Wikileaks published another set of documents Thursday. The latest release of files purportedly from the U.S. Central Intelligence Agency (CIA) details a piece of malicious software for Android devices.

The malware, referred to as Highrise, can redirect or intercept text messages sent to a target’s phone, allowing a CIA agent to access it before it lands in the inbox of the person it was intended for. HighRise acts as a proxy server for text messages, bouncing the messages to internet “listening posts” that allow an agent to intercept them. While the malicious software provides the CIA with a powerful snooping tool, there is a major limitation to Highrise.

A form of Android ransomware which threatens to send the victim's private information and web history to all of their contacts has been discovered in the official Google Play app store.

LeakerLocker doesn't actually encrypt the victims' files, but instead claims to have made a backup of data stored on the device and threatens to share it with all of the user's phone and email contacts. Those behind the malware demand $50 in exchange for not leaking personal data including photos, Facebook messages, web history, emails, location history and more, playing on fears of potential embarrassment rather than any form of cryptography.

Google has released its latest monthly security update for Android devices, including a serious bug in some Broadcom Wi-Fi chipsets that affects millions of Android devices, as well as some iPhone models.

Dubbed BroadPwn, the remote code execution vulnerability resides in Broadcom's BCM43xx family of WiFi chipsets, which can be triggered remotely without user interaction, allows a remote attacker to execute malicious code on targeted Android devices. "The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes.

A newly uncovered form of Android malware aims to steal data from over 40 popular apps - and the trojan has been actively engaging in in this illicit activity for almost two years.

Dubbed SpyDealer, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location. The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location.

This CopyCat's got claws. A new strain of a malware called CopyCat has infected more than 14 million Android devices around the world, rooting phones and hijacking apps to make millions in fraudulent ad revenue, researchers at Check Point said Thursday.

While the majority of victims are in Asia, more than 280,000 Android devices in the US were hit by the massive hack. Google had been tracking the malware for the last two years and has updated Play Protect to block CopyCat, but millions of victims are getting hit through third-party app downloads and phishing attacks. There was no evidence that CopyCat was distributed on Google Play.

EU antitrust regulators are weighing another record fine against Google over its Android mobile operating system and have set up a panel of experts to give a second opinion on the case, two people familiar with the matter said.

Assuming the panel agrees with the initial case team's conclusions, it could pave the way for the European Commission to issue a decision against Alphabet's Google by the end of the year. The Commission in April last year charged Google with using its dominant Android mobile operating system to shut out rivals following a complaint by lobby group FairSearch, U.S.-based ad-blocking and privacy firm Disconnect Inc.

Google’s thesis to the automotive industry came packaged in a red glinting Maserati Ghibli. The luxury sedan, parked outside last year’s Google I/O developer conference, might have looked like just another sports car — a ubiquitous sight in Silicon Valley. 

But what was inside captured the interest of automakers. And now, some automakers are buying into what they found, despite long-held fears of giving up too much control to outsiders like Google. “The traction we’re seeing in the car space is just ridiculous,” Patrick Brady, vice president of engineering for Android, told. “It’s surprising even to us and has caught us off guard.”

A malicious Android app that downloads itself from advertisements posted on forums strongly resists removal, security firm Zscaler warns.

The dodgy Android utility poses as "Ks Clean", an Android cleaner app. Once installed, the app displays a fake system update message in which the only option presented to the user is to select the "OK" button, giving victims little immediate option other than to accept a supposed security update. As soon as the user presses "OK", the malware prompts the installation of another APK named "Update". The Update app asks for administrator privileges which, if granted, can't be revoked.

An Android malware campaign called Judy has been discovered lurking in more than 40 apps in the Google Play Store, and it might have punched its way through as many as 36.5 million devices. Check Point discovered the malware that thankfully doesn't resort to ransomware or stealing bank credentials.

Instead, it installs a form of auto-clicking adware to generate large amounts of fraudulent clicks on advertisements in order to raise money for the perpetrators. The malware has a reach of anywhere between 8.5 million and 36.5 million users worldwide from 41 different apps offered for sale on the Google Play Store.

Researchers from Georgia Institute of Technology have released a full report on a new attack vector that affects Android up to version 7.1.2.

The exploit, called Cloak & Dagger, uses Android’s design and screen behaviours against users, effectively hiding activity behind various app-generated interface elements that lets a hacker grab screen interactions and hide activity behind seemingly innocuous screens. Experts have created proof of concept users of the exploit including a bit of malware that draws an invisible grid over the Android screen that exactly mirrors – and can capture – the onscreen keyboard.