Items tagged with Google Play
The security research team at Comparitech has conducted an audit of hundreds of thousands of apps on the Google Play store. The research team found common misconfigurations on Google Firebase databases that allow unauthorized parties to find and access personal data of users. Firebase is one of the most popular storage solutions for Android Apps, used by an estimated 30% of all apps on Google Play. Researchers discovered during their investigation that 4.8% of mobile apps using Firebase aren't properly secured and allow anyone access to the databases containing the personal information of users, access tokens, and other data without a password or any authentication. The security researchers examined...
Read more...
Epic and Google have long aired their dirty laundry in a public feud over how much money the latter takes in profits from games in the Google Play Store. Now, Epic Games has finally caved and is putting Fortnite on the Google Play Store, but it's not at all happy about it. When Fortnite for Android launched, Epic sidestepped the Play Store and made the game downloadable directly from the Epic website, cutting off a sustainable revenue stream for Google. The game may be landing on the Play Store, but Epic says that it will still be available from Fortnite.com moving forward. Now that Fortnite is available on the Play Store, most users will download it there because of the convenience. Google makes...
Read more...
There are a bunch of movie streaming services out there for people to choose from to watch movies and TV shows on the go and at home. Google is gearing up to get into the streaming movie segment in a much bigger way with ad-supported free movies. The tip on the free movies comes from an APK teardown. As it stands now, Google Play Movies & TV allows customers to purchase or rent individual movies and TV episodes. The APK teardown found code that reads, "Hundreds of movies, just a few a few ads." Other parts of the code says "Introducing" and "Watch free with ads." The code was found in version 4.18.37 of the Android application. It's unclear how much of the Google library might be available...
Read more...
As with many things in life, when it comes to mobile app security, you win some and you lose some. So it goes for Google and its Play Store. A new 2019 Mobile App Thread Landscape Report put together by RiskIQ pegs the Play Store as being the second most dangerous place to download apps, in terms of the number of malicious apps that were hosted last year. At the same time, the Play Store showed a big decline in malicious apps in 2019. This is somewhat of an important ranking, considering that users downloaded over 200 billion apps in 2019, and spent more than $120 billion in app stores around the world, according the report. Looking ahead, the RiskIQ expects both figures to be even higher for...
Read more...
Android Trojan xHelper haunted the Google Play Store in 2019. After several months, it appeared that the malware had disappeared. Unfortunately, xHelper was not dead but only sleeping. Security researchers at Malwarebytes Lab recently discovered that xHelper was once again infecting devices and that its reinfection seemed to be triggering off from Google Play. Android Trojan xHelper first appeared in Spring 2019 and infected over 45,000 devices. xHelper targeted users in India, the United States, and Russia. It is a malware dropper whose main purpose is to provide a backdoor to attackers. The attackers can then install other apps, steal data, or even take over the device. A Malwarebyte forum...
Read more...
It as seems as Google is getting its ducks in a row in preparation for its Stadia cloud gaming service going live later this month. Ahead of Stadia's launch on November 19, Google has made available a Stadia app for Android in the Play Store. Anyone who owns a compatible handset can head over there right now and download it. Stadia will enable to gamers to play titles like Red Dead Redemption 2, Borderlands 3, and Cyberpunk 2077 (to name just a few of the bigger hits arriving on the platform) on desktops and laptops, on Chrome OS devices, and on televisions through a Chromecast Ultra dongle. It can also be played on Pixel 2 and later handsets. In its current form, the Stadia app is listed at...
Read more...
Adware is rampant in app stores. Google, Apple, and others frequently take down malicious apps, but it can be difficult to determine who published these apps in the first place. ESET researchers recently discovered not only a year-long adware campaign, but the developer behind it. ESET researchers found a total of 42 apps with similar adware on Google Play. The campaign had been running since 2018 and the apps were installed over 8 million times. Many of the apps had already been removed and the researchers reported the remaining outliers to Google. These apps have now all been deleted from the Google Play Store, but you may still find them in third-party app stores. You can find a complete list...
Read more...
A new app called Gradient has gone viral. The point of the app is to take a picture of you and then gradually match you with your celebrity look alike. It's certainly not the first app of the sort that is meant to show users who their celeb look-alike is, among other things. Gradient is available for iOS and Android devices and is developed by a group called Ticket to the Moon Inc. The app has seen a boom in popularity recently as it has been used and the results of its matchups shared by celebrities like Jimmy Kimmel (seen above), Diplo, and the Kardashians. Kimmel morphing into Matt Damon we have to believe is a joke. The two have a long-running fake beef that has been a subject of Kimmel's...
Read more...
The number of malicious Android apps that make it to the Google Play store continues to grow at an alarming rate. Sophos has issued a new report regarding 15 apps on Google Play that are abusive and designed to do nothing but serve ads to smartphone users. On top of spamming users with ads on their mobile devices, they hide their app icons in the launcher to make it hard for users to find and remove the apps. Sophos says that some of the apps take things a bit further and disguise themselves in the Phone app settings page. In total, these apps have been installed on more than 1.3 million devices globally. One of the apps that Sophos has discovered goes so far as to launch the first time and seemingly...
Read more...
172 Malicious Android Apps With Over 300 Million Installs Discovered In Google Play Store Last Month
The battle against malware never ends. Nearly 200 harmful apps were discovered in the Google Play Store in September 2019. These apps were installed by over 335 million users. Most of the harmful ads contained malicious or misleading malware. These apps were downloaded by more than 300 million people. Google removed 46 apps alone from Chinese developer iHandy. Most of their apps feature tools for selfies, security and antivirus utilities, keyboards, horoscopes, emoji, and health. The developer claims that they attract more than 180 million monthly users. Google noted that the apps included “deceptive or disruptive” ads, which violates their policies. The apps even drained users' batteries...
Read more...
Last week Google gutted around 46 apps that were pushed from a single Chinese developer. The developer goes by the name of iHandy, and when Google axed the apps, it didn't say why it removed them. A new report is now indicating that the reason why Google removed the apps was due to "deceptive or disruptive ads." A Google spokesperson told BuzzFeed that Google Play developer policies explicitly prohibit these types of ads. Google notes that the policies are in place to create the best experience for users and notes that when violations of its policies are found, "we take action." The apps are another example of adware and malware on the Google Play store that isn't being discovered...
Read more...
The latest “Joker” spyware is no laughing matter as it can easily compromise a lot of the personal data you keep on your phone. Researchers recently discovered spyware that can access your SMS messages, contact list and other information. The spyware was found in over 24 Android apps on Google Play and has infected nearly 500,000 users. The “Joker” spyware was originally detected this past June and was named after one of its command-and-control (C2) domain names. It can gain access to a victim’s SMS messages, contacts list, and other specific device information. It can also sign victims up for premium subscription services without their knowledge. The Joker is able...
Read more...
Earlier this week, you brought you the news of an unfortunate turn of events that resulted in the popular app CamScanner being removed from the Google Play Store. The app, which can create PDF documents, is developed by CC Intelligence and has been downloaded over 100 million times. The problem came into play when users began getting bombarded with "unwanted features" and advertisements that took over their smartphone's display. The folks at Kaspersky Lab were able to determine that the CamScanner was carrying a malicious module dubbed Trojan-Dropper.AndroidOS.Necro.n, which was serving intrusive ads to users. After staying mum on the situation for most of the week, CamScanner's developers...
Read more...
It seems as though every few weeks that we hear about a new Android malware or adware scheme that has invaded the Google Play Store. Unfortunately, we today have to report on yet another adware scheme that was uncovered by the security gurus over at Trend Micro. The adware has been identified as AndroidOS_Hidenad.HRXH, and it was preloaded on 85 apps found in Google Play. According to the security researchers, the adware was primarily disguised as either a photography or gaming app. What's most alarming, however, is that these 85 apps were cumulatively downloaded over 8 million times by unsuspecting Android users. A small sample of the adware apps on Google Play. According...
Read more...
Have you noticed your Android handset depleting its battery at a faster clip than usual? If so, the culprit could be a recent update to Google Play Services. There have been multiple reports of unusually fast battery drain on various Android phones running Google Play Services 18.3.82, suggesting there is a bug with the software. This does not appear to affect any single make or model Android phone—any Android device running the latest version of Google Play Services is prone to shortened battery life, compared whatever the normal run time might be. Source: Artem Russakovskii (via Twitter) APKMirror founder and Android Police writer Artem Russakovskii noted the disparity on Twitter, as...
Read more...
When Apple announced its monthly subscription gaming service called Apple Arcade, everyone expected Google to launch its own similar service. It's taken Google some time to launch a competing service, but it seems that service is here. Google is now testing a service called Google Play Pass. Google's Play Pass service calls out access to games and apps indicating it won't just be an arcade offering. The app images are from the signup page allegedly seen by an unnamed reader and sent to Android Police. The signup page offers a subscribe link and calls out a monthly fee of $4.99. App users will appreciate that the Play Pass notes there are no purchases, no ads, and all in-app purchases are unlocked....
Read more...
One of the smartest things that Samsung smartphones users can do is to keep their devices updated with the latest firmware from Samsung. Consistent updates allows them to have the latest security updates to help protect their device and personal data. A new report claims that 10 million Samsung smartphone users have downloaded an app from Google Play that is called "Updates for Samsung." The users apparently thought that the app was an official app from Samsung, but what the app does is redirect users to a website filled with ads where they are charged for firmware updates. Samsung offers firmware updates for its smartphones at no cost. As of this writing, the "Updates for Samsung" app was...
Read more...
182 Android apps have been linked to an adware campaign that has plagued users who download apps from Google Play. Trend Micro detected the adware campaign identified as AndroidOS_HiddenAd.HRXAA and AndroidOS_HiddenAd.GCLA. The adware was hidden inside free-to-download game and camera apps, the majority of which were found on the Google Play Store and had millions of downloads collectively. The adware behind the campaign was disguised as game and camera apps and was discovered in mid-June. Trend Micro says that it generated heuristic patterns that were used to analyze other samples it had detected and were able to deduce that the adware campaign had been active since 2018. All of the apps that...
Read more...
This mobile app is definitely something to scream about in more ways than one. The Android game “Scary Granny ZOMBYE Mod: The Horror Game 2019” s stealing users’ Google and Facebook data. The malicious app attempts to siphon both data and money from its users to attackers. “Scary Granny ZOMBYE Mod: The Horror Game 2019” was a horror game that mimicked another popular Android game “Granny”. Users were tasked with running away from zombies while uncovering extra lives and various weapons. The game was installed over 50,000 times and boasted a 4-star review in the Google Play store before it was removed on June 27th. Image credit: Wandera Security...
Read more...
The Google Play app store ecosystem is robust, and many of the apps that people buy are purchased with a credit card that is tied to the person's Google Play account. For most people linking a credit card to their account isn't a big deal, but that isn't always the case in all market around the globe. Some users fear the security of their credit card information, and often parents don't want to tie a credit card to a kid's account out of fear the child might make unauthorized purchases. In some countries, the problems are more significant than security. In locations like India where most people use Android devices, but few use credit cards or debit cards with bank accounts, paying for apps is...
Read more...
Several apps from a developer with ties to China's Baidu were caught committing click fraud and sending information to China without the knowledge of the app users. When the revelation of the apps committing click fraud first surfaced, Google had stated that the six apps initially had been blacklisted and were no longer usable. The apps included Selfie Camera app, Omni Cleaner, RAM Master, Smart Cooler, Total Cleaner, and AIO Flashlight. Google now appears to be making a move that could see every app published by the developer removed from the Google Play store. So far more than 40 apps from the developer have gotten the ax. Before being caught in the click fraud scheme, the developer had around...
Read more...
Fraudulent apps on the Google Play store are a huge problem for Android users. Some of the fraudulent apps aim to steal money and other information. In February this year, word surfaced that a cryptocurrency-stealing malware had been found on Google Play, while malware-laden game apps were found last November that were affecting half a million users. Perhaps the biggest app fraud case was discovered in November 2018, when apps from Cheetah Mobile were committing millions of dollars in ad click fraud. However, now it appears click fraud is even more widespread and all too common. There are several popular Android apps from a major Chinese developer that have been called out for click fraud. One...
Read more...
