Items tagged with Apps
Adware is rampant in app stores. Google, Apple, and others frequently take down malicious apps, but it can be difficult to determine who published these apps in the first place. ESET researchers recently discovered not only a year-long adware campaign, but the developer behind it. ESET researchers found a total of 42 apps with similar adware on Google Play. The campaign had been running since 2018 and the apps were installed over 8 million times. Many of the apps had already been removed and the researchers reported the remaining outliers to Google. These apps have now all been deleted from the Google Play Store, but you may still find them in third-party app stores. You can find a complete list...
Read more...
The number of malicious Android apps that make it to the Google Play store continues to grow at an alarming rate. Sophos has issued a new report regarding 15 apps on Google Play that are abusive and designed to do nothing but serve ads to smartphone users. On top of spamming users with ads on their mobile devices, they hide their app icons in the launcher to make it hard for users to find and remove the apps. Sophos says that some of the apps take things a bit further and disguise themselves in the Phone app settings page. In total, these apps have been installed on more than 1.3 million devices globally. One of the apps that Sophos has discovered goes so far as to launch the first time and seemingly...
Read more...
172 Malicious Android Apps With Over 300 Million Installs Discovered In Google Play Store Last Month
The battle against malware never ends. Nearly 200 harmful apps were discovered in the Google Play Store in September 2019. These apps were installed by over 335 million users. Most of the harmful ads contained malicious or misleading malware. These apps were downloaded by more than 300 million people. Google removed 46 apps alone from Chinese developer iHandy. Most of their apps feature tools for selfies, security and antivirus utilities, keyboards, horoscopes, emoji, and health. The developer claims that they attract more than 180 million monthly users. Google noted that the apps included “deceptive or disruptive” ads, which violates their policies. The apps even drained users' batteries...
Read more...
Last week Google gutted around 46 apps that were pushed from a single Chinese developer. The developer goes by the name of iHandy, and when Google axed the apps, it didn't say why it removed them. A new report is now indicating that the reason why Google removed the apps was due to "deceptive or disruptive ads." A Google spokesperson told BuzzFeed that Google Play developer policies explicitly prohibit these types of ads. Google notes that the policies are in place to create the best experience for users and notes that when violations of its policies are found, "we take action." The apps are another example of adware and malware on the Google Play store that isn't being discovered...
Read more...
A new app rocketed to the top of the Chinese Apple App Store charts over the weekend called Zao. The app launched in China on Friday and allows users to swap their faces with film or TV characters very easily. The app required users to submit a series of selfies to the app where the user blinks, moves their mouth, and makes facial expressions. The app then uses the selfies submitted to realistically morph the person's animated likeness on to popular characters in movies, TV, and other content. The deepfake tech is so good at putting faces onto the bodies of other people that some have been concerned about the potential for misuse. Some who downloaded the app were also very critical of the...
Read more...
I can no longer scroll through my Facebook or Twitter feed without seeing an image of someone I know who has been digitally aged, or altered in some other way. That's because FaceApp has gone viral again. In case you missed it (impossible at this point), this mobile application lets you apply various filters to your selfies and photos, and the in-thing to do right now is to use the Age filter and post the result. While hugely popular, there are some privacy implications that come with it. It is not just your Facebook friends and family members who are goofing around with FaceApp—celebrity actors, athletes, and musicians are also partaking in the fun. And yes, it is fun (and funny). One...
Read more...
Well, this is surprising—a new security report makes the bold claim that "all mobile applications are vulnerable" to one kind of threat or another, and it really does not matter whether you are using Android or iOS. In fact, according to the report, iOS is not only just as insecure as Android, but even more so, if looking at the more critical vulnerabilities that exist. The report was put together by researchers at Positive Technologies, a global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection (according to the company's About page). According to the report, users downloaded mobile apps over...
Read more...
Google can't seem to figure out how to stop nefarious developers from offering apps via Google Play that are filled with malware and adware. In April, word surfaced that apps with ties to a group called DU Group were committing click fraud and amassed over 50 million downloads. A new group of apps with far more downloads with ties to China is now wreaking havoc and allegedly making some Android devices almost unusable. Researchers from mobile security firm Lookout have announced that 238 apps on Google Play with an aggregate of over 440 million downloads have been found to contain the BeiTaAd plugin. That plugin is a strain of adware that can make Android devices incredibly difficult to use once...
Read more...
A software development company out of the UK called Collabora has unveiled something that Linux users will be excited about. The software is called SPURV, and it is described as an "experimental containerized Android environment" that is designed to allow Linux users to run Android apps in windows alongside native applications on desktop Linux. In a nutshell, SPURV creates a virtual Android device on the Linux host machine. SPURV has components that allow the Android environment to play audio, connect to networks, and use hardware-accelerated graphics through the underlying Linux system. One key difference between SPURV and other ways of running Android on Linux systems is the support for running...
Read more...
Microsoft has announced an update to the revenue sharing deal it has with developers of apps that are offered via the Microsoft Store. The updated Microsoft Store App Developer agreement allows develops to keep more of the revenue their apps generate if certain conditions are met. The new fee structure will put up to 95% of the revenue that apps sold on the store generates into the pocket of the devs. One of the caveats is that to get the 95% revenue split; developers must implement referring traffic URLs with a CID. Sales that result from other methods with urls featuring an OCID, such as when an app is found in a Microsoft Store collection, via Microsoft Store search, or via other Microsoft-owned...
Read more...
Privacy is a big issue for users of the social network Facebook. The company has been called out for violating the privacy of users multiple times and faces fines that could be in the billions from the FTC. While Facebook will shutter one of its apps for privacy issues, called Onavo, there are still multiple third-party apps that collect all sorts of highly personal data, and shares that data with Facebook. Late last week a report surfaced that called out several apps that were sharing data on the health and fitness of users without permission. Four of those apps have stopped sending sensitive data, such as the weight of users and information on women's menstrual cycles, to Facebook. Apps noted...
Read more...
One of the first things that most people do when they get a new Android device is to log into their Google account. That allows the preinstalled apps to update automatically, among other things. Updates are important because often the update is meant to patch some sort of flaw that makes the app or device unstable or to patch a security hole that leaves devices vulnerable. The problem is that not everyone logs into a Google account on their device. That means apps are left unpatched and Google wants to change that. Google is sending out messages to developers who preload apps on devices letting the devs know that it would be testing a feature that allows the apps to update even if the user fails...
Read more...
Google still has a massive malware problem within the Google Play store. In November, we learned that apps from Cheetah Mobile had been part of a massive click fraud scheme that saw apps from it and Kika Tech stealing millions of dollars in fraudulent clicks. The apps had reportedly been downloaded around 2 billion times in total. A malware-infected QR Reader app had racked up 500,000 downloads in March of last year before being removed from the store. Now Google has reportedly removed another 85 apps from Google Play because they were malware laden. The batch of 85 apps wasn't removed from the Google Play store until analysts with Trend Micro discovered that the apps had malware inside....
Read more...
Reports are making the rounds that some Samsung Galaxy smartphone owners who are fed up with Facebook after privacy blunders that leaked pictures and its history of sharing data without permission can't uninstall the app on their device. Some Galaxy S8 owners are unable to delete the Facebook app completely from their devices; all owners can do is select an option to disable the app. Owners fear that by disabling the app rather than uninstalling it, Facebook might still be able to track them and share their data without permission. There is a movement trying to get people to delete Facebook in protest of its privacy and security issues. A Facebook spokesperson told Bloomberg that disabling...
Read more...
It's not a good time to be an Android user who frequents the Google Play Store for apps. Just over the last few weeks, malware-laden apps that had been downloaded over half a million times were found on the Play Store. Apps from Cheetah Mobile were also found to be committing click fraud and running down the batteries inside user devices. Reports are now surfacing that Google has now pulled another batch of 22 apps from the Google Play Store that had been downloaded over 2 million times cumulatively. The newest apps discovered to be malicious had a so-called "device-draining backdoor" that allowed them to download files from a server controlled by the attacker. The most disturbing part is...
Read more...
Android users who think the apps they download on the Google Play store are safe and secure would be wrong in many cases. Malware and other fraudulent apps often run rampant within the Google Play Store. Now a new report claims that seven apps from Cheetah Mobile and one from Kika Tech that have a combined 2 billion downloads via Google Play are part of a massive ad fraud scheme. The two companies are related; Kika Tech reportedly had a significant investment from Cheetah in 2016. The ad fraud scheme was outed by research firm Kochava, and according to the researchers, these fraudulent apps could have stolen millions of dollars. Cheetah and Kika combined claim they have 700 million active users...
Read more...
The app market for just about every platform out there is rife with developers who use nefarious techniques to trick users into giving them access to their valuable personal data. You might expect this to be a problem with third-party app stores for Android devices, but some might be surprised to learn that Apple is having an issue with nefarious developers and apps offered for download on the highly-guarded Mac App Store. The tip-off that something nefarious might be going on with apps for your Mac comes when the app asks for access to the home directory in macOS. At least a handful of apps available for Mac users that ask for that permission are using that access to steal user data such...
Read more...
Is your smartphone secretly recording your screen activity? It turns out that conspiracy theorists may have some justification for their concern. Computer scientists from Northeastern University determined that some apps do violate a user’s privacy by quietly capturing pictures, videos, and recorded audio. According to the Northeastern University scientists, their research was the “first large-scale empirical study of media permissions and leaks from Android apps, covering 17,260 apps from Google Play, App China, Mi.com, and Anzhi.” The researchers worked with ten Android devices and an automated program to use the apps and determine whether any media files were sent to...
Read more...
Google is rolling out something akin to DRM for Android APKs as a way to verify that apps originated from the Play Store. Rogue apps that are malware-ridden are running rampant these days, so this is just an extra layer of security that Google is implementing to help safeguard Android users from attacks. The new DRM has a single goal, and that is to allow users to be certain that an app they are using is genuine and hasn't been tampered with. The number of apps that have been found with malware inside or to be outright fake is ever growing in the Android realm. Late last year it was found that a fake WhatsApp app had racked up over a million downloads. To be clear, Google isn’t billing...
Read more...
Knowledge is power, but it can also be frightening, in a sobering kind of way. Have you ever wondered how much time you spend online, and specifically on Facebook? That's something you might not want to know, especially if you fire up the social network's app on your phone several times throughout the day. If you are curious, however, it looks like Facebook will soon oblige by introducing a new 'Your Time on Facebook' tool. This has not been released yet, or even announced by Facebook. Nevertheless, it will eventually com to fruition, as the unreleased tool was discovered in Facebook's app for Android devices. When selected, the tool shows the average number of minutes per day you've spent in...
Read more...
Technology companies that collect any sort of data are scrambling to be sure that they are being as careful in the wake of Facebook's Cambridge Analytica privacy problems. The latest tech firm to take a hard look at user privacy is Apple, with reports that it is cracking down on apps that share location data with third-party companies. Apple has begun removing the apps in question from the App Store if it finds that data is being shared and notifying the developers of the app that they have violated two different listing guidelines (sections are 5.1.1 and 5.1.2 of the App Store Review Guidelines). Those guidelines have to do with transmitting user location data and user awareness of data collection....
Read more...
WhatsApp users have been forwarding a message around that some might find incredibly annoying. The message will cause the app to hang for a bit, after which it will then function normally. No malicious content is transferred with the message according to reports. The message reads "If you touch the black point your WhatsApp will hang." The message is then forwarded by a black dot and in some cases emojis. Naturally, a good portion of the people who get it can't resist the temptation to touch the black dot. As for why the message can cause WhatsApp to hang, it has to do with symbols included in the message that WhatsApp doesn’t recognize. Since the app doesn't recognize the characters,...
Read more...
