Android application Archives

AppWizard

August 5, 2025

Gemini Android app beta adds audio file support

The Gemini Android application beta has introduced a feature allowing users to attach audio files, such as MP3s, to chat conversations. This feature, noted in version 16.30.59.sa.arm64 of the Google app beta, includes a “Talk live about this” prompt when a file is attached. However, the audio processing capabilities are still in early development, with inconsistent processing of audio input and occasional irrelevance in responses. The Gemini API supports audio input for tasks like generating descriptions, summarizing spoken information, and transcribing speech, with support for MP3, WAV, and FLAC formats. The integration of audio file attachment is part of a broader development initiative by Google, although no official launch date has been announced.

AppWizard

July 25, 2025

Fake Indian Banking Apps on Android Steal Login Credentials from Users

A recently discovered malicious Android application poses significant risks by masquerading as legitimate banking apps in India. It facilitates credential theft, conducts surveillance, and executes unauthorized financial transactions. The malware operates on a modular architecture with a dropper and primary payload, employing deceptive user interfaces and silent installation techniques to evade detection. The dropper requests extensive permissions, including ACCESSNETWORKSTATE, REQUESTINSTALLPACKAGES, and QUERYALLPACKAGES, to monitor connectivity, install secondary APKs without user awareness, and profile installed apps. It loads a hidden payload and initiates installation using an INSTALL_NOW flag, bypassing app store scrutiny. The main payload requests additional permissions such as READSMS, SENDSMS, and RECEIVESMS for intercepting one-time passwords (OTPs) and two-factor authentication (2FA) codes. It also requests REQUESTIGNOREBATTERYOPTIMIZATIONS, READPHONESTATE, and READPHONENUMBERS for uninterrupted execution, device fingerprinting, and potential call forwarding abuse. Data exfiltration occurs through Firebase Realtime Database, storing user IDs and intercepted SMS metadata. The malware uses Firebase for command-and-control operations and generates phishing pages resembling authentic banking interfaces. Delivery methods include smishing, email phishing, WhatsApp bots, vishing calls, SEO-poisoned websites, malvertising, Trojanized utilities, QR/NFC attacks, preloaded malware on counterfeit devices, and exploitation of accessibility service vulnerabilities. Indicators of compromise include specific SHA256 hashes for the base payload and main payload.

AppWizard

July 17, 2025

Java for mobile app development: How to create Android apps in 2025 – London Business News

Java is a key programming language in mobile application development, particularly for Android, and is expected to remain relevant in 2025. It is officially supported in Android development, with a significant portion of Android applications built using Java. Java continues to be integrated into Android Studio and is favored for its comprehensive documentation, backward compatibility, and strong community support. Java's ecosystem is characterized by its mature tools and best practices, making it suitable for both simple and enterprise-level applications. Core components of Android apps built with Java include Activities, Services, Broadcast Receivers, and Content Providers. The development process involves setting up the environment with Android Studio, designing user interfaces with XML, implementing app logic in Java, testing the application, and deploying it via the Google Play Store. Best practices in 2025 include modular architecture, dependency management with libraries like Dagger and Hilt, asynchronous programming techniques, and the use of version control systems like Git. Java remains a viable option alongside Kotlin, especially for legacy codebases and its perceived accessibility for new programmers. Modern tools supporting Java development include Room for data storage, Retrofit for API calls, Glide for image loading, Firebase for cloud services, and Crashlytics for crash monitoring. Outsourcing Java development is a common strategy for companies looking to scale their mobile projects efficiently. Java continues to evolve, accommodating advancements in machine learning, IoT, and edge computing.

AppWizard

June 19, 2025

GodFather Android Malware Runs Real Apps in a Sandbox to Steal Data

Cybersecurity researchers at Zimperium zLabs have discovered a new variant of the GodFather Android malware that uses on-device virtualization to hijack legitimate mobile applications, primarily targeting banking and cryptocurrency apps. This malware installs a concealed host application that downloads a genuine version of the targeted app within a controlled environment, redirecting users to this manipulated version. It monitors user actions in real time, capturing sensitive information like usernames and passwords. The GodFather malware targets 484 applications globally, with a focus on 12 financial institutions in Turkey. It employs traditional overlay attacks and uses legitimate open-source tools to evade detection. The malware manipulates APK files, relocates malicious code, and utilizes Android’s accessibility services to deceive users into granting permissions. It also encodes critical information to complicate tracking efforts and transmits screen details back to attackers for real-time monitoring.

AppWizard

June 3, 2025

YouTube confirms Android app bug affecting navigation bar

YouTube has acknowledged a technical glitch affecting the navigation bar in its Android app, causing the disappearance of key buttons like Subscriptions, Notifications, and Library for some users. The issue primarily impacts Android users in the United States, including YouTube Premium subscribers, but reports have also come in from countries such as Germany, Spain, Poland, and India. YouTube is investigating the matter and has committed to providing updates through a community thread, but has not yet shared information on the bug's scope or a timeline for a fix.

AppWizard

June 2, 2025

Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

On May 30, 2025, CERT Polska disclosed three security vulnerabilities affecting preinstalled Android applications on Ulefone and Krüger&Matz smartphones: CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917. - CVE-2024-13915: The com.pri.factorytest application allows any app to invoke the FactoryResetService, enabling unauthorized factory resets due to improper export controls (CWE-926). - CVE-2024-13916: The com.pri.applock application exposes a public method that allows malicious apps to steal the user’s PIN, representing an exposure of sensitive system information (CWE-497). - CVE-2024-13917: The exported activity in com.pri.applock allows privilege escalation by enabling malicious apps to inject intents with system-level privileges if they have access to the compromised PIN (CWE-926). Users of affected devices are advised to seek firmware updates or mitigations from their vendors.

AppWizard

June 2, 2025

Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection

Significant vulnerabilities have been identified in pre-installed applications on Ulefone and Krüger&Matz Android smartphones, disclosed on May 30, 2025. Three vulnerabilities affect these devices, including CVE-2024-13915, which targets the com.pri.factorytest application, allowing unauthorized factory resets. CVE-2024-13916 and CVE-2024-13917 affect the com.pri.applock application on Krüger&Matz smartphones, enabling malicious apps to extract user PIN codes and inject arbitrary intents. These vulnerabilities stem from improper export of Android application components, allowing malicious applications to bypass Android’s permission model. Users are advised to check for updates and consider disabling vulnerable applications.

AppWizard

May 21, 2025

TSplus Releases Remote Support Android V4: Smarter, Broader, and Now Compatible with Android TV

TSplus has released version 4 of its Remote Support app for Android, which now fully supports Android TVs. This update enhances compatibility, performance, and usability, expanding device support to over 22,720 models, including both arm32 and x86 architectures. The app allows for innovative applications in various settings, such as home, retail, public transport, and events. Key features include Viewer mode for assisting others and casting presentations, and Sharer mode for secure screen sharing with remote technicians. The update also improves navigation for Android TV and optimizes network usage. Users can download the latest version from the Google Play Store.

AppWizard

May 20, 2025

Preventing App-Based Threats on Android Devices

By 2025, the Android platform faces increasingly sophisticated app-based threats, including ransomware, fake apps, social engineering, and remote access attacks. Cybercriminals exploit Android's open architecture, prompting the need for advanced security measures. Android's security architecture includes: 1. Google Play Protect: Scans applications before installation using real-time machine learning to detect emerging malware and deceptive tactics. 2. Application Sandboxing: Isolates apps to prevent data access between them, utilizing Linux permissions and SELinux policies. 3. App Signing and Code Integrity: Requires cryptographic signatures for apps, complicating the introduction of rogue certificates and runtime modifications. Advanced protections include Runtime Application Self-Protection (RASP) for high-security apps, which monitors behavior in real time, and secure coding practices that encourage regular code reviews, strong authentication, and data encryption. User vigilance is crucial, emphasizing responsible downloading, limiting permissions, keeping software updated, enabling two-factor authentication, and being cautious with public Wi-Fi. Google continuously updates security measures, ensuring older devices receive new protections, while collaboration with the security community aids in identifying and countering emerging threats.

AppWizard

May 17, 2025

Best VPN for Android 2025: NordVPN Voted Best of VPNs for Android

NordVPN has been recognized as the Best VPN for Android in 2025, continuing its commitment to trusted VPN services since launching its Android app in 2016. The user interface has been redesigned for a streamlined experience, featuring a clean, map-based home screen and easy server access. It has received praise for exceptional speed on Android devices, attributed to its NordLynx protocol, and boasts over 7,000 servers in more than 100 countries for reliable internet access. NordVPN maintains a strict no-logs policy to protect user privacy and includes advanced security features like Threat Protection Lite. The app is optimized for battery efficiency and offers robust customer support, including 24/7 live chat. NordVPN's competitive pricing plans and various payment methods enhance its accessibility.