July 30, 2024 at 10:04AM A new version of the sophisticated Android spyware Mandrake has been discovered in five apps on Google Play Store, remaining undetected for two years. The malware includes obfuscation and evasion techniques and can collect device information, initiate screen sharing, and steal credentials. Researchers emphasize the evolving threat and Google’s continuous … Read more
May 2, 2024 at 11:18AM Several Android apps in the Google Play Store were found vulnerable to a path traversal-affiliated exploit, allowing malicious apps to overwrite files in the vulnerable app’s home directory. The implications include arbitrary code execution and token theft. Vulnerable apps include Xiaomi File Manager and WPS Office, but the issue has … Read more
April 29, 2024 at 06:26PM Google stopped 2.28 million potentially malicious Android apps from being published in its Play Store last year, citing improved security features, policy updates, and advanced machine learning. This was achieved through new requirements for developers and stricter app review processes. The tech giant also emphasized account data deletion and sensitive … Read more
February 19, 2024 at 06:21AM The Android banking trojan Anatsa has extended its reach to Slovakia, Slovenia, and Czechia in a new campaign observed in November 2023, exploiting accessibility service and bypassing Google Play’s protections. Anatsa targets banking customers with dropper apps on the Play Store, gaining control over devices, stealing credentials, and perpetrating fraudulent … Read more
November 21, 2023 at 03:18AM A new malware campaign in India targets Android smartphone users through social engineering. Attackers send messages on platforms like WhatsApp and Telegram, impersonating banks and government services. They entice users to install a fraudulent app that steals sensitive data and banking details. The app also intercepts one-time passwords (OTPs) and … Read more