Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year.
The tech giant also said it blocked 333,000 bad accounts from the app storefront in 2023 for attempting to distribute malware or for repeated policy violations.
"In 2023,
An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store.
Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor or group. It's tracking the group behind the operation under the
Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store.
The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.
The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023.
"Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.
A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices.
Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it's developed using an open-source mobile app framework called Xamarin and abuses the operating system's accessibility permissions to fulfill its objectives.
Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times.
"Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims' personal and
Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data.
βUsing social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations,
Google is rolling out a new banner to highlight the "Independent security review" badge in the Play Store's Data safety section for Android VPN apps that have undergone a Mobile Application Security Assessment (MASA) audit.
"We've launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle," Nataliya Stanetsky of the Android Security
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store thatβs designed to harvest sensitive information from compromised Android devices.
According to Kaspersky security researcher Igor Golovin, the apps come withΒ nefarious featuresΒ to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server.
The
Threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis.
That's according to findings from Zimperium, which found 3,300 artifacts leveraging such compression algorithms in the wild. 71 of the identified samples can be loaded on the operating system without any problems.
There is no evidence that the apps were available on the
Threat actors are leveraging a technique called versioning to evade Google Play Store's malware detections and target Android users.
"Campaigns using versioning commonly target users' credentials, data, and finances," Google Cybersecurity Action Team (GCAT)Β saidΒ in its August 2023 Threat Horizons Report shared with The Hacker News.
While versioning is not a new phenomenon, it's sneaky and hard
Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China.
Pradeo, a leading mobile security company, has uncovered this alarming infiltration. The report shows that both spyware apps,
Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as "Letscall." This technique is currently targeting individuals in South Korea.
The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google Play Store website.
Once the malicious software is installed, it redirects
Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign.
Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known asΒ DoNot Team, which is also tracked as APT-C-35 and Viceroy Tiger.
The espionage activity involves duping Android smartphone owners into
A new Android subscription malware namedΒ FleckpeΒ has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022.
Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and smartphone wallpaper packs. The apps have since been taken down.
The operation primarily targets users
Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses.
"The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps," KasperskyΒ saidΒ in a new report based on messages
Login
FreshRSS