We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

malicious app

The Android Show I/O Edition: Everything that was announced from Android 16 to Android XR
AppWizard
May 14, 2025

The Android Show I/O Edition: Everything that was announced from Android 16 to Android XR

Google is unveiling key features ahead of the Google I/O event, including Material 3 Expressive (M3), which focuses on enhancing user experience through color, shape, size, motion, and containment. M3 will introduce a vibrant UI for smartphones and wearables, featuring a new "tear away" notification system and playful animations. The Pixel Watch will have animations that follow the display's curvature, and Wear OS 6 will allow users to customize color schemes and watch faces. Google's Gemini AI will be integrated into more devices, replacing Google Assistant and enhancing interactions on Wear OS, Google TV, Android Auto, and Android XR. Gemini will provide hands-free assistance for Wear OS users and facilitate natural conversations in Android Auto. It will also improve content discovery on Google TV and offer real-time planning assistance in Extended Reality devices. To combat online scams, Google is introducing privacy tools with Android 16, including enhanced warning systems in caller and Google Messages apps, AI-driven detection of fraudulent messages, and a Key Verifier program for secure end-to-end encrypted communication. Google Play Protection will implement live threat detection for malicious app changes.
Beware: 2.5 Million Monthly Downloads of These Risky Android Apps Could Endanger Your Device!
AppWizard
May 12, 2025

Beware: 2.5 Million Monthly Downloads of These Risky Android Apps Could Endanger Your Device!

The Kaleidoscope attack is an ad-fraud scheme targeting Android users by tricking them into downloading malicious versions of legitimate apps, primarily via third-party app stores. Approximately 2.5 million devices are infected each month, with notable occurrences in India, Indonesia, the Philippines, and Brazil. Users are advised to uninstall suspicious apps and avoid downloading from unverified sources to protect their devices.
These dangerous Android apps are installed 2.5 million times each month
AppWizard
May 9, 2025

These dangerous Android apps are installed 2.5 million times each month

Kaleidoscope is an ad-fraud attack targeting Android users by exploiting legitimate applications on the Google Play Store and offering malicious duplicates through third-party app stores. Approximately 2.5 million devices are affected monthly, with 20% of incidents occurring in India, and other impacted regions include Indonesia, the Philippines, and Brazil. Users unknowingly download legitimate-looking apps while malicious versions circulate elsewhere, leading to intrusive advertisements that disrupt user experience and generate revenue for cybercriminals. Google has removed flagged titles from the Play Store and is enhancing protections, but ad resellers often fail to properly vet their inventory. The adware causes device overheating, rapid battery drain, and sluggish performance, highlighting the need for user vigilance.
Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials
AppWizard
March 18, 2025

Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials

Bitdefender has identified at least 331 malicious applications on the Google Play Store, which have been downloaded over 60 million times. These apps, including QR code scanners and simple games, can display intrusive advertisements and compromise user data. A list of some remaining malicious apps includes ShapeUp, Beautiful Day, Destiny Book, Dropo, Handset Locator, Body Scale, Cache Sweep TEL: Clean, Five in a Row, Massm BMI, and Water Note. Many of these apps can bypass Android security measures, initiate without user interaction, and may launch phishing attacks. Users are advised to avoid these apps, manually remove any malicious apps they may have installed, and enable Google Play Protect for added security.
Large-Scale Malicious App Campaign Bypassing Android Security
AppWizard
March 18, 2025

Large-Scale Malicious App Campaign Bypassing Android Security

A recent analysis by Bitdefender has revealed a significant ad fraud campaign resulting in over 60 million downloads of malicious applications from the Google Play Store. The campaign involves at least 331 applications that can bypass Android's security measures, allowing them to remain undetected and activate without user interaction. These apps, which often disguise themselves as utility tools, are capable of displaying advertisements and launching phishing attacks without necessary permissions. Some of the malicious apps have been updated and continue to be active, while Google has been notified and is investigating the issue. The attackers employ various methods to conceal their apps, including hiding icons and exploiting system vulnerabilities. They also use custom command and control domains with encryption techniques to complicate detection efforts.
If you have an Android device, you may be at risk - this malicious application steals all the information from your device
AppWizard
March 17, 2025

If you have an Android device, you may be at risk – this malicious application steals all the information from your device

A spyware known as KoSpy, linked to North Korean hacking groups APT37 and APT43, was found disguised as a File Manager app on the Google Play Store. This malicious app accessed private data such as text messages, call logs, device location, stored files, and user keystrokes. It could also gather Wi-Fi network details, list installed applications, and record audio, capture images, and take screenshots without user awareness. The app was downloaded approximately a dozen times before Google removed it after security researchers raised concerns. Google Play Protect and additional security measures from smartphone manufacturers help protect Android devices from such threats. Users are advised to scrutinize app permissions and download apps from official sources to minimize risks.
New North Korean Android spyware slips onto Google Play
AppWizard
March 14, 2025

New North Korean Android spyware slips onto Google Play

A new Android spyware called KoSpy has been linked to North Korean threat actors, specifically the group APT37 (ScarCruft), and has infiltrated Google Play and APKPure through malicious applications. The campaign has been active since March 2022, targeting Korean and English-speaking users with apps disguised as file managers, security tools, and software updaters. Five identified applications involved are: 휴대폰 관리자 (Phone Manager), File Manager (com.file.exploer), 스마트 관리자 (Smart Manager), 카카오 보안 (Kakao Security), and Software Update Utility. KoSpy retrieves an encrypted configuration file from a Firebase Firestore database and connects to a command and control (C2) server, allowing it to evade detection. Its data collection capabilities include intercepting SMS and call logs, real-time GPS tracking, reading files, using the microphone and camera, taking screenshots, and recording keystrokes. Each application operates with a distinct Firebase project and C2 server for data exfiltration, with data encrypted using a hardcoded AES key. Although the spyware apps have been removed, users are advised to manually uninstall them and use security tools to eliminate any remnants. Google Play Protect can block known malicious apps, and all identified KoSpy applications have been removed from Google Play.
Google Relies On AI-Assist Threat Detection to Keep Android Safe
AppWizard
February 4, 2025

Google Relies On AI-Assist Threat Detection to Keep Android Safe

Google blocked 2.36 million apps from being published in 2024 due to violations of Google Play policies and banned over 158,000 developer accounts for attempting to distribute harmful applications. The company prevented 1.3 million apps from gaining excessive access to users' sensitive data. Over 92% of human reviews for harmful apps were AI-assisted, allowing for quicker and more accurate actions. Google implemented new requirements for developers to enhance transparency regarding data handling and introduced a "Data deletion" option for apps. Over 91% of app installations on the Google Play Store utilized the latest protections from Android 13 or newer. Google Play Protect scanned more than 200 billion apps daily and identified over 13 million new malicious apps from outside Google Play in 2024.
Search