malicious applications Archives

AppWizard

June 2, 2025

Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

On May 30, 2025, CERT Polska disclosed three security vulnerabilities affecting preinstalled Android applications on Ulefone and Krüger&Matz smartphones: CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917. - CVE-2024-13915: The com.pri.factorytest application allows any app to invoke the FactoryResetService, enabling unauthorized factory resets due to improper export controls (CWE-926). - CVE-2024-13916: The com.pri.applock application exposes a public method that allows malicious apps to steal the user’s PIN, representing an exposure of sensitive system information (CWE-497). - CVE-2024-13917: The exported activity in com.pri.applock allows privilege escalation by enabling malicious apps to inject intents with system-level privileges if they have access to the compromised PIN (CWE-926). Users of affected devices are advised to seek firmware updates or mitigations from their vendors.

AppWizard

June 2, 2025

Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection

Significant vulnerabilities have been identified in pre-installed applications on Ulefone and Krüger&Matz Android smartphones, disclosed on May 30, 2025. Three vulnerabilities affect these devices, including CVE-2024-13915, which targets the com.pri.factorytest application, allowing unauthorized factory resets. CVE-2024-13916 and CVE-2024-13917 affect the com.pri.applock application on Krüger&Matz smartphones, enabling malicious apps to extract user PIN codes and inject arbitrary intents. These vulnerabilities stem from improper export of Android application components, allowing malicious applications to bypass Android’s permission model. Users are advised to check for updates and consider disabling vulnerable applications.

Winsage

May 27, 2025

Microsoft Windows Warning—Do Not Install These Apps On Your PC

A recent advisory warns Microsoft users about malicious websites that install harmful applications on Windows PCs. Security researchers at DomainTools have identified a scheme where attackers create counterfeit websites resembling popular brands to trick users into downloading malware-laden applications. These applications deploy three types of malware: VenomRAT, StormKitty, and SilentTrinity, which can steal passwords and digital wallet information, and allow attackers to maintain control over compromised systems. The counterfeit sites impersonate well-known brands, including Bitdefender and various banks, highlighting the need for users to follow Microsoft's guidance on transitioning from passwords to passkeys. The attacks utilize open-source components, making them more efficient and adaptable. Users are advised to download software only from official websites, verify website addresses, and be cautious when entering credentials.

Tech Optimizer

May 25, 2025

Microsoft’s Smart App Control blocks malware and has ‘lighter impact on your PC’s performance’

Microsoft has introduced Smart App Control (SAC) with the rollout of Windows 11 22H2, enhancing its security framework by proactively blocking untrusted or unknown applications. Users must perform a fresh installation of Windows to utilize this feature. Unlike traditional antivirus solutions that operate on a reactive basis, SAC employs a "Guilty until proven innocent" approach, assessing applications against Microsoft's Intelligence Security Graph and verifying digital signatures to determine legitimacy. If an application is deemed potentially harmful or unsigned, it is blocked by Windows Security.

Tech Optimizer

May 18, 2025

Do I need antivirus software for Windows 11?

Windows 11 accounts for nearly 44% of global desktop users as of April 2025, making it a prime target for cybercriminals, with 83% of malware in 2020 aimed at Windows systems. Microsoft Defender, which comes pre-installed with Windows 11, offers commendable malware protection, basic ransomware protection, a SmartScreen feature for anti-phishing, and a firewall that monitors network traffic. While it provides a solid foundation for security, additional third-party antivirus software can enhance protection, offering more comprehensive features such as superior parental controls, integrated VPN services, and identity theft protection.

AppWizard

May 17, 2025

Android 16 is Google getting serious about foldables

Google recently launched Android 16, featuring significant user interface modifications and new animations, which have elicited mixed reactions from users. The update includes enhancements like improved network connectivity and security against malicious applications. The UI now dynamically adapts to user interactions, adding visual flair. During the Android Show, Google showcased various Android phones, with speculation about future tablet announcements at the I/O conference. The foldable phone market is currently dominated by Android devices, with expectations that foldables could become mainstream, despite challenges related to pricing and durability. Manufacturers are improving foldable designs to enhance resilience. As costs stabilize, foldables may replace traditional devices, offering multifunctional capabilities.

AppWizard

May 14, 2025

Google Will Prevent Unknown App Downloads During Calls On Android 16

Google has introduced Advanced Protection for Android devices, aimed at enhancing security for users, especially those in public-facing roles. This feature was showcased on May 13, 2025, and will be released with Android 16 in June. Key functionalities include an Offline Device Key, Theft Detection, and Play Protect. Advanced Protection will restrict sideloading applications and downloading from third-party sources. It also blocks downloads from unknown sources during active phone calls and restricts access to banking applications during calls. Users will be unable to share screens with third-party applications while on calls. The initiative is currently being tested in various countries.

AppWizard

May 13, 2025

Google announces new security features for Android for protection against scam and theft

Google unveiled new security and privacy features for its Android platform, focusing on safeguarding calls, screen sharing, messages, device access, and system-level permissions. Key measures include blocking unsafe actions during calls with unknown contacts, restrictions on side-loading apps from unverified sources, and limiting accessibility permissions to prevent scams. Users on Android 6 or later will not be able to disable Google Play Protect, which scans for harmful applications. Enhanced screen-sharing protection includes reminders to stop sharing after calls and a warning screen for banking apps when sharing with unknown numbers. Google Messages will improve scam detection using on-device AI for various fraud types. Verification keys in the Google Contacts app will allow users to authenticate contacts, with end-to-end encryption for verified conversations. Identity Check protection requiring biometric authentication will be extended to more devices, and stricter controls on Factory Reset functions will be implemented. Google is also enhancing its Play Protect program to detect unsafe apps and strengthening Advanced Protection Mode for public figures, along with introducing a new Find My Hub feature.

AppWizard

May 13, 2025

Your Android phone is getting a huge security upgrade for free

Google has introduced a suite of security tools for Android users to protect against various threats, including: 1. Protection against Scam Calls: Alerts users to potential scam calls and blocks harmful actions, focusing on disabling Google Play Protect, preventing sideloading of unverified apps, and restricting accessibility permissions. 2. In-call Protections for Banking Apps: A feature that warns users when they open banking apps while sharing their screen with unknown callers, starting in the UK, and automatically enabled for participating banks on devices running Android 11 or higher. 3. Improved Scam Detection in Google Messages: Enhanced scam detection capabilities that now cover a wider range of scams, including toll road, cryptocurrency, financial impersonation, gift card, and technical support scams. 4. Better Encryption for Text Messages via Key Verifier: A tool that allows users to confirm contacts' identities through public encryption keys, enhancing privacy and security. 5. Stronger Mobile Phone Theft Protection: Expanded theft protection features, including the Identity Check tool, restrictions on unauthorized factory resets, and obscured one-time passwords on the lock screen. 6. Advanced Protection for Mobile Devices: An Advanced Protection Program offering cryptographic verification for all login operations, available on devices running Android 16. 7. Improvements to Google Play Protect: Upgrades to identify malicious apps before installation and live threat detection to alert users of suspicious app behavior. 8. Enhancing Overall Android Security: Ongoing commitment to improve Android security through regular updates and new tools to protect users from evolving cyber threats.

AppWizard

May 13, 2025

Google talks smarter security against fraud and theft in The Android Show

Google has announced updates to enhance security and privacy for Android users, including: - Enhanced scam protection for calls and text messages. - Updated Factory Reset protections limiting phone functionality if reset without owner consent. - Upgraded Live Threat Detection in Google Play Services to identify malicious applications. - Introduction of the Key Verifier feature for verifying identities in conversations using public encryption keys, launching this summer for Android 10 and higher. - Expansion of the Identity Check feature to more devices with the upcoming Android 16 release. - Concealment of one-time passwords on the lock screen in Android 16. - Extension of the Advanced Protection program to a broader audience. - Rollout of live threat detection capabilities in Google Play Protect for Pixel 6 and newer devices and other smartphones. - Announcement of Google I/O 2025 scheduled for May 20 at 10 am PT (1 pm ET).