malicious apps Archives

AppWizard

March 21, 2026

I don’t recognize the Android I fell in love with anymore

In 2010, the author purchased a Samsung Galaxy 5, which introduced them to the Android ecosystem characterized by freedom, openness, and choice. By 2026, the Android platform had evolved significantly, with restrictions on sideloading impacting the author's nostalgic view of the system. The early 2010s were marked by diverse hardware innovations, such as microSD expansion and customizable features, alongside software freedom that allowed for extensive customization and app installations. Over time, Android transitioned to a more structured ecosystem focused on user safety, reflecting the need to protect personal information. The author acknowledges the trade-off between openness and security, recognizing the importance of safeguarding users, even if it means accepting a more restrictive environment.

AppWizard

March 20, 2026

Google adds 24-hour Android sideloading for unverified apps

Google is revising its approach to Android sideloading by allowing users to install applications from unverified developers while implementing a new 24-hour process to enhance security. Users must activate developer mode, confirm their decision, restart their devices, and re-authenticate before installation. A one-time 24-hour waiting period is also introduced to prevent scams. This change addresses concerns from developers and advocacy groups about the impact of stringent verification policies on smaller developers. Google is also offering limited-distribution accounts for students and hobbyists to share apps without full verification. The updated process includes additional security measures to disrupt scams, while users are encouraged to use dedicated security solutions for better protection against mobile threats.

AppWizard

March 13, 2026

Google’s Android boss talks Android 17, sideloading drama, and why he hates phone cases

MWC (Mobile World Congress) in Barcelona is a significant event for the tech industry, where companies unveil new hardware and showcase emerging ideas. At MWC 2026, Sameer Samat, President of the Android Ecosystem, discussed the evolution of Android, particularly focusing on Android 17, which aims to transition from an operating system to an intelligent system. This version will integrate AI capabilities through Gemini, allowing for more intuitive task management. Android 17 will introduce early agentic capabilities, initially available in a beta feature for select devices, enabling users to automate multi-step tasks. Samat confirmed that Google has no plans to remove sideloading, despite concerns about app security. Upcoming changes to sideloading will focus on verifying app identities to protect users from malicious apps while still allowing power users to install unverified software. He emphasized the importance of balancing openness and safety in the Android platform. Samat expressed excitement about current Android phones, highlighting trends in foldable devices and praising models from brands like Motorola and Nothing for their appeal to younger consumers. He mentioned using a Galaxy Z Fold 7 for work and a Pixel 10 Pro for personal use, noting the beauty of the devices and his preference not to use cases.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.

Winsage

February 27, 2026

De-Enshittify Windows 11: Make Windows 11 More Secure ⭐

Windows 11 offers a mix of security and privacy features, with a recommendation for users to opt for a Copilot+ PC with a Qualcomm Snapdragon X-series processor for enhanced security. Most users log in with a Microsoft account, which provides benefits such as two-factor authentication, device-bound passkeys, account recovery options, and automatic disk encryption. However, using a local account poses security risks, including limited recovery options and lack of support for key security features. To secure Windows 11, users should take several steps during initial setup or later, including enabling Windows Security features, verifying device encryption, and enhancing sign-in security through Windows Hello options like facial and fingerprint recognition. Additional security features such as Controlled Folder Access and Smart App Control can be configured for better protection. Users are advised to remove unnecessary third-party security apps and keep Windows 11 and installed applications up-to-date to maintain security. Regular updates and proper configuration of Windows Update settings are also essential for preventing disruptions and ensuring data safety.

AppWizard

February 21, 2026

Android users put on high alert: Malware hides in TV streaming apps

A new strain of malware called Massiv has been identified by the fraud detection firm ThreatFabric. This malware disguises itself as legitimate IPTV applications to steal financial information and identities. IPTV refers to Internet Protocol Television, often associated with unauthorized content streaming. Many of these malicious apps are not found on reputable platforms, leading users to unofficial sources where malware can be embedded. The malware can monitor screens in real-time and extract data from the phone's Accessibility Service, allowing attackers to interact with devices without users' knowledge. Cybercriminals can then open bank accounts in victims' names, leading to debts with banks the victims have never interacted with. ThreatFabric has noted an increase in fake IPTV applications used for malware delivery, particularly in Portugal, Spain, France, and Turkey. Many of these apps do not provide free content but instead deliver malware. Users are advised to avoid sideloading applications from untrusted sources.

AppWizard

February 20, 2026

Google Highlights Huge AI‑Driven Crackdown On Android Malware And Fraud Apps

Google has blocked 1.75 million malicious apps from being published on the Play Store in 2025 and shut down over 80,000 developer accounts attempting to distribute harmful applications. Additionally, Google blocked 255,000 apps from gaining excessive access to sensitive user data. The company is implementing a verification process for developers to ensure accountability and legitimacy behind apps.

AppWizard

February 20, 2026

Google says its AI systems helped deter Play Store malware in 2025

Google reported a decrease in malicious apps targeting its Google Play platform, preventing 1.75 million policy-violating apps from being published in 2025, down from 2.36 million in 2024 and 2.28 million in 2023. The company banned over 80,000 developer accounts in 2025 for attempting to publish harmful apps, a decrease from 158,000 in 2024 and 333,000 in 2023. Google conducts over 10,000 safety checks on every app before publication and has integrated generative AI models into the app review process. The company prevented more than 255,000 apps from gaining excessive access to sensitive user information, down from 1.3 million in 2024, and blocked 160 million spam ratings and reviews. Additionally, Google Play Protect identified over 27 million new malicious apps, an increase from 13 million in 2024 and five million in 2023.

AppWizard

February 20, 2026

Google banned 80,000 developer accounts, blocked 27 million dangerous apps from outside Google Play and more: How Google kept Android users safe in 2025 – The Times of India

Google's annual review highlighted its security measures for Android and Google Play, reporting that in 2025, it prevented over 1.75 million policy-violating apps from being published and banned more than 80,000 developer accounts. Google Play conducted over 10,000 safety checks on every app, blocked 160 million spam ratings, and Google Play Protect scanned over 350 billion Android apps daily. New fraud protection features were introduced, blocking 266 million risky installations and protecting users from 872,000 high-risk applications. Developer tools were enhanced with Play Policy Insights and expanded pre-review checks, while the Play Integrity API conducted over 20 billion checks daily. Google plans to invest further in AI-driven defenses and implement developer verifications in 2026.

AppWizard

February 20, 2026

Google cleans house, bans 80,000 developer accounts from the Play Store

Google blocked the publication of over 1.75 million policy-violating applications on its Google Play platform in 2025 and took action against over 80,000 developer accounts attempting to introduce harmful apps. The company conducted more than 10,000 safety checks on every app and integrated generative AI models into its app review process, preventing over 255,000 apps from gaining excessive access to sensitive user data. Google blocked 160 million fake or manipulated ratings and reviews in the previous year and identified more than 27 million new malicious apps from outside Google Play, thwarting 266 million risky installation attempts in 2025. Google introduced in-call scam protection to prevent users from disabling Google Play Protect during phone calls. The Play Policy Insights tool provides developers with real-time feedback, and the Play Integrity API performs over 20 billion daily checks to prevent abuse. Google plans to extend developer verification to all developers and has implemented protections for sensitive data in Android 16.