All articles tagged with #google play protect
Cybersecurity researchers report a shift in Android malware, with dropper apps now delivering SMS stealers and spyware instead of just banking trojans, using sophisticated methods to evade Google Play Protect and targeting users in Asia and Europe through malicious apps and ads, highlighting ongoing challenges in mobile security.
Android 15 may introduce a new feature that allows the system to quarantine misbehaving apps, providing an additional layer of protection for users. This feature, similar to antivirus software on desktop operating systems, isolates suspicious apps from the rest of the system, restricting their functionality. While the exact launch date for this feature is uncertain, it is expected to be implemented by services like Google Play Protect to enhance the security of the Android operating system.
The PixPirate Android malware has evolved to hide on phones by not using an icon and employing a new tactic to remain active even after its dropper app is removed. It utilizes two apps, with the second one being the encrypted banking malware, and can launch and control itself based on different device events. The malware targets the Brazilian instant payment platform Pix to divert funds to attackers and has the capability to automate fraudulent transactions without users' knowledge. Google Play Protect is currently able to protect against known versions of this malware.
A new version of the XLoader malware, also known as MoqHao, is spreading through SMS text messages with shortened URL links, targeting Android users. The malware disguises permission requests as coming from Google Chrome, asking for access to SMS messages and the ability to run in the background. Once granted, the malware can steal photos, texts, contacts, and hardware information, sending them to a control server. While devices with Google Play Services are protected by default, users are advised to avoid clicking on shortened URLs and sideloading apps to mitigate the risk of malware attacks.
A new variant of the XLoader Android malware has been discovered, capable of launching on infected smartphones without user interaction, extracting sensitive data such as photos and text messages. It is distributed via malicious links in text messages and can impersonate Google Chrome to gain permissions. To stay safe, users should avoid sideloading apps, be cautious with permissions, limit app installations, use reputable developers, enable Google Play Protect, and consider installing Android antivirus apps.
Google has introduced a new real-time app scanning feature in its Google Play Protect security engine for Android. The feature conducts a code-level analysis of an app and blocks its installation if it is deemed potentially harmful. This is aimed at combating the proliferation of malicious sideloaded apps, which often evade detection by morphing their appearance or altering their code. While Google's Play Store screens apps for malware, many users still resort to sideloading, which poses security risks. The enhanced scanning feature is particularly important in countering predatory loan apps that have led to harassment and even suicides. Google plans to expand the feature internationally after its initial launch in India.
Google Play Protect is introducing real-time app scanning, utilizing on-device machine learning and similarity comparisons to detect malicious code in apps. The software extracts important signals from the app and sends them for code-level evaluation, providing users with a result indicating whether the app is safe to install or potentially harmful. The feature will initially roll out in India and then become available to users worldwide in the coming months.