Security News

How much to infect Android phones via Google Play store? How about $20k
2023-04-10 23:01

If you want to sneak malware onto people's Android devices via the official Google Play store, it may cost you about $20,000 to do so, Kaspersky suggests. Before cybercriminals can share their malicious apps from Google's official store, they'll need a Play developer account, and Kaspersky says those sell for between $60 and $200 each.

Google Play apps will allow users to initiate in-app account deletion
2023-04-06 10:59

Google Play will be pushing Android app developers to allow users to delete their account and associated data from within the app. Google Play has introduced new app account deletion requirements and added Data deletion questions to developers' Data safety form.

Beware rogue 2FA apps in App Store and Google Play – don’t get hacked!
2023-02-27 20:37

On Android, Google offers its own authenticator app, unsurprisingly called Google Authenticator, that you can get from Google Play. Google's add-on app does the job of generating the needed one-time login code sequences, just like Apple's Settings > Passwords utility on iOS. But we're going to assume that at least some people, and possibly many, will perfectly reasonably have asked themselves, "What other authenticator apps are out there, so I don't have to put all my cybersecurity eggs into Apple's basket?".

Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
2023-02-24 09:00

An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "Serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies and labels of the 20 most popular paid apps and the 20 most popular free apps on the app marketplace.

Crypto scam apps infiltrate Apple App Store and Google Play
2023-02-01 12:30

Operators of high-yielding investment scams known as "Pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps. After gaining the victims' trust, the scammers say that they have an uncle working for a financial analysis firm and launch an invitation to trade cryptocurrency via an app on Play Store or App Store.

Shady reward apps on Google Play amass 20 million downloads
2023-01-29 15:16

A new category of activity tracking applications has been having massive success recently on Google Play, Android's official app store, having been downloaded on over 20 million devices. Dr. Web says all three apps communicate with the same remote server address, indicating a common operator/developer.

Android malware apps with 2 million installs spotted on Google Play
2022-12-04 15:11

A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. One app illustrated by Dr. Web that has amassed one million downloads is TubeBox, which remains available on Google Play at the time of writing this.

Week in review: Microsoft fixes many zero-days, malicious droppers on Google Play, IRISSCON 2022
2022-11-13 09:00

Photos: IRISSCON 2022IRISSCON, the annual cyber crime-themed conference organized by the Irish Reporting and Information Security Service, was held in Dublin, Ireland on Thursday, November 10, 2022. Security "Sampling" puts US federal agencies at riskTitania launched an independent research report that uncovers the impact of exploitable misconfigurations on the security of networks in the US federal government.

Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan
2022-11-11 12:33

Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis published Thursday.

Malicious droppers on Google Play deliver banking malware to victims
2022-11-08 11:07

Roid users are often advised to get mobile apps from Google Play, the company's official app marketplace, to minimize the possibility of downloading malware. "Distribution through droppers on official stores remains one of the most efficient ways for threat actors to reach a wide and unsuspecting audience. Although other distribution methods are also used depending on cybercriminals targets, resources, and motivation, droppers remain one of the best option on price-efforts-quality ratio, competing with SMiShing," Threat Fabric researchers recently pointed out, after sharing their discovery of several apps on Google Play functioning as droppers for the Sharkbot and Vultur banking trojans.