Latest Android news

New Chameleon Android malware mimics bank, govt, and crypto apps

A new Android trojan called 'Chameleon' has been targeting users in Australia and Poland since the start of the year, mimicking the CoinSpot cryptocurrency exchange, an Australian government agency, and the IKO bank.
- Bill Toulas
- April 17, 2023
- 08:46 AM
- 0
CISA warns of Android bug exploited by Chinese app to spy on users

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited by a Chinese e-commerce app Pinduoduo as a zero-day to spy on its users.
- Sergiu Gatlan
- April 16, 2023
- 10:08 AM
- 0
Android malware infiltrates 60 Google Play apps with 100M installs

A new Android malware named 'Goldoson' has infiltrated the platform's official app store, Google Play, through 60 apps that collectively have 100 million downloads.
- Bill Toulas
- April 15, 2023
- 10:07 AM
- 5
Kyocera Android app with 1M installs can be abused to drop malware

A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download and potentially install malware on devices.
- Bill Toulas
- April 12, 2023
- 02:19 PM
- 0
Cybercriminals charge $5K to add Android malware to Google Play

Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000, depending on the type of malicious behavior cyber criminals request.
- Bill Toulas
- April 11, 2023
- 11:30 AM
- 0
Google will require Android apps to let you delete your account

Google has announced a new Google Play Store data deletion policy that will require Android developers to provide users with an online option to delete their accounts and in-app data.
- Sergiu Gatlan
- April 05, 2023
- 04:16 PM
- 1
Google finds more Android, iOS zero-days used to install spyware

Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' devices.
- Sergiu Gatlan
- March 29, 2023
- 08:00 AM
- 0
North Korean hackers using Chrome extensions to steal Gmail emails

A joint cybersecurity advisory from the German Federal Office for the Protection of the Constitution (BfV) and the National Intelligence Service of the Republic of Korea (NIS) warn about Kimsuky's use of Chrome extensions to steal target's Gmail emails.
- Bill Toulas
- March 22, 2023
- 11:06 AM
- 0
FakeCalls Android malware returns with new ways to hide on phones

Android malware 'FakeCalls' is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to fool targets into giving away their credit card details.
- Bill Toulas
- March 16, 2023
- 03:36 PM
- 0
Outlook app to get built-in Microsoft 365 MFA on Android, iOS

Microsoft will soon fast-track multi-factor authentication (MFA) adoption for its Microsoft 365 cloud productivity platform by adding MFA capabilities to the Outlook email client.
- Sergiu Gatlan
- March 13, 2023
- 01:07 PM
- 1
Xenomorph Android malware now steals data from 400 banks

The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system (ATS) framework and the ability to steal credentials for 400 banks.
- Bill Toulas
- March 10, 2023
- 05:24 AM
- 0
Android March 2023 update fixes two critical code execution flaws

Google has released March 2023 security updates for Android, fixing a total of 60 flaws, and among them, two critical-severity remote code execution (RCE) vulnerabilities impacting Android Systems running versions 11, 12, and 13.
- Bill Toulas
- March 07, 2023
- 09:48 AM
- 3
Hackers use fake ChatGPT apps to push Windows, Android malware

Threat actors are actively exploiting the popularity of OpenAI's ChatGPT AI tool to distribute Windows malware, infect Android devices with spyware, or direct unsuspecting victims to phishing pages.
- Bill Toulas
- February 22, 2023
- 04:58 PM
- 1
Google paid $12 million in bug bounties to security researchers

Google last year paid its highest bug bounty ever through the Vulnerability Reward Program for a critical exploit chain report that the company valued at $605,000.
- Ionut Ilascu
- February 22, 2023
- 04:17 PM
- 0
Google will boost Android security through firmware hardening

Google has presented a plan to strengthen the firmware security on secondary Android SoCs (systems on a chip) by introducing mechanisms like control flow integrity, memory safety systems, and compiler-based sanitizers.
- Bill Toulas
- February 21, 2023
- 12:30 PM
- 1
Android 14 to block malware from abusing sensitive permissions

Google has announced the release of the first developer preview for Android 14, the next major version of the world's most popular mobile operating system, which comes with security and privacy enhancements, among other things.
- Bill Toulas
- February 08, 2023
- 01:00 PM
- 0
Over 1,800 Android phishing forms for sale on cybercrime market

A threat actor named InTheBox is promoting on Russian cybercrime forums an inventory of 1,894 web injects (overlays of phishing windows) for stealing credentials and sensitive data from banking, cryptocurrency exchange, and e-commerce apps
- Bill Toulas
- February 01, 2023
- 05:30 PM
- 0
Shady reward apps on Google Play amass 20 million downloads

A new category of activity tracking applications has been having massive success recently on Google Play, Android's official app store, having been downloaded on over 20 million devices.
- Bill Toulas
- January 29, 2023
- 10:16 AM
- 2
Exploits released for two Samsung Galaxy App Store vulnerabilities

Two vulnerabilities in the Galaxy App Store, Samsung's official repository for its devices, could enable attackers to install any app in the Galaxy Store without the user's knowledge or to direct victims to a malicious web location.
- Bill Toulas
- January 20, 2023
- 03:09 PM
- 0
New 'Hook' Android malware lets hackers remotely control your phone

A new Android malware named 'Hook' is being sold by cybercriminals, boasting it can remotely take over mobile devices in real-time using VNC (virtual network computing).
- Bill Toulas
- January 19, 2023
- 06:30 PM
- 1