An Android banking trojan that targets more than 232 banking apps has been uncovered, targeting financial institutions globally. According to Quick Heal Security Labs, Banker A2f8a is designed for stealing login credentials, hijacking SMS messages, uploading contact lists and texts to a malicious server, displaying an overlay screen (to capture details) on top of legitimate […]
Among the four dozen vulnerabilities Google patched this week was a fix for a bug that allowed attackers to inject malicious code into Android apps without affecting an app’s signature verification certificate. The technique allows an attacker to circumvent device anti-malware protection and escalate privileges on targeted device with a signed app that appears to […]
Google is cracking down on unwanted and harmful Android apps with a new effort that will show warnings on applications and on third-party websites distributing apps that collect personal data without user consent. The effort is an expansion of the Google Safe Browsing team’s mission to enforce the company’s recently updated Unwanted Software Policy for […]
A vulnerability that allows malicious applications to capture screen contents and record audio without a user’s knowledge impacts over 78% of Android devices, researchers claim. The issue is caused by the MediaProjection service introduced by Google in the Android Framework on Android 5.0. This service allows applications to capture the screen or record audio without […]
Poor mobile app development practices have created the Eavesdropper vulnerability, which has resulted in a large-scale data exposure from nearly 700 apps in enterprise mobile environments, over 170 of which are live in the official app stores today. The affected Android apps alone have been downloaded up to 180 million times. According to researchers at […]
Four critical vulnerabilities were reported by Google Monday as part of its October Android Security Bulletin. In all, 14 patches were issued for corresponding vulnerabilities, ranging from critical to high. The relative low bug count for the month of October is due to the fact this month Google announced it would handle security bulletins differently. […]
A popular Android keyboard application with over 200 million downloads was found gathering user information sending the data a remote server, Adguard reveals. The offending application, GO Keyboard, has two versions available in Google Play, namely GO Keyboard – Emoji keyboard, Swipe input, GIFs and GO Keyboard – Emoticon keyboard, Free Theme, GIF, each with […]
Google has ejected 50 apps from its Google Play store that were harboring mobile malware dubbed ExpensiveWall. The malware, which was downloaded between 1 million to 4.2 million times, sends fraudulent premium SMS messages for fake fee-based services without the knowledge or permission of users, according to Check Point security researchers.Researchers said the malware was […]
Security researchers warned of a high-severity Android flaw on Thursday that stems from what they call a “toast attack” overlay vulnerability. Researchers say criminals could use the Android’s toast notification, a feature that provides simple feedback about an operation in a small pop up, in an attack scenario to obtain admin rights on targeted phones […]
A total of 81 security vulnerabilities have been addressed in this month’s set of security patches for the Android platform. 13 of the flaws were rated Critical severity.The security bulletin has two security patch levels, each focused on addressing vulnerabilities in specific components. The 2017-09-01 security patch level fixes a total of 30 vulnerabilities, 10 […]
