Google tests blocking side-loaded Android apps with risky permissions

Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions.
An APK is a file format used to distribute Android apps for installation in the operating system.
These files are commonly distributed through third-party sites, allowing you to install apps outside of Google Play.
As these external sites do not review the apps for malicious behavior, they can include malware, spyware, and other threats.
Due to the complexity and difficulty of uploading bad apps on Google Play, threat actors revert to social engineering, using various lures to convince targets to download malicious apps from external, unvetted sources.
These APKs can trick victims into disclosing sensitive personal and financial information, allowing threat actors to conduct financial fraud.
Google says that throughout 2023, scams on the Android platform cost users over $1 trillion in losses, with 78% of the surveyed users reporting experiencing at least one scam attempt.
In October 2023, Google Play Protect received a new security feature that performs real-time scanning of APKs downloaded from third-party app stores and websites.
Google says this feature has identified 515,000 unwanted apps and warned about or blocked 3.1 million installations.
RECEIVE SMS - Attackers use this to intercept one-time passwords or authentication codes sent via SMS, enabling unauthorized access to victims' accounts.
READ SMS - Abused by attackers to read sensitive information, such as OTPs, banking messages, or personal communications, without the user's knowledge.
BIND Notifications - Attackers exploit this to read or dismiss notifications from legitimate apps, including security alerts or OTP notifications, potentially without the user noticing.
Accessibility - This permission, meant to assist users with disabilities, provides the malicious APK app with broad access to control the device and its functions.
Attackers abuse it to monitor the user's actions, retrieve sensitive data, input keystrokes, and execute commands remotely, often leading to complete device compromise.
BleepingComputer has asked Google about its plans to roll out this new protection feature to the rest of the world, and we will update this post as soon as we know more.
Android users are advised to avoid APK downloads as much as possible, scrutinize permissions requested during app installation, and run Play Protect scans regularly.
Google says spyware vendors behind most zero-days it discovers.
Google Search bug shows blank page in Firefox for Android.
New Xamalicious Android malware installed 330k times on Google Play.
AutoSpill attack steals credentials from Android password managers.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 07 Feb 2024 19:00:27 +0000


Cyber News related to Google tests blocking side-loaded Android apps with risky permissions

Google tests blocking side-loaded Android apps with risky permissions - Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions. An APK is a file format used to distribute Android apps for installation in the operating ...
10 months ago Bleepingcomputer.com
Google Online Security Blog: I/O 2024: What's new in Android security and privacy - As their tactics evolve in sophistication and scale, we continually adapt and enhance our advanced security features and AI-powered protections to help keep Android users safe. Today, we're announcing more new fraud and scam protection features ...
7 months ago Security.googleblog.com
ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store - On Android devices, one of the apps analyzed by researchers has more than 100,000 downloads, tracks, and shares location data with ByteDance and Amazon, etc. ChatGPT, the AI software, has already taken the Internet by storm, and that is why ...
1 year ago Hackread.com
Android 15, Google Play get new anti-malware and anti-fraud features - Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices. Announced at Google I/O 2024, the new features are designed not only to help end users but also ...
7 months ago Bleepingcomputer.com
Data Insecurity: Experts Sound the Alarm on 4 Apps Putting User Privacy at Risk - Even though many of us rely on apps to entertain us, guide us, manage our exercise, and connect with family and friends, they are notoriously hard to trust. In an age when technology is constantly evolving, it is almost impossible to tell if a ...
1 year ago Cysecurity.news
The Limitations of Google Play Integrity API - This overview outlines the history and use of Google Play Integrity API and highlights some limitations. We also compare and contrast Google Play Integrity API with the comprehensive mobile security offered by Approov. Google provides app attestation ...
1 year ago Securityboulevard.com
SpyLoan Android malware on Google Play downloaded 12 million times - More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this year from Google Play but the count is much larger since they are also available on third-party stores and suspicious ...
1 year ago Bleepingcomputer.com
Pen Testing Across the Environment: External, Internal, and Wireless Assessments - Among other controls, penetration testing stands out because it simulates attackers' malicious activities and tactics to identify security gaps in business systems or applications. Because pen tests thoroughly investigate vulnerabilities, the scope ...
5 months ago Securityboulevard.com
Denmark orders schools to stop sending student data to Google - The Danish data protection authority has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace services in the country's schools. The matter was brought to the agency's attention ...
10 months ago Bleepingcomputer.com
Google paid $10 million in bug bounty rewards last year - Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in the company's products and services. Though this is lower than the $12 million Google's Vulnerability Reward Program paid ...
9 months ago Bleepingcomputer.com
Halting Hackers on the Holidays 2023 Part II: The Apps You Trust - Most free flashlight apps are creepware - also known as malware that spies on you and your online behavior and could pass along information to others. The problem doesn't begin and end with flashlight apps, though. Many seemingly innocuous apps that ...
1 year ago Cyberdefensemagazine.com
Over 90 malicious Android apps with 5.5M installs found on Google Play - Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. Anatsa is a banking trojan that targets over 650 ...
6 months ago Bleepingcomputer.com
Android XLoader malware can now auto-execute after installation - A new version of the XLoader Android malware was discovered that automatically executes on devices it infects, requiring no user interaction to launch. XLoader, aka MoqHao, is an Android malware operated and likely created by a financially motivated ...
10 months ago Bleepingcomputer.com
AutoSpill attack steals credentials from Android password managers - Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the Black Hat Europe security conference, researchers from the International ...
1 year ago Bleepingcomputer.com
What Is Android System WebView and Should You Uninstall It? | Definition from TechTarget - Android developers use WebView when they want to display webpages or Hypertext Markup Language content in a Google app or other application. Android System WebView is a system component for the Android operating system (OS) that enables Android apps ...
2 months ago Techtarget.com
More Android apps riddled with malware spotted on Google Play - An Android remote access trojan known as VajraSpy was found in 12 malicious applications, six of which were available on Google Play from April 1, 2021, through September 10, 2023. The malicious apps, which have now been removed from Google Play but ...
10 months ago Bleepingcomputer.com
New Wave of 'Anatsa' Banking Trojans Targets Android Users in Europe - The campaign has been ongoing for at least four months and is the latest salvo from the operators of the malware, which first surfaced in 2020 and has previously notched victims in the US, Italy, United Kingdom, France, Germany, and other countries. ...
10 months ago Darkreading.com
Google Cloud Next 2024: New Data Center Chip Joins Ecosystem - Google Cloud announced a new enterprise subscription for Chrome and a bevy of generative AI add-ons for Google Workspace during the Cloud Next '24 conference, held in Las Vegas from April 9 - 11. Overall, Google Cloud is putting its Gemini generative ...
8 months ago Techrepublic.com
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware - Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware. In what appears to be a false positive, these security ...
1 year ago Bleepingcomputer.com
New Xamalicious Android malware installed 330k times on Google Play - A previously unknown Android backdoor named 'Xamalicious' has infected approximately 338,300 devices via malicious apps on Google Play, Android's official app store. McAfee, a member of the App Defense Alliance, discovered 14 infected apps on Google ...
11 months ago Bleepingcomputer.com
Android adware apps on Google Play amass two million installs - Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices. In their latest monthly mobile threat report, Doctor Web's analysts identified trojans on ...
1 year ago Bleepingcomputer.com
Snowblind malware abuses Android security feature to bypass security - A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. Snowblind's goal is to repackage a target app to make them ...
5 months ago Bleepingcomputer.com
Preventing Malware from Accessing Sensitive Permissions on Android 14 - Google has just released the first developer preview of Android 14, the next major version of the world's most popular mobile operating system. This new version comes with a range of security and privacy enhancements. Apps will now have to declare ...
1 year ago Bleepingcomputer.com
Android App Security Alert: Proactive Measures to Prevent Unauthorized Control - The latest security alert comes from Microsoft's team who discovered a new vulnerability that may give hackers complete control of your smartphone. The latest security alert is triggered by the discovery of a new security flaw which can allow hackers ...
7 months ago Cysecurity.news
Ahead of Regulatory Wave: Google's Pivotal Announcement for EU Users - Users in the European Union will be able to prevent Google services from sharing their data across different services if they do not wish to share their data. Google and five other large technology companies must comply with the EU's Digital Markets ...
11 months ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)