Android security Archives

AppWizard

July 9, 2025

TapTrap Android Exploit Allows Malicious Apps to Bypass Permissions

A new Android vulnerability named TapTrap allows malicious applications to bypass the operating system's permission system without requiring special permissions. It exploits activity transition animations to mislead users into granting sensitive permissions or executing harmful actions. Researchers from TU Wien analyzed 99,705 applications on the Google Play Store and found that 76.3% are susceptible to this attack. TapTrap uses low-opacity animations (approximately 0.01 alpha) to make sensitive permission dialogs nearly invisible while still registering touch events. The attack can last up to six seconds and can lead to unauthorized access to critical functionalities like the camera and microphone, and even device administrator privileges. TapTrap bypasses existing defenses against tapjacking in Android, affecting popular web browsers as well. A user study showed that all participants failed to detect at least one variant of the attack. As of June 2025, Android 15 remains vulnerable, with no timeline for a comprehensive fix. The vulnerability has been assigned two CVEs, and researchers disclosed their findings to Google in October 2024. They propose solutions to mitigate the risks, including blocking touch events during low-opacity animations and setting an opacity threshold of 0.2.

AppWizard

July 9, 2025

Google Pixel July 2025 Update Brings Android 16 Fixes: Pixel 6a Gets Battery Controls, Pixel 9 Series Sees Wi-Fi and App Improvements

Google has begun rolling out the July 2025 update for Android 16, specifically for Pixel devices, with the build number BP2A.250705.008. This over-the-air (OTA) update focuses on bug fixes and performance enhancements, particularly for network connectivity and app rendering. The Pixel 6a is now part of the Google Battery Performance Programme, which aims to improve battery longevity and safety by introducing background controls that limit charging speed and capacity after around 400 charge cycles. Users may qualify for free repairs, partial refunds, or trade-in bonuses for battery-related issues. The Pixel 9 and Pixel 8 series receive performance enhancements, especially in app visuals and Wi-Fi stability. The Pixel 6 and Pixel 7 series see general stability improvements, while the Pixel Tablet and Pixel Fold experience app optimization for display orientation. Notably, the update does not include the July Android security patch or a list of Common Vulnerabilities and Exposures (CVEs). The update is available for the Google Pixel 9, 8, 7, 6, 6a, Fold, and Tablet.

AppWizard

July 6, 2025

Cybersecurity alert: 10 Android apps spy on your conversations without your knowledge, remove them from your phone immediately

Recent findings have identified a cyberespionage campaign using Google Play to distribute malicious applications, with four apps on the Play Store and six through other channels. The campaign disguises itself as romantic outreach via messaging services like Facebook Messenger and WhatsApp. The malicious applications fall into three categories: 1. Standard Messaging Applications, which gather personal information and include the VajraSpy trojan. 2. Accessibility Exploiters, which use accessibility features to intercept communications and include the Wave Chat app that records calls and captures keystrokes. 3. News Medium Impersonators, which solicit phone numbers and can intercept contacts and sensitive documents. Twelve dangerous applications have been flagged: Rafaqat, Private Talk, MeetMe, Let’s Chat, Quick Chat, Chit Cat, YohooTalk, TikTok, Hello Cha, Nidus, GlowChat, and Wave Chat. The first six apps had over 1,400 downloads before removal. These applications use advanced techniques to bypass Android security protocols, allowing eavesdropping on communications. Users are advised to uninstall these apps immediately, exercise caution when downloading new applications, and regularly review app permissions and system updates to enhance security.

AppWizard

July 6, 2025

Android users pumped with features as the OnePlus 13 update arrives

OnePlus has started rolling out a firmware update for the OnePlus 13 in the U.S., identified by build number CPH2655_15.0.0.832(EX01), with a size of 7.47GB. The update includes the June Android security patch and introduces several new features: remote control support for Windows PCs, a Game Camera for live screenshots and recording during gameplay, a Speaker Cleaner for audio performance, a Drag & Drop feature for third-party apps, and a "reduce white points" option for color sensitivity. Additionally, it brings system-wide improvements such as enhanced app management in Settings, improved responsiveness of floating windows, smoother animations, stacked notifications summary, better color consistency for navigation and app icons, and optimized background app support. A similar update is also being rolled out to the OnePlus 13R.

AppWizard

June 27, 2025

Your Android phone is getting a big security upgrade for free

Google has introduced various security features for Android users to protect against scams and malware. Key enhancements include: 1. Protection against scam calls with warnings and blocking actions related to disabling Google Play Protect, sideloading apps, and granting accessibility permissions. Screen sharing reminders will be provided on devices running Android 6 or higher. 2. In-call protections for banking apps, alerting users to potential risks when sharing screens with unknown callers, available for participating banks on devices running Android 11 or higher. 3. Improved scam detection in Google Messages, targeting various types of scams, including job scams, cryptocurrency scams, and technical support scams. 4. The Key Verifier tool for verifying contact identities through public encryption keys, ensuring private conversations. 5. Enhanced mobile theft protection with the Identity Check tool expanding to more devices running Android 16, reinforced protections against unauthorized factory resets, and hidden one-time passwords on the lock screen. 6. An Advanced Protection Program for targeted attacks, cryptographically verifying login operations on devices running Android 16. 7. Improvements to Google Play Protect, utilizing new on-device rules for malware detection and providing warnings about potentially malicious apps. 8. Ongoing commitment to enhancing overall Android security with each new version and updates to Google Play services.

AppWizard

June 20, 2025

Godfather Android malware takes over banking apps

A new version of the Android malware Godfather creates isolated virtual environments on mobile devices to steal account details and transactions from banking apps. It targets over 500 banking, cryptocurrency, and e-commerce applications globally, utilizing a fully virtual file system, virtual process IDs, intent spoofing, and a component called StubActivity. Godfather manifests as an APK app with a virtualization framework, scanning for targeted applications and encapsulating them within its virtual environment. It intercepts permissions for accessibility services, redirecting them to a StubActivity that launches the virtual version of the banking app, allowing it to capture sensitive information. The malware can record account details, passwords, and PIN codes using Xposed for API hooking. It employs a fake lock screen overlay to trick users into entering their credentials and can manipulate user interfaces and execute transactions within the legitimate banking app. Godfather first emerged in March 2021 and has evolved significantly since then, with the latest iteration demonstrating advancements from previous versions.

AppWizard

May 20, 2025

Best Android Security Apps for Enterprise and Personal Use

Android holds a 71.65% market share as the leading mobile operating system. In 2025, users face sophisticated cyber threats such as ransomware and phishing scams. Android Enterprise provides a multi-layered defense system validated by the U.S. Department of Defense, featuring AI-driven threat detection that blocks 99.8% of malware through 100,000 daily app scans. It supports three device management models: Fully Managed Devices (COBO), Work Profiles (BYOD), and Dedicated Kiosk Mode. Recent enhancements include automated security patch deployment and hardware-backed key attestation. Leading Mobile Device Management (MDM) solutions include TinyMDM, which offers real-time location tracking and remote device wiping, and integrates with Microsoft Intune for conditional access. Harmony Mobile combines app reputation scanning with network-level phishing prevention. Emerging trends in enterprise security include AI-powered anomaly detection, with 42% of enterprises adopting Zero Trust principles, and rugged device management optimized for industrial environments. For personal protection, Bitdefender Mobile Security leads AV-Test rankings, Kaspersky Premium blocks 5.6 million malware attacks monthly, and Norton 360 Deluxe includes biometric app locking. Privacy tools like ExpressVPN and DuckDuckGo Privacy Browser enhance user security. Google's Project Zero reports a 35% decline in critical Android vulnerabilities, attributed to improved patch adoption. The convergence of enterprise and personal security solutions is emphasized, with a focus on AI/ML integration for enterprises and comprehensive protection suites for individuals.

AppWizard

May 20, 2025

Preventing App-Based Threats on Android Devices

By 2025, the Android platform faces increasingly sophisticated app-based threats, including ransomware, fake apps, social engineering, and remote access attacks. Cybercriminals exploit Android's open architecture, prompting the need for advanced security measures. Android's security architecture includes: 1. Google Play Protect: Scans applications before installation using real-time machine learning to detect emerging malware and deceptive tactics. 2. Application Sandboxing: Isolates apps to prevent data access between them, utilizing Linux permissions and SELinux policies. 3. App Signing and Code Integrity: Requires cryptographic signatures for apps, complicating the introduction of rogue certificates and runtime modifications. Advanced protections include Runtime Application Self-Protection (RASP) for high-security apps, which monitors behavior in real time, and secure coding practices that encourage regular code reviews, strong authentication, and data encryption. User vigilance is crucial, emphasizing responsible downloading, limiting permissions, keeping software updated, enabling two-factor authentication, and being cautious with public Wi-Fi. Google continuously updates security measures, ensuring older devices receive new protections, while collaboration with the security community aids in identifying and countering emerging threats.

AppWizard

May 15, 2025

New malware infects Android devices — full list of apps to delete immediately

Cybersecurity experts have identified a new threat to Android users called Kaleidoscope malware, which has infiltrated various popular applications not available on the Google Play Store. This malware operates in the background, collecting personal information, displaying intrusive ads, and potentially allowing more harmful malware to enter. Users are advised to check their device settings for suspicious apps, uninstall them, restart their devices, and review app permissions, especially for those requesting access to sensitive features. Experts recommend downloading apps only from trusted sources, being cautious about permissions, and regularly updating systems to address security vulnerabilities. Google has identified 62 dangerous vulnerabilities in Android devices, with two being particularly threatening, and users are urged to update their devices promptly.

AppWizard

May 14, 2025

Google Will Prevent Unknown App Downloads During Calls On Android 16

Google has introduced Advanced Protection for Android devices, aimed at enhancing security for users, especially those in public-facing roles. This feature was showcased on May 13, 2025, and will be released with Android 16 in June. Key functionalities include an Offline Device Key, Theft Detection, and Play Protect. Advanced Protection will restrict sideloading applications and downloading from third-party sources. It also blocks downloads from unknown sources during active phone calls and restricts access to banking applications during calls. Users will be unable to share screens with third-party applications while on calls. The initiative is currently being tested in various countries.