identification Archives

AppWizard

March 24, 2026

Google’s going to make it more difficult to sideload apps on Android phone

Google is implementing a new "advanced flow" for sideloading apps on Android to enhance security. This change will introduce multiple steps before sideloading can occur, including enabling Developer Mode, confirming the user's intent, and requiring a device restart and re-authentication. A mandatory one-day "security wait" will also be introduced, which can be verified through biometrics or a PIN, allowing users time to reconsider their decision. After this initial wait, sideloading can be enabled indefinitely or temporarily for seven days. Android will continue to warn users about unverified apps, and these changes aim to protect users from scams that pressure them into installing harmful software. Additionally, Google is planning stricter checks for app distribution and launching "limited distribution" accounts for developers.

AppWizard

March 24, 2026

Russia pushes unencrypted Max messenger as WhatsApp, Telegram face restrictions

The Max messenger app, launched by VK in March 2025, has gained popularity in Russia, particularly as the government restricts messaging apps like WhatsApp and Telegram. The app combines messaging, social media, government services, digital identification, and banking. President Vladimir Putin supports it as a means to achieve "technological sovereignty," and a law designates Max as a "national multifunctional messenger." Digital Development Minister Maksut Shadayev has promoted Max, which is also featured prominently on state television. Although not mandatory, there is significant pressure on citizens to use it, with schools and corporations transitioning communications to Max. As of March, the app surpassed 100 million users and is on Russia's "white list" of digital services that remain operational during internet blackouts. Since September, it has been pre-installed on all phones and tablets sold in Russia, with the RuStore app store being mandatory for Apple devices. Max does not offer end-to-end encryption, and user data is stored on Russian servers, with policies allowing data sharing with authorities. Critics, including the Budushcheye political movement, express concerns about surveillance and the app's functionality as a "digital trap." Despite government assurances, disruptions on Telegram and WhatsApp have been reported, with limitations on calls initiated by the government citing non-cooperation from these foreign-owned services.

AppWizard

March 21, 2026

FBI, CISA issue PSA on Russian intelligence campaign to target messaging apps

The FBI and CISA issued a joint public service announcement about Russian hackers targeting commercial messaging applications like Signal and WhatsApp. The hackers use social engineering tactics to deceive users into giving up account access, including impersonating support personnel and prompting users to click on malicious links or provide sensitive information. Although the hackers have not yet bypassed the apps' end-to-end encryption, compromised accounts can lead to serious consequences, such as reading messages and launching further phishing attacks. The agencies recommend that users enhance their cybersecurity measures to protect against these threats. This campaign is part of a broader trend to undermine the security of messaging apps, with previous warnings about spyware and attempts to infiltrate Signal users, especially in conflict zones.

AppWizard

March 20, 2026

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google has introduced a new "advanced flow" for Android sideloading, which includes a mandatory 24-hour waiting period for users installing applications from unverified developers. This follows a developer verification mandate requiring all Android applications to be registered by verified developers to help identify malicious actors and reduce malware distribution. The new sideloading protocol aims to mitigate risks from cybercriminals who may deceive users into disabling Play Protect, Google's anti-malware feature. Over 50 app developers and marketplaces, including F-Droid and Brave, have expressed concerns about the registration requirements, arguing they could create barriers and raise privacy issues. Google has outlined a one-time process for sideloading apps, which includes enabling developer mode, confirming voluntary sideloading, restarting the device, waiting 24 hours, and using biometric authentication or a PIN to install apps. Google plans to introduce free "limited distribution accounts" for hobbyist developers and students to share apps with up to 20 devices without needing government-issued IDs or registration fees. This process will not apply to installations via the Android Debug Bridge (ADB) and is set to be available in August 2026, ahead of new developer verification requirements. This announcement comes as a new Android malware, Perseus, targets users in Turkey and Italy, with at least 17 distinct Android malware families identified in the past four months.

AppWizard

March 20, 2026

Certified Android devices won’t let user sideload APK app files anymore, or at least it won’t be straightforward

Starting September 2026, Google will regulate the sideloading of apps through APK files on certified Android devices. Users will need to pay a fee, agree to terms and conditions, provide government identification, upload evidence of the developer's private signing key, and list all application identifiers. There are three methods for sideloading: 1. Sideloading from verified developers, requiring a verification process. 2. Sideloading from developers with limited distribution accounts, allowing sharing with up to 20 devices without ID or fees. 3. Sideloading from unverified developers, which involves enabling developer mode, confirming the user is not being scammed, restarting the phone, waiting 24 hours, and confirming identity through biometric authentication or device PIN. These changes aim to enhance security and reduce scams while still allowing some flexibility for developers.

AppWizard

March 20, 2026

Google adds 24-hour waiting period to Android app sideloading: Here’s what changes

Google is set to implement a new protocol for sideloading applications on Android devices in August 2026, featuring a multi-step process that enhances security. Users will need to activate developer mode and confirm their independent action, followed by a device restart and a mandatory 24-hour waiting period before installing any APK. After this period, users must authenticate their identity and choose between a seven-day or indefinite access for unverified installations, with a warning displayed for each unverified app. This 24-hour cooldown aims to reduce scams, as 57% of surveyed adults reported experiencing scams in the past year, leading to significant financial losses. Additionally, a developer verification process will begin in September in select countries, requiring identification and a fee, while verified developers will be exempt from the new sideloading steps. Google will also offer free limited distribution accounts for students and hobbyists to share apps with up to 20 devices.

AppWizard

March 19, 2026

Google To Impose 24-Hour Safety Wait To Activate Android App Sideloading

Google is introducing a mandatory 24-hour waiting period for sideloading apps from unverified developers on Android devices to enhance security and combat scams and malware. This new measure is part of an "advanced flow for sideloading" and follows a reconsideration of Google's previous policy requiring all app installations to come from verified developers. Users must enable developer mode, receive a warning prompt about potential scams, restart their devices, and then wait 24 hours before installing apps from unverified sources. This delay is intended to counteract the urgency exploited by scammers. The 24-hour delay applies only to unverified developers, while verified developers remain unaffected. The new sideloading process is set to roll out in August, initially in Brazil, Indonesia, Singapore, and Thailand, with a broader global implementation planned for 2027. In response to criticism, Google will offer free, limited distribution accounts for students and hobbyists to share apps without requiring identification or fees.

AppWizard

March 19, 2026

RUSSIA Mammut virus hits Russia’s patriotic messaging app

A virus known as Mamont is targeting users of the messaging platform Max, which has 100 million registered profiles. Mamont infiltrates online banking applications and spreads primarily through family and parental chat groups, allowing cybercriminals to steal payment information. The virus often begins with a deceptive message prompting users to click, leading to the silent download of a Trojan that siphons off data. Despite claims from the Max press service that the virus's spread is exaggerated, concerns remain about the security of user data, particularly given that all communications on Max are monitored by the state. Many users resort to using a second device, referred to as Maxofon, to comply with the platform's requirements while keeping their primary device for other applications.

AppWizard

March 13, 2026

F-Droid says Google’s Android developer verification plan is an ‘existential’ threat to alternative app stores

Developers distributing apps outside of Google's Play Store will be required to register with Google in certain countries starting in September, with plans for global expansion by 2027. This policy aims to enhance security by removing anonymity from developers but comes with a registration fee and the need for government identification. F-Droid, an open-source app repository, has raised concerns that this policy could threaten its existence by mandating a single signature for all apps. F-Droid initiated a public campaign against these changes, garnering support from various organizations. Despite some interest from regulators, progress is slow, and there are fears that Google's verification program may be implemented before any regulatory action occurs. F-Droid encourages developers to avoid signing up for the early access program and has launched a petition to voice concerns.

AppWizard

March 13, 2026

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

The FBI has launched an investigation into malware threats associated with PC games on Steam, particularly targeting users from May 2024 to January 2026. The games identified include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all linked to malware incidents. For example, PirateFi was designed to steal browser cookies, Chemia updated itself with malicious software, and BlockBlasters was identified as a Trojan that siphoned cryptocurrency. The FBI's alert also mentions Lampy, which may harbor malware. Valve, the parent company of Steam, has not responded to inquiries but has warned users about the affected games. The investigation suggests a potential link to a single group or individual, with reports indicating that victims were lured through Telegram messages offering free game keys or job opportunities.