Tag Archives: google

Yet Another Android Malware Infects Over 4.2 Million Google Play Store Users


Even after so many efforts by Google, malicious apps somehow managed to fool its Play Store’s anti-malware protections and infect people with malicious software.

The same happened once again when at least 50 apps managed to make its way onto Google Play Store and were successfully downloaded as many as 4.2 million times—one of the biggest malware outbreaks.

Security firm Check Point on Thursday published a blog post revealing at least 50 Android apps that were free to download on official Play Store and were downloaded between 1 million and 4.2 million times before Google removed them.

These Android apps come with hidden malware payload that secretly registers victims for paid online services, sends fraudulent premium text messages from victims’ smartphones and leaves them to pay the bill—all without the knowledge or permission of users.

Dubbed ExpensiveWall by Check Point researchers because it was found in the Lovely Wallpaper app, the malware comes hidden in free wallpaper, video or photo editing apps. It’s a new variant of malware that Mcafee spotted earlier this year on the Play Store.

But what makes ExpensiveWall malware different from its other variants is that it makes use of an advanced obfuscation technique called “packed,” which compresses malicious code and encrypts it to evade Google Play Store’s built-in anti-malware protections.

The researchers notified Google of the malicious apps on August 7, and the software giant quickly removed all of them, but within few days, the malware re-emerged on the Play Store and infected over 5,000 devices before it was removed four days later, Check Point said.

Here’s How ExpensiveWall Malware Works:


Once an app with ExpensiveWall—which researchers think came from a software development kit called GTK—is downloaded on a victim’s device, the malicious app asks for user’s permission to access the Internet, and send and receive SMS messages.

The internet access is used by the malware to connect the victim’s device to the attacker’s command and control server, where it sends information on the infected handset, including its location alongside unique hardware identifiers, such as MAC and IP addresses, IMSI and IMEI numbers.

The C&C server then sends the malware a URL, which it opens in an embedded WebView window to download JavaScript code that begins to clock up bills for the victim by sending fraudulent premium SMS messages without their knowledge, and uses the victim’s phone number to register for paid services.

However, according to the Check Point researchers, it is still unclear how much revenue was generated via ExpensiveWall’s premium SMS scam.

Google’s Play Store—Home for Malware

Android malware continues to evolve with more sophisticated and never-seen-before capabilities with every passing day, and spotting them on Google Play Store has become quite a common thing.

Last month, over 500 Android apps with spyware capabilities were found on Play Store, which had been downloaded more than 100 million times.

In July, Lipizzan spyware apps were spotted on Play Store that can steal a whole lot of information on users, including text messages, emails, voice calls, photos, location data, and other files, and spy on them.

In June, more than 800 Xavier-laden apps were discovered on Google Play that had been downloaded millions of times, and the same month researchers found first code injecting rooting malware making rounds on Google Play Store.

A month prior to it, researchers spotted 41 apps on Play Store hidden with the Judy Malware that infected 36.5 million Android devices with malicious ad-click software.

In April, over 40 apps with hidden FalseGuide malware were spotted on Play Store that made 2 Million Android users victims.

Earlier this year, researchers also discovered a new variant of the HummingBad malware, dubbed HummingWhale, hidden in more than 20 apps on Google Play Store, which were downloaded by over 12 Million users.

How to Protect Your Android From Such Malware Apps

Even after Google removed all the malware-tainted apps from its official Play Store marketplace, your smartphones will remain infected with the ExpensiveWall malware until you explicitly uninstall the malicious apps, if you have downloaded any.

Google has recently provided a security feature known as Play Protect that uses machine learning and app usage analysis to automatically remove malicious apps from the affected smartphones to prevent further harm.

However, according to the Check Point researchers, many phones run an older version of Android that does not support the feature, leaving a wide audience open to malware attacks.

You are strongly advised to always keep a good antivirus app on your device that can detect and block any malicious app before it can infect your device, and always keep your device and all apps up-to-date.

Powered by WPeMatico

Google pulls 500+ vulnerable apps from Play Store

Google pulls 500+ vulnerable apps from Play Store

After the eight hijacked Chrome extensions that were pulled from Google’s browser webstore at the beginning of the month, Google now removed over 500 apps with more than 100m downloads from its Play Store. That’s a rather high number, especially if you’re considering that they have been removed all at once.  So what happened? Beware of SDKs […]

The post Google pulls 500+ vulnerable apps from Play Store appeared first on Avira Blog.

Read More

Android 8.0 Oreo Released – 11 New Features That Make Android Even Better

While the moon was eclipsing the sun, Google announced the launch of its new mobile operating system called Android 8.0 Oreo in an Eclipse-themed launch event in New York City.

Yes, the next version of sugary snack-themed Android and the successor to Android Nougat will now be known as Android Oreo, the company revealed on Monday.

Google has maintained the tradition of naming its Android operating system by the names of alphabetically-ordered sugary delights beginning with Android Cupcake and followed by Donut, Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KitKat, Lollipop, Marshmallow and Nougat.

The good news is that the Android team has brought several significant features to your smartphone and tablet with the release of Android Oreo to make its mobile platform more secure, fast, power efficient and offer better multitasking.

The new updated mobile operating system, which has been available for the last few months in developer beta, will arrive on your Android devices by the end of this year.

Here’s the list of features what I like in the new Android Oreo so far:

1. No More ‘Unknown Sources’ Setting (Install other apps)

Not all applications installed from third-party sources are malicious, but most of the apps installed from outside of the official Play Store could land you in trouble.

Prior to Android Oreo, third-party app installation requires users to enable just one setting by turning on “Install from unknown sources”—doesn’t matter from where the user has downloaded an APK file, i.e. from a browser, Bluetooth, transferred from a computer via USB or downloaded using another app.

Android 8.0 Oreo has completely changed the way this feature works, bringing a much smarter and safer system called “Install Unknown apps,” in which user has to manually permit 3rd-party app installation from different sources.

2. Autofill API Framework

It has already been advised to make use of complex and different passwords for online accounts and change them frequently, but this makes it difficult for users to remember them at the same time.

To follow the best password policy in order to keep their accounts safe, most users rely on notepad/excel files to save their passwords insecurely, while some use password managers.

Some password manager apps for Android allow their users to Autofill saved information into forms on other apps for which they require access to device’s accessibility permission and features.

However, with Android Oreo, password managers will no longer require Android’s accessibility features to fill in forms.

Android 8.0 Oreo brings a built-in secure AutoFill API that allows users-chosen password manager to store different types of sensitive data, such as passwords, credit card numbers, phone numbers, and addresses—and works throughout the entire system.

3. Picture-in-Picture (multitasking)

How many times does it happen to you when you want to watch a video on YouTube while chatting on WhatsApp?

It happens with me a lot of times, and I really get annoyed that if I’m watching a video, I can only watch that video and can’t do anything on other apps simultaneously. But this would not be a problem in Android 8.0 Oreo.

With Android Oreo, you can view a YouTube video while reading through a report in Word or be chatting on WhatsApp on your Android device—thanks to Picture-in-Picture (PIP) feature.

PIP is one of the biggest features in the latest version of Android. If you open an app and start playing a video, just press the home button, which will shrink the video down to the bottom-right corner of your screen while the rest of the app disappears.

Now you can open any app and do other activities, while the video continues in the background. You can even move the video along the border of your screen, just like the Facebook Messenger icons, and tapping on the video will expand the video back into full-view.

4. Google Play Protect

Android Oreo has been developed keeping ‘Security’ in mind, with Google cracking down on the fastest-growing problem of Android malware with a new anti-malware tool called Google Play Protect.

“Play Protect is built into every device with Google Play, is always updating, and automatically takes action to keep your data and device safe, so you don’t have to lift a finger,” Dave Burke, Vice President of engineering at Google said.

Play Protect helps in detecting and removing harmful applications with more than 50 billion apps scanned every day.

5. Wi-Fi Aware (Neighborhood Aware Networking — NAN)

Android Oreo has added support for a new connectivity feature called Wi-Fi Aware, also known as Neighborhood Aware Networking (NAN), which allows apps and devices to automatically find, connect to, and share data with each other directly without any internet access point or cellular data.

Wi-Fi Aware is basically a combination of WiFi Direct and Nearby features to offer more reliable connection compared to Wi-Fi P2P, allowing users to share data at high speed with a longer distance communication compared to Bluetooth.

Wi-Fi Aware API gives app developers a great opportunity to create awesome apps based on the communication between nearby devices.

6. Android Instant Apps

With Android 8.0 Oreo, you can now access a range of Instant Apps without downloading them.

First unveiled in May 2016, a new feature called Android Instant Apps is now available for more than 500 million devices globally, allowing users to launch certain apps within Google Play without having to download them.

Users can access Android Instant apps with a single click on a URL, just like a web page.

This feature could be more useful for those who are running out of storage space on their phone, wants to use an app for just once or intends to take a demo before installing the full version.

7. Battery-Saving Background Limits

Prior to Android 8.0 Oreo, developers can develop apps that could listen for a broad range of system broadcasts or changes on an Android device such as Wi-Fi turning on or a picture being taken, which negatively impact system performance and battery life.

Now, with Android Oreo, Google has blocked apps from reacting to “implicit broadcasts” and carrying out certain tasks when they are running in the background in an effort to enhance the battery life of Android device.

Besides this, Android Oreo will also limit some background services and location updates when an app is not in use.

For example, if music app is playing music in the background, it will not be affected, but it will limit Instagram that doesn’t need to be refreshing your feed from running in the background, allowing apps to use less power and wake up occasionally to start its services.

8. AI-based Smart Text Selection

Android Oreo brings the ‘Smart Text Selection‘ feature, which uses Google’s machine learning to detect when something like physical addresses, email addresses, names or phone numbers is selected, then automatically suggests the relevant information on other apps.

For example, if double tap text and select an address of a restaurant your friend sends you, Google’s AI-based machine learning will figure out what you want and automatically launch directions with maps.

The Assistant feature can perform the same, but it’s always good to have multiple options to solve the same problem.

9. Notification Dots (Limit notifications)

This feature is something I needed badly, as I really get annoyed by so many notifications I receive on a daily basis.

With Android Oreo, this won’t be an issue. Oreo introduces Notification Dots that offers you to manage each app individually with “fine-grained control,” allowing you to control how many notifications you see and how they come through.

For example, in case of any news app, you will be able to select what areas you are interested in hearing about.

So, to check your notifications, you simply need to tap the three notification dots.

10. Find my Device

Google has introduced a new feature, called Find my Device, which is a similar feature to Apple’s Find my iPhone and allows people to locate, lock and wipe their Android devices in the event when they go missing or get stolen.

11. New Emoji and Downloadable Fonts and Emoji

Android Oreo introduces 60 new emoji and a redesign of the current “blob” characters. The update also offers new colour support to app developers and the ability to change or animate the shape of icons in their apps.

The “Downloadable Fonts” feature in Android Oreo is not for the end user, and instead, this feature is meant for app developers, allowing them to release their apps without packaging fonts inside. The fonts can then be downloaded by the app from a shared provider and support library.

This same implementation also supports “Downloadable Emoji,” so users can get updated emoji without just being limited to the emoji built into the device.

Powered by WPeMatico