banking trojans.

In brief A quartet of malware-laden Android apps from a single developer have been caught with malicious code more than once, yet the infected apps remain on Google Play and have collectively been downloaded more than one million times. Google Play has a history of hosting malicious apps, with perhaps one of the most egregious cases coming to light this past July when 60 apps installed by more than 3.3 million users were taken down due to malware.

At the time of publishing, the apps are still present on Google Play under a developer account called Mobile apps Group, and have a total install count of more than one million. According to a report from Malwarebytes, the same developer was exposed twice in the past for distributing adware on Google Play but it was allowed to continue publishing apps after submitting cleaned versions.

A set of Android malware droppers were found infiltrating the Google Play store to install banking trojans pretending to be app updates. Malware droppers are a challenging category of apps to stop because they do not contain malicious code themselves and thus can more easily pass Google Play reviews when submitted to the store.