Android systems Archives

BetaBeacon

November 13, 2025

Based on the Horizon game, MMORPG for PC, iOS, and Android was announced (video)

NCSOFT has announced a new MMORPG called Horizon Steel Frontiers, set in collaboration with Sony and Guerrilla Games. The game will be available on PC, iOS, and Android, with a focus on mobile devices. It is set in the Deathlands region, inspired by Arizona and New Mexico landscapes, and will have a visually stunning aesthetic similar to Guerrilla Games' other titles. Players can join the "Zamin" channel on Telegram for updates and report any mistakes in the game by pressing Ctrl+Enter.

AppWizard

October 15, 2025

Android’s Strandhogg 2.0 Vulnerability Enables App Hijacking and Data Theft

A recently discovered vulnerability in Android devices, named Strandhogg 2.0, allows malicious applications to hijack legitimate ones and extract sensitive information without user awareness. This flaw affects nearly all devices running Android 9.0 or older, exploiting weaknesses in app permissions and task management. Attackers can overlay deceptive interfaces on trusted applications, capturing user credentials in real time. The vulnerability poses risks not only to individual users but also to enterprises relying on Android, as sensitive business data could be compromised. Google has acknowledged the issue and issued patches, but the slow rollout means many devices remain exposed. Users are advised to update their devices and scrutinize app permissions, while developers should implement stronger authentication mechanisms. The incident may lead to regulatory scrutiny for stricter security standards in the mobile sector.

AppWizard

October 15, 2025

Researchers expose critical Android flaw allowing apps to steal sensitive data

Security researchers have identified a data theft technique called Pixnapping that exploits vulnerabilities in Android devices, specifically targeting sensitive information from various applications without needing special permissions. This method allows malicious apps to capture data from other apps or websites, including sensitive information from platforms like Google Maps, Gmail, Signal, Venmo, and two-factor authentication codes from Google Authenticator. The technique utilizes a hardware side channel known as GPU.zip to read screen pixel data by measuring rendering times. The data leak rate is between 0.6 to 2.1 pixels per second, sufficient to reconstruct sensitive information. The vulnerability is designated as CVE-2025-48561 and affects Android versions 13 through 16, including devices like the Pixel 6 to 9 and Galaxy S25. A partial patch was released in September 2025, with a comprehensive solution expected in December. The attack allows benign applications from the Google Play Store to potentially spy on sensitive on-screen data, highlighting broader concerns regarding side-channel vulnerabilities that arise from hardware data processing rather than software bugs. While Google has stated there is no evidence of exploitation currently, the existence of this attack suggests that malware could bypass traditional security measures. Google is working on additional fixes to limit misuse of the blur API and improve detection capabilities, but the underlying GPU.zip vulnerability remains unresolved. Users are advised to avoid untrusted apps and keep their devices updated, as more side-channel attacks similar to Pixnapping may emerge in the future.

AppWizard

August 26, 2025

Kremlin-Mandated Messaging App Constantly Spies On Users

Russia has mandated that all new smartphones and tablets sold within its borders come pre-installed with a messaging application called Max, developed by VK. Security experts have raised concerns about Max's functionality, describing it as a potential privacy risk due to its "excessive tracking" of user activities. The app lacks cryptography and is considered insecure by design, serving the purpose of surveillance. Max, which launched in March, is available to users with Russian and Belarussian phone numbers and features an AI chatbot, GigaChat 2.0, as well as functionalities for travel bookings and bank transfers. It requests permissions to access standard device features like the camera and microphone and is largely based on the earlier messaging service TamTam. Starting September 1, it will be required that Max is pre-installed on all mobile devices sold in Russia, alongside the domestic app store RuStore on Apple devices. Additionally, the government plans to enforce the installation of Lime HD TV on all smart televisions beginning January 1 of the following year.

AppWizard

July 23, 2025

Google is taking the hackers to court over a major Android fraud ring

Google is suing unidentified hackers in China for hijacking over 10 million devices to create the BadBox 2.0 botnet. The botnet has been found on budget Android streamers, tablets, and projectors, either preloaded with malware or infected during setup through dubious apps. Google’s Play Protect now automatically blocks anything linked to BadBox 2.0. The lawsuit was filed in a New York federal court following investigations by Human Security and Trend Micro. Compromised devices include TV streamers, projectors, car infotainment systems, and digital photo frames, many of which originated from China. Hackers gain access to home networks by preloading malware or infiltrating devices during setup. The BadBox malware operates in the background, generating fraudulent ad clicks. Google is concerned about the financial burden of fake ad traffic and the impact on user trust and its reputation.

AppWizard

July 14, 2025

How to disable Gemini AI on Android and keep control of your apps

Google is integrating its AI, Gemini, with Android systems, allowing access to applications like WhatsApp, Messages, and Phone, starting July 7, 2025. This integration may override existing privacy settings unless users disable Gemini. Users can restrict Gemini's access to apps through the Google Gemini app settings or uninstall it. If Gemini is not pre-installed, it will not be automatically installed on devices. Disabling Gemini maintains previous privacy settings, but conversations may still be reviewed by human reviewers for AI training, with data retention lasting up to three years. Users are advised to avoid sharing sensitive information in Gemini chats.

AppWizard

July 3, 2025

Fake Apps, AI Scams Drive 151% Android Malware Spike, Smishing Grows 692%, Spyware Quadruples

Android malware has surged by 151% since the beginning of the year, with a notable 147% increase in spyware in 2025. Spyware activity peaked in February and March, reaching nearly four times the baseline. Smishing attacks via SMS increased by 692% between April and May. Banking trojans and spyware are increasingly hidden in seemingly legitimate applications, such as fake loan services. Over 30% of Android devices run outdated software lacking security patches, exposing users to vulnerabilities. Cybercriminals are developing interconnected operations that target sensitive user data. Google Play Protect is not fully effective, and users are advised to download apps only from official sources, review app permissions, deny unnecessary notification access, keep software updated, and use trusted mobile security apps.

AppWizard

March 19, 2025

These malicious Android apps were installed over 60 million times – here’s how to stay safe

Cybersecurity experts from Bitdefender discovered an ad fraud scheme involving over 300 Android applications that collectively had more than 60 million downloads from the Google Play Store. These apps, which appeared as utility tools like QR scanners and health apps, mainly targeted users with older Android versions (Android 13 and earlier) and first appeared in the third quarter of 2024. As of the research's completion, only 15 of the identified apps were still active, with most affected users located in Brazil, and others in the United States, Mexico, Turkey, and South Korea. The deceptive apps concealed their icons, displayed intrusive ads without user consent, and attempted to harvest sensitive information. Many of these harmful apps have been removed from the Play Store, but users with them installed remain vulnerable. Signs of compromise include lagging, excessive ads, overheating, or unexpected data usage. Users are advised to uninstall suspicious apps and to use the latest version of Android, currently Android 15.

AppWizard

March 18, 2025

331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security

Security researchers at Bitdefender have identified a major ad fraud operation involving 331 malicious applications on the Google Play Store, which have over 60 million downloads. These apps exploit vulnerabilities in Android 13 to bypass security measures and conduct phishing attacks, ad fraud, and credential theft. The malicious apps disguise themselves as utility tools, such as QR scanners and health apps, and display intrusive full-screen ads even when not in use. They also attempt to collect sensitive user data without requiring typical permissions, indicating advanced manipulation of Android APIs. The attackers employ various techniques to evade detection, including hiding app icons, launching activities without user interaction, and using persistence mechanisms to remain active on devices. Most of these apps were first active on Google Play in the third quarter of 2024, initially appearing benign before being updated with malicious features. The latest malware was uploaded to the Play Store as recently as March 4, 2025, with 15 apps still available for download at the time of the investigation. The attackers likely operate as a single entity or a collective using similar packaging tools from black markets. They utilize advanced obfuscation techniques to avoid detection, including string obfuscation, polymorphic encryption, runtime checks for debugging, and native libraries obfuscated with specialized tools. This situation highlights significant vulnerabilities in Android's security framework and emphasizes the need for robust third-party security solutions, as attackers continue to adapt their methods.

Tech Optimizer

February 19, 2025

Norton 360 Deluxe: the multi-layered digital shield and VPN for your devices

In the first half of 2024, Canada reported 41,000 cyber incidents, emphasizing the need for enhanced online security. Norton 360 Deluxe offers a comprehensive security solution that includes features such as dark web monitoring, a built-in VPN, parental controls, and 50GB of cloud storage. A 15-month subscription is currently available at a reduced price, allowing protection for up to five devices against various cyber threats.