Google is offering security experts a bounty to identify Android app flaws as the Alphabet Inc unit seeks to wipe out bugs from its Google Play store.
Each flaw will score at least $1,000 under the program announced on Thursday to back up automated checks that have failed to block malware and other problems that security experts say infect the 8-year-old app store far more than Apple Inc’s rival App Store. Google will partner with HackerOne, a bug bounty program management website, to target a list of apps and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus.Read more
A form of Android ransomware which threatens to send the victim's private information and web history to all of their contacts has been discovered in the official Google Play app store.
LeakerLocker doesn't actually encrypt the victims' files, but instead claims to have made a backup of data stored on the device and threatens to share it with all of the user's phone and email contacts. Those behind the malware demand $50 in exchange for not leaking personal data including photos, Facebook messages, web history, emails, location history and more, playing on fears of potential embarrassment rather than any form of cryptography.Read more
Security doom-monger ESET has let off a warning about a threat that it once warned about and has now come to its dreadful fruition. ESET says that some Android banking malware that it recently found on Google Play is back in the wild and is back targeting banks.
It explains that the source code for the malware was released a couple of months ago - we are surprised that it has taken this long to come out, to be honest - and says that it was worth the wait, in a way. The malware was distributed via Google Play as a trojanized version of a legitimate weather forecast application Good Weather. It could lock and unlock infected devices remotely, as well as intercept text messages.Read more
Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to.
One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections.Read more
Less than three months after Pokémon Go launched, criminals sneaked malware into Google Play to target Pokémon trainers. Experts discovered the Trojan several days ago and immediately reported it to Google.
Unfortunately, by that time, the malicious app called Guide for Pokémon Go had already been downloaded more than 500,000 times. In the past few months almost 6 million people gave Pokémon Go a try. It’s no wonder that the massively popular game quickly caught the attention of cybercriminals: The first malware for Pokémon Go was traced in July, soon after the launch of the game. At that time, the situation was not so dangerous.Read more
Prisma, the app that became a global sensation with its ability to turn your photos into works of art, has become a honeypot for cybercriminals, with fake versions appearing in app stores vying to steal your personal information.
Capitalising on the popularity of the transformation app several, fake versions loaded with sly tricks such as fake surveys to capture users' data, as well as dangerous Trojan downloaders, snuck onto the Google Play Store. According to a blog by ESET, who discovered these fake apps among the five Trojan downloaders on Google Play, two have phishing functionality implemented that could probably be executed via the downloaded module.Read more
Five apps on Google Play carry Viking Horde, a new malware family that ropes Android devices into an ad-clicking botnet, but can also make them send out spam, send SMS messages to premium-rate numbers, download additional apps, and even participate in DDoS attacks.
The discovery was made by Check Point researchers, and they have notified Google about it on May 5, but as I’m writing this, the apps are still available on Android’s official app store. The most popular of these is Viking Jump, which was installed by at least 50,000 users, despite the poor ratings and reviews that point to its questionable nature.Read more
Security researchers have discovered 104 Android apps that exhibit a combination of adware and spyware features, collecting information on users in order to deliver malware to infected victims. The malware family is distributed to its victims as Android apps directly from Google's official Play Store.
Most of these applications are blatant clones of more popular apps and games, and some of them don't even exhibit the functionality with which they were advertised. The apps range from image editing software to live wallpaper apps, and from simplistic games to instant messaging services.Read more
Within the past month, malware disguised as an Android game twice made its way into the Google Play store and each time had between 100,000 and 500,000 downloads – making for a potential total infection rate of one million users.
The threat is a working game called Brain Test and it was identified by researchers with Check Point. Currently it has only been observed pushing advertisements, but the malware is quite advanced – it uses tricks to bypass app vetting system Google Bouncer, it uses privilege escalation exploits to gain root access on the device, and it takes steps to maintain persistency so it cannot easily be deleted.Read more
Security researcher Will Dormann of the US Computer Emergency Response Team (CERT) has reported this week that over 350 apps from the Google Play and Amazon App stores have been compromised due to a flaw that fails to validate certificates over a secure socket layer.
The bug, which opens up many popular mobile applications such as the eBay mobile shopper and the Microsoft Tech Companion to fairly rudimentary man-in-the-middle attacks, has been tracked and logged by the CERT team for only about a week now. But instead of waiting the standard 45-days to silently communicate the problem to the affected companies in order to give them a chance to get out in front of the issue with appropriate patches.Read more