Android systems Archives

AppWizard

March 19, 2025

These malicious Android apps were installed over 60 million times – here’s how to stay safe

Cybersecurity experts from Bitdefender discovered an ad fraud scheme involving over 300 Android applications that collectively had more than 60 million downloads from the Google Play Store. These apps, which appeared as utility tools like QR scanners and health apps, mainly targeted users with older Android versions (Android 13 and earlier) and first appeared in the third quarter of 2024. As of the research's completion, only 15 of the identified apps were still active, with most affected users located in Brazil, and others in the United States, Mexico, Turkey, and South Korea. The deceptive apps concealed their icons, displayed intrusive ads without user consent, and attempted to harvest sensitive information. Many of these harmful apps have been removed from the Play Store, but users with them installed remain vulnerable. Signs of compromise include lagging, excessive ads, overheating, or unexpected data usage. Users are advised to uninstall suspicious apps and to use the latest version of Android, currently Android 15.

AppWizard

March 18, 2025

331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security

Security researchers at Bitdefender have identified a major ad fraud operation involving 331 malicious applications on the Google Play Store, which have over 60 million downloads. These apps exploit vulnerabilities in Android 13 to bypass security measures and conduct phishing attacks, ad fraud, and credential theft. The malicious apps disguise themselves as utility tools, such as QR scanners and health apps, and display intrusive full-screen ads even when not in use. They also attempt to collect sensitive user data without requiring typical permissions, indicating advanced manipulation of Android APIs. The attackers employ various techniques to evade detection, including hiding app icons, launching activities without user interaction, and using persistence mechanisms to remain active on devices. Most of these apps were first active on Google Play in the third quarter of 2024, initially appearing benign before being updated with malicious features. The latest malware was uploaded to the Play Store as recently as March 4, 2025, with 15 apps still available for download at the time of the investigation. The attackers likely operate as a single entity or a collective using similar packaging tools from black markets. They utilize advanced obfuscation techniques to avoid detection, including string obfuscation, polymorphic encryption, runtime checks for debugging, and native libraries obfuscated with specialized tools. This situation highlights significant vulnerabilities in Android's security framework and emphasizes the need for robust third-party security solutions, as attackers continue to adapt their methods.

Tech Optimizer

February 19, 2025

Norton 360 Deluxe: the multi-layered digital shield and VPN for your devices

In the first half of 2024, Canada reported 41,000 cyber incidents, emphasizing the need for enhanced online security. Norton 360 Deluxe offers a comprehensive security solution that includes features such as dark web monitoring, a built-in VPN, parental controls, and 50GB of cloud storage. A 15-month subscription is currently available at a reduced price, allowing protection for up to five devices against various cyber threats.

Tech Optimizer

February 17, 2025

Mac users beware: AI-powered malware threats are on the rise

Apple devices, particularly Macs, are facing an increase in cyberattacks, with a new wave of sophisticated malware targeting sensitive data. The emergence of Atomic Stealer (AMOS) in mid-2023 marked a shift from less harmful adware to more serious threats, with AMOS being marketed as a user-friendly service. By mid-2024, Poseidon became the leading Mac information stealer, responsible for 70% of infections and capable of draining various cryptocurrency wallets and capturing sensitive credentials. Cybercriminals are also using malvertising to lure users into downloading disguised malware. Android users are experiencing an even more severe situation, with a significant rise in phishing attacks. In 2024, researchers identified 22,800 malicious apps designed for phishing, along with thousands capable of reading one-time passwords (OTPs). These apps often mimic legitimate software and can easily infiltrate app stores, including Google Play. While Google Play Protect offers some malware protection, it is not entirely effective. To protect against malware threats, it is recommended to use strong antivirus software, be cautious with downloads and links, keep software updated, use strong and unique passwords, and enable two-factor authentication (2FA) for critical accounts.

Tech Optimizer

February 11, 2025

Millions of Mac owners urged to be on alert for info-stealing malware

Mac owners should be vigilant in 2025 due to a significant rise in macOS infostealers, as indicated by the State of Malware report from Malwarebytes. These infostealers can extract sensitive personal information, such as credit card details and passwords, putting Mac users at risk similar to Windows users. Notable infostealers like Poseidon and Atomic Stealer can target over 160 cryptocurrency wallets and compromise VPN configurations. Most macOS infostealers rely on user deception for installation, making user caution essential. Recommendations for protection include downloading software only from trusted sources, using robust antivirus software, verifying links from unknown sources, enabling two-factor authentication, and considering a password manager or VPN. Cybercriminals are increasingly targeting Macs as their popularity grows.

AppWizard

November 28, 2024

These 15 Android apps are SpyLoan, you should delete them now

A report by McAfee’s mobile research team has identified up to 15 SpyLoan apps on the Google Play Store that compromise user privacy by collecting sensitive data without consent. These apps, disguised as legitimate loan services, have collectively garnered around 8 million downloads. Some of the identified apps have been removed or updated to remove harmful features, but users must manually uninstall any previously downloaded malicious apps. The report warns that similar threats may emerge, particularly during the holiday season when cybercriminals exploit increased consumer activity.

AppWizard

November 15, 2024

The Google Glass companion app might find a new life with Android XR

Google has introduced the Android Glasses Core app as part of its latest Android beta update, which shares the same package name as the companion application for the Google Glass Enterprise Edition 2. Samsung is expected to launch a new extended reality (XR) product in 2025, powered by a Qualcomm chipset, with a collaborative effort between Samsung, Qualcomm, and Google to develop a new version of Android for XR devices called Android XR. The recent beta release of Android 15 includes the Android Glasses Core app, categorized as a privileged system app, which has not been publicly available before. The app was previously associated with the Google Glass Enterprise Edition 2, launched in 2019, and facilitated streaming applications when paired with an Android phone. The version in the beta is newer and features a refreshed icon, suggesting a potential shift in purpose. Speculation arises that Google may be repurposing the Android Glasses Core app for upcoming Android XR products. Additionally, the Google Play Store is preparing for applications designed for Android XR headsets, indicating a seamless installation process, while Samsung aims to enhance connectivity among its products, including XR devices.

Tech Optimizer

November 13, 2024

SpyNote Malware Targets Android Antivirus Users

The Android Spynote malware disguises itself as a legitimate antivirus application called "Avast Mobile Security" to exploit vulnerabilities in Android systems. It requests permissions associated with antivirus apps, bypasses user restrictions, and excludes itself from battery optimization settings. Spynote simulates user gestures and displays misleading system update notifications to maintain its presence and hinder detection. Its primary target is cryptocurrency accounts, aiming to extract private keys and balance information for assets like Bitcoin, Ethereum, and Tether. The malware captures user credentials, stores them on the device's SD card, and employs obfuscation and evasion techniques to complicate detection efforts. It can detect virtual environments to evade analysis and monitors system settings to resist uninstallation attempts. Spynote is distributed through phishing sites that mimic the legitimate Avast download page, hosting malicious APKs named Avastavv.apk.

BetaBeacon

October 8, 2024

Google must allow third-party app stores on Android, Epic Games judge rules

A US judge has ruled that Google must allow third-party app stores on Android as a remedy in the antitrust case brought by Epic Games.

AppWizard

June 20, 2024

Tencent pulls DnF Mobile from app stores of Huawei, Oppo and Vivo

DnF Mobile has been removed from some Android platforms, including those of Huawei, Oppo, and Vivo, due to adjustments in cooperation with certain app stores.