installing apps Archives

AppWizard

November 23, 2025

Security experts issue urgent malware warning for Android and WhatsApp users

A newly identified vulnerability known as Sturnus poses a significant risk to users of messaging platforms like WhatsApp, Telegram, and Signal on Android devices, potentially affecting millions and leading to severe privacy breaches. This Trojan can grant cybercriminals complete remote control over infected devices, allowing them to surveil user activities, intercept messages, and steal banking information. It can create convincing fake login screens to harvest banking credentials and execute fraudulent actions while obscuring the device's display from the user. Although Sturnus is still in its developmental stage and has not achieved widespread distribution, security experts warn that its potential for harm is significant. To protect against such threats, users are advised to download applications only from the official Google Play Store, avoid unverified sources, review app ratings, verify developers' reputations, and refrain from installing apps accessed through links or social media.

AppWizard

November 13, 2025

Google will soon give Android power users a safer way to sideload apps from unverified developers

Google will block the installation of applications from unverified developers on Android starting next year to enhance user security against malware threats. Users will need to use ADB for sideloading apps, although an "advanced flow" will be developed to allow opt-in installation of unverified apps with explicit warnings about associated risks. Google will also introduce a new account type for students and hobbyists to distribute their applications to a limited audience without standard verification. The company is seeking early feedback on the "advanced flow" design and has invited developers distributing apps outside the Play Store to participate in an early access program for verification, with invitations extending to Play Store developers starting November 25.

AppWizard

November 13, 2025

Breaking: Google is easing up on Android’s new sideloading restrictions!

Google announced plans to implement restrictions next year that will block users from installing apps created by unverified developers, prompting backlash from the Android community. In response, Google introduced an "advanced flow" for experienced users willing to accept risks associated with installing unverified software, which will include clear warnings about the risks involved. Additionally, Google is launching an early access program for developers who distribute apps outside of the Play Store, allowing them to verify their identity before the new requirements take effect. Further details on this feature are expected in the coming months.

AppWizard

November 11, 2025

Android phone users may soon get a ‘battery’ warning before downloading these apps

Android users will soon see a red warning badge on the Google Play Store indicating that an app “may use more battery than expected.” This feature, developed with Samsung, targets apps that misuse “partial wake locks,” which can lead to significant battery drain. The update introduces a metric to monitor “excessive partial wake locks,” flagging apps that maintain over two cumulative hours of non-exempt wake locks in a 24-hour period. If at least 5% of an app’s user sessions exceed this threshold over 28 days, it will be marked as a battery drain culprit. Starting March 1, 2026, such apps will have reduced visibility in the Play Store and will display a red warning label about high background activity and potential battery drain. This initiative aims to improve battery performance and encourage developers to optimize their apps.

AppWizard

November 6, 2025

Google’s proposed Android changes won’t save sideloading

Google and Epic Games reached a settlement regarding the lawsuit Epic initiated in 2020, challenging Google's dominance in Android app distribution. The settlement includes changes in the upcoming Android 17 release, such as introducing "Registered App Stores," which are certified third-party app stores that users can install easily. The installation process will be simplified with a "single store install screen" and reduced user intervention for app installations. Google will also allow developers to use alternative payment options for in-app transactions, moving away from the exclusive use of Google Play Billing. Service fees on alternative payment methods may range from up to 20% to 9%. Google has committed to not discouraging OEMs or developers from collaborating with third-party app stores and will not restrict their pre-installation or home screen placement for three years following the agreement.

AppWizard

October 30, 2025

NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details

Researchers at zLabs have identified over 760 malicious Android applications that exploit Near Field Communication (NFC) technology to steal banking credentials and facilitate fraudulent transactions. This cybercrime campaign has expanded from isolated incidents in April 2024 to a widespread operation targeting financial institutions in countries including Russia, Poland, the Czech Republic, Slovakia, and Brazil. The malware utilizes social engineering tactics by impersonating around 20 legitimate banking institutions and government services, such as VTB Bank, Tinkoff Bank, and the Central Bank of Russia. The malware ecosystem is supported by over 70 command-and-control servers and private Telegram channels for data exfiltration. Attackers deceive victims into granting dangerous NFC permissions, allowing the malware to intercept payment data during contactless transactions. Some campaigns use paired applications for data extraction and fraudulent purchases, while others focus solely on data exfiltration. The malware maintains communication with its command-and-control infrastructure, enabling real-time relay attacks to conduct transactions using victims' payment credentials. The rapid spread of this NFC-based payment malware highlights the adaptability of cybercriminals as contactless payment technologies become more common. Financial institutions are urged to enhance fraud detection systems, mobile device manufacturers should tighten NFC permission controls, and users are advised to be cautious when granting NFC access to applications.

AppWizard

October 2, 2025

ESET Research discovers new spyware posing as messaging apps targeting users in the UAE

ESET Research has identified two new families of Android spyware: Android/Spy.ProSpy and Android/Spy.ToSpy. These malware campaigns target users of secure communication apps, specifically Signal and ToTok, and are distributed through deceptive websites and social engineering, primarily focusing on residents of the United Arab Emirates (UAE). Android/Spy.ProSpy pretends to be upgrades for the Signal and ToTok apps, while Android/Spy.ToSpy targets ToTok users exclusively. Both spyware families require manual installation from unofficial sources, as they are not available in official app stores. The ProSpy campaign was first noted in June 2025 but is believed to have been active since 2024, using misleading websites to distribute malicious APKs. ESET's findings indicate that the ToSpy campaigns are still ongoing, with command and control servers still operational. The spyware collects sensitive data, including contacts, SMS messages, and files, once installed. Users are advised to be cautious when downloading apps from unofficial sources and to avoid enabling installations from unknown origins.

AppWizard

October 2, 2025

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Cybersecurity researchers have identified two Android spyware campaigns, ProSpy and ToSpy, targeting users in the United Arab Emirates by impersonating popular applications like Signal and ToTok. These malicious applications are distributed through deceptive websites and social engineering tactics, requiring manual installation from third-party sites. The ProSpy campaign, active since 2024, uses misleading sites to host compromised APK files marketed as upgrades to Signal and ToTok. The ToSpy campaign, initiated around June 30, 2022, also employs counterfeit sites to deliver malware. Both spyware variants aim to steal sensitive data, including contacts, SMS messages, and files. The ProSpy app, ToTok Pro, contains a button that redirects users to the legitimate ToTok download page, while the Signal Encryption Plugin misleads users into downloading the genuine app. Both spyware types exfiltrate data before user interaction and maintain persistence through a foreground service and Android's AlarmManager. ESET is tracking these campaigns separately due to their different delivery methods, and the identities of those behind the activities remain unknown. Users are advised to be cautious when downloading apps from unofficial sources.

AppWizard

October 2, 2025

ProSpy and ToSpy: New spyware families impersonating secure messaging apps

ESET researchers have identified two Android spyware campaigns, Android/Spy.ProSpy and Android/Spy.ToSpy, targeting users of secure messaging apps like Signal and ToTok. These spyware families are distributed through deceptive websites and social engineering tactics, requiring manual installation from unofficial sources. The ProSpy campaign, operational since 2024, uses fraudulent websites to distribute malicious APKs disguised as a Signal Encryption Plugin and ToTok Pro, particularly targeting users in the UAE. The ToSpy campaign, discovered in June 2025, also targets users in the UAE, utilizing fake distribution sites impersonating the ToTok app. Both spyware types request access to contacts, SMS messages, and files, exfiltrating sensitive data in the background. ESET advises users to be cautious when downloading apps from unofficial sources.

BetaBeacon

October 2, 2025

Epic says it has proof Apple was scaring users off third-party app stores

The Epic Games Store has seen an increase in downloads following Apple's changes to streamline the process for installing third-party app marketplaces on iOS.