Play Services Archives

Tech Optimizer

February 22, 2026

Researchers Discover First Android Malware Using Generative AI for Persistence

Security researchers have identified a new Android Trojan named PromptSpy that uses generative AI technology to enhance its persistence on compromised devices. Discovered by ESET researchers, PromptSpy leverages Google's Gemini AI model to analyze infected device screens and generate tailored instructions for embedding itself within recent apps lists. It includes a Virtual Network Computing (VNC) module that allows attackers full remote control over the device, enabling activities such as viewing the screen, performing actions remotely, capturing lock screen data, blocking uninstallation attempts, gathering device information, taking screenshots, and recording screen activity as video. The malware communicates with command-and-control servers using AES encryption and exploits Android Accessibility Services, making it difficult to remove. PromptSpy is distributed through a dedicated website and is financially motivated, adapting to various Android interfaces and operating system versions. ESET's analysis indicates that the malware is regionally targeted, with a focus on Argentina, and may have been developed in a Chinese-speaking environment. The same threat actor is believed to be responsible for both VNCSpy and PromptSpy.

AppWizard

February 19, 2026

New backdoor found in Android tablets targeting users in Russia, Germany and Japan

Researchers from Kaspersky have discovered an Android backdoor named Keenadu, embedded in the firmware of devices, allowing it to infect tablets before they reach consumers. This malware, affecting over 13,700 users globally, primarily targets advertising fraud by hijacking browser search engines, monitoring app installations, and generating fraudulent revenue. Tablets from various manufacturers, including Alldocube, have been found compromised, with the malware likely inserted during the firmware build stage through a compromised supply chain. Keenadu has multiple variants, some hidden in applications, and employs evasion tactics based on device language settings and time zones. It cannot be removed using standard Android security tools, and users are advised to install clean firmware or replace their devices entirely.

AppWizard

February 18, 2026

5 Android Features Google Recently Added To Your Phone

Google has introduced several new features in Android 16 to enhance user experience: - Material 3 Expressive: A new design language featuring vibrant colors, unique icon shapes, and animations, initially exclusive to Pixel devices but now available on other devices. - Advanced Protection Mode: A security feature that activates Google Play Protect, restricts app installations to the Play Store, and includes spam protection and low-security network blocking. - Live Updates: Provides real-time notifications in the status bar and lock screen for updates from selected applications, allowing users to stay informed without opening apps. - Support for 16 KB Page Sizes: Improves performance by allowing more data to be processed on a single page, reducing CPU demand and power consumption, while still supporting legacy 4 KB page sizes. - Quick Share Redesign: Transformed into a full-screen application with an intuitive interface, featuring large toggles and a built-in file picker for easier file sharing and progress indicators during transfers.

AppWizard

February 17, 2026

New Keenadu backdoor found in Android firmware, Google Play apps

A sophisticated Android malware named Keenadu has been discovered embedded in the firmware of various device brands, compromising all installed applications and granting unrestricted control over infected devices. It employs multiple distribution methods, including compromised firmware images delivered over-the-air, access via backdoors, embedding in system applications, modified applications from unofficial channels, and infiltration through apps on Google Play. As of February 2026, Keenadu has been confirmed on approximately 13,000 devices, primarily in Russia, Japan, Germany, Brazil, and the Netherlands. The firmware-integrated variant remains dormant if the device's language or timezone is associated with China and ceases to function without the Google Play Store and Play Services. While currently focused on ad fraud, Keenadu has extensive capabilities for data theft and risky actions on compromised devices. A variant embedded in system applications has limited functionality but elevated privileges to install apps without user notification. The malware has been detected in the firmware of Android tablets from various manufacturers, including the Alldocube iPlay 50 mini Pro. Kaspersky has detailed how Keenadu compromises the libandroid_runtime.so component, making it difficult to remove with standard Android OS tools. Users are advised to seek clean firmware versions or consider replacing compromised devices with products from trusted vendors.

AppWizard

February 13, 2026

Google finally fixed Android’s Driving Mode, so it only turns on at the right time

Google is rolling out an update for Driving Mode on Pixel phones that allows it to trigger automatically when connected to the car's Bluetooth, addressing previous issues where it misfired or failed to activate. The update shifts the activation method from relying solely on motion detection to a Bluetooth-first approach. This feature is included in version 26.05.32 of Google Play Services and can be configured in the Settings app under Modes. Users can choose to activate Driving Mode using either Bluetooth or a combination of motion and Bluetooth.

AppWizard

January 27, 2026

Google Play Store not showing Android, Pixel system app updates [U]

Users have reported that the Google Play Store is not displaying available updates for certain system-level applications when automatic updates are turned off. As of January 22, 2026, several Google applications do not appear in the Pending downloads list, although users can still see an “Update” option in the app's listing. Applications such as Android System Intelligence, Google Partner Setup, and Settings Services have resolved this issue, with updates accessible through the Settings app. On September 4, 2024, the issue was reported to affect YouTube, where users received notifications about updates but found none in the Pending downloads screen. On July 11, the problem was noted again with Google Partner Setup, which is crucial for devices running Google Mobile Services, and devices running Android 7 or earlier will not receive updates for this app. On July 1, users were alerted to a missing update for Google’s Data Restore Tool, which can only be updated through a direct link in the Play Store. The original issue was first observed on February 6, leading to confusion among users due to discrepancies between notifications and actual update availability. This situation may reflect a strategic shift by Google regarding the management of system-level applications within the Play Store, requiring users who disable automatic updates to manually check for updates.

AppWizard

January 26, 2026

Google Play Store not showing Android, Pixel system app updates [U]

Users of the Google Play Store have reported that when automatic updates are disabled, updates for certain system-level applications do not appear in the Pending downloads list. As of January 22, 2026, affected Google applications include Android System Intelligence, Google Partner Setup, and Settings Services, which can still be updated by visiting their app listings directly. On September 4, 2024, the issue also began affecting YouTube, where users receive update notifications but do not see them in the Pending downloads screen. Google Partner Setup, crucial for devices using Google Mobile Services, is experiencing the same visibility issue and cannot be disabled or deleted. Devices running Android 7 or earlier will not receive updates for this app. Additionally, on July 1, users noted a missing update for Google’s Data Restore Tool, which can only be updated via a direct link from the Play Store. The visibility issue has affected various system applications, leading to confusion over available updates. This situation may indicate a strategic shift by Google regarding the management of updates for system-level applications.

AppWizard

January 16, 2026

This Android 16 protection feature looks like it’s ready to help you with ‘Intrusions’

Recent developments indicate that Google is working on an Advanced Protection feature called "Intrusion Logging," which is expected to be integrated into Android's Advanced Protections settings. This feature will preserve encrypted logs of device activity in case of a security issue. Originally, it was speculated that it would alert users to suspicious activity and that logs would be stored in Google Drive in an encrypted format, but this approach may have changed. The timeline for its official rollout is uncertain, but there is optimism for its debut in the next iteration of the Android 16 QPR series, following the release of Android 16 QPR3 Beta 2.

AppWizard

January 14, 2026

Google Wallet on Android looks to be that one-stop shop for your purchase history

A recent Google Play Services update is set to enhance Google Wallet on Android by providing users with a comprehensive overview of their digital payments, including a detailed transaction history for purchases made across various devices. This update will allow users to view transactions linked to their digital cards without needing to toggle between apps or log into bank accounts. Previous enhancements to Google Wallet include Live Updates for travel, which provide real-time information for flights and trains, and location-based technology that displays relevant digital passes on users' lock screens as they approach specific venues. Additionally, Android 16's Live Updates feature has expanded to provide timely information about transport schedules on users' lock and home screens.

AppWizard

January 4, 2026

How to Get Minecraft APK Safely?

Minecraft is a popular game that has been engaging players for over ten years, allowing for creativity and exploration. The term "Minecraft APK" refers to the Android Package Kit used to install the game on Android devices. Players may seek the APK for various reasons, such as lack of Google Play support on their device, using an Amazon Fire tablet, or wanting to reinstall the game after switching devices. However, downloading the APK from unofficial sources poses risks, including malware, compromised accounts, game crashes, bans from online servers, and legal issues, as Minecraft is a paid title developed by Mojang and owned by Microsoft. To obtain Minecraft on Android safely, players can use the Google Play Store, which is the recommended method, or the official Minecraft Trial available for free. Users of Amazon Fire tablets can download the game from the Amazon Appstore. Advanced users may need to manually install an APK from official channels, ensuring to enable and disable the "Install unknown apps" setting cautiously. Players should avoid modded or cracked APKs, websites requiring surveys, and files demanding unrelated permissions to protect their devices and personal information. Minecraft on Android offers cross-play capabilities, regular updates, access to realms and online servers, and stable performance, making it a valuable mobile gaming option.