Advertisements

New Android Warning: These 15 Malicious Apps May Be Hiding On Your Phone—Uninstall Now

As the stories keep coming about malicious apps finding their way onto Google’s Play Store, one serious concern is the increasingly sophisticated efforts made by those apps to hide their intent from users. Well, the latest report from the team at Sophos has found 15 harmful apps that have gone a stage further—literally “hiding their app icons in the launcher… or disguising themselves in the phone’s App settings page.”

Put simply, apps have been found that trick users into installing them to perform a trivial service. The app disappears from view, but it is actually running, disguised under a system name, making it impossible to detect and stop without effort. Users are urged to specifically root these apps out, stop them, then delete them completely.

If the apps aren’t seen, then they won’t trigger user concerns and they become much more difficult to casually delete without making the effort to find them. That’s the theory. But now those apps have been exposed. Users have been warned.

Today In: Innovation

Yet again, these latest apps join the countless others delivering adware—generating fraudulent revenue for their operators. Let’s be clear, free apps that deliver ads in their unpaid versions might be irritating, but they’re not necessarily fraudulent. But here we are talking about apps designed to deliver ads—it’s their sole purpose. It is the direct opposite of free apps, the ads are the focus, the app itself a wraparound.

The 15 apps discovered and disclosed by Sophos have been installed on more than 1.3 million devices—that’s a lot of ads, a lot of fraudulent revenue. And this is likely the tip of the iceberg for this new “icon hiding” threat category. “If history is any indication,” Sophos warns, “there are likely many more waiting to be found.”

The “dirty tricks” pulled off by these apps include various ruses to hide away—either on install or shortly afterward, and installing two apps at once—a benign app that is visible as per normal, and a malicious app that remains hidden. Most phones these days have a wide range of legacy and unused apps—we don’t notice what’s there and how many of us ever purge our devices? That’s the social engineering taking place here—if the app can hide initially, it will likely hang around for some time.

“Nine of the 15 apps used deceptive application icons and names, most of which appeared to have been chosen because they might plausibly resemble an innocuous system app,” Sophos explained. But they cannot hide completely if you know what you’re looking for—and Android users are urged to check their phones for these apps—and if you find them, delete them. “The app icon is still visible in the phone’s ‘gear’ Settings menu, under Apps.”

Here are the 15 apps exposed by Sophos—you’ll notice the poor reviews, often a sign that an app of this kind is best avoided.

As so often with adware apps, most are designed around trivial utilities—QR readers and image editors, for example. “Most ironically,” Sophos reports, one of the malicious apps is designed “to scrub your phone of private data.” You couldn’t make this up. The mindset to download an app of unknown provenance for such a delicate purpose we won’t get into—the warnings here basically go without saying.

Once installed, the apps use innocuous names to ensure they don’t trigger suspicions. And, arguably, the most worrying finding is that all 15 apps appeared this year—that means there are still gaping holes in Play Store security and there are adware factories churning out such apps and pushing them into the public domain. Sophos believes that similarities in coding structure and user interfaces suggests this batch of apps might all be related, despite appearing to come from different publishers.

Sophos says that Google was notified about the apps and they seem to have been removed—the underlying threat and coding techniques will remain in other as yet unidentified apps in the store and the myriad apps likely still to come.

The package names of the 15 apps are here:

Andrew Brandt, a principal researcher at Sophos, warns that “while these apps have been removed from the Google Play Store, there may be others we haven’t yet discovered that do the same thing.”

Brandt also explains that if uses suspect an app might be hiding, or to check against the published list, “tap Settings, then Apps & Notifications. The most recently opened apps appear in a list at the top of this page. If any of those apps use the generic Android icon (which looks like a little greenish-blue Android silhouette) and have generic-sounding names (‘Back Up,’ ‘Update,’ ‘Time Zone Service’) tap the generic icon and then tap ‘Force Stop’ followed by ‘Uninstall’.” Real system apps won’t offer an ‘uninstall’ option but will have a ‘disable’ option instead.

Ultimately, the usual advice applies here. Don’t download trivial utility apps because they seem nifty and free—they’re free for a reason. Even if the downside is simply unwanted ads, the fact is that malicious apps can often be hiding more dangers than that. Given how much private information we carry on our devices, don’t casually leave the backdoor open to anyone with a shiny app and a free install.

Follow me on Twitter or LinkedIn.

I am the Founder/CEO of Digital Barriers, supplying AI surveillance tech to defence, national security, counter-terrorism and critical infrastructure entities in the U.S., EMEA and Asia. I write about the intersection of geopolitics and cybersecurity, as well as breaking security and surveillance stories. I also focus on the balance of privacy and public safety. Contact me at zakd@me.com.

Source: New Android Warning: These 15 Malicious Apps May Be Hiding On Your Phone—Uninstall Now

714K subscribers
These are 20 dangerous Android Apps that trap users of Android smartphones to mine the various cryptocurrencies using their devices computing power. The security solutions company Sophos has identified malicious apps on the Google Play store and on a Russian download site called “Coandroid” that tap into a smartphones CPU to mine for cryptocurrency that can cause your device to overheat and become slow, which could also lead to permanent damage to your smartphone. Some of these apps are very popular. If you have them installed on your phone, you should uninstall them immediately. If you’re new, Subscribe! ▶ https://www.youtube.com/techgumbo Share This Video ▶ https://youtu.be/WfTaXq_mbvM “Android Apps” Series https://www.youtube.com/playlist?list… Those listed below with “Coandroid” next to their name are safe to download from the Google Play store. Do not download from the “Coandroid” website. 0:41 AIMP (Coandroid) 1:23 Block Strike (Coandroid) 1:45 Parkour Simulator 3D (Coandroid) 1:54 Skanvord 2:08 NeoNeonMiner 2:24 Others 2:46 Wrestling Apps CoinMiner and other malicious cryptominers targeting Android https://www.sophos.com/en-us/medialib… TechGumbo is a leading source for the technology that we use each day. Whether it’s discussing computer operating system tricks, the latest tips for your mobile phone, finding out about the newest gadgets, or letting you know about the best Android Apps for your smartphone, TechGumbo has boundless topics on technology for the astute YouTube viewer.

Advertisements

Viral App FaceApp Now Owns Access To More Than 150 Million People’s Faces And Names

Everyone’s seen them: friends posting pictures of themselves now, and years in the future.

Viral app FaceApp has been giving people the power to change their facial expressions, looks, and now age for several years. But at the same time, people have been giving FaceApp the power to use their pictures — and names — for any purpose it wishes, for as long as it desires.

And we thought we learned a lesson from Cambridge Analytica.

More than 100,000 million people have downloaded the app from Google Play. And FaceApp is now the top-ranked app on the iOS App Store in 121 countries, according to App Annie.

While according to FaceApp’s terms of service people still own their own “user content” (read: face), the company owns a never-ending and irrevocable royalty-free license to do anything they want with it … in front of whoever they wish:

You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you. When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public.

FaceApp terms of use

That may not be dangerous and your likeness may stay on Amazon servers in America, as Forbes has determined, but they still own a license to do whatever they want with it. That doesn’t mean the app’s Russian parent company, Wireless Labs, will offer your face to the FSB, but it does have consequences, as PhoneArena’s Peter Kostadinov says:

You might end up on a billboard somewhere in Moscow, but your face will most likely end up training some AI facial-recognition algorithm.

Peter Kostadinov 

Whether that matters to you or not is your decision.

But what we have learned in the past few years about viral Facebook apps is that the data they collect is not always used for the purposes that we might assume. And, that the data collected is not always stored securely, safely, privately.

Once something is uploaded to the cloud, you’ve lost control whether or not you’ve given away legal license to your content. That’s one reason why privacy-sensitive Apple is doing most of its AI work on-device.

And it’s a good reason to be wary when any app wants access and a license to your digital content and/or identity.

As former Rackspace manager Rob La Gesse mentioned today:

To make FaceApp actually work, you have to give it permissions to access your photos – ALL of them. But it also gains access to Siri and Search …. Oh, and it has access to refreshing in the background – so even when you are not using it, it is using you.

Rob La Gesse

The app doesn’t have to be doing anything nefarious today to make you cautious about giving it that much access to your most personal computing device.

Follow me on Twitter or LinkedIn. Check out my website or some of my other work here.

I forecast and analyze trends affecting the mobile ecosystem. I’ve been a journalist, analyst, and corporate executive, and have chronicled the rise of the mobile econom

Source: Viral App FaceApp Now Owns Access To More Than 150 Million People’s Faces And Names

Over 90% of dApps ‘Did Not Record Transactions’, dAppRadar Data Shows | CryptoGlobe

This, according to data from DAppRadar – which was pointed out by Twitter user Kevin Rooke on February 9th, 2019. As Rooks explains in his tweet, 86% of ETH-based dApps had zero users last Saturday, while 93% did not record any transactions. Although there are reportedly around 40 times more developers focused on creating software for Ethereum (when compared to its closest competitors such as EOS and Tron), ETH-based dApps don’t appear to have lived up to expectations. There are about 1,375 “live” dApps built on the Ethereum blockchain, however the number of active users have remained consistently low. According to data from DAppRadar…………….

Source: https://www.cryptoglobe.com/latest/2019/02/over-90-of-dapps-did-not-record-transactions-dappradar-data-shows/

8 Apps You Need in 2018

What do you want for yourself in 2018? For me, 2018 is all about internal focus and commitment to self development; it’s about becoming the person I need to be to live the life I want. As most of us are always on the move or always on our phones, I thought it would be […]

via 8 Apps You Need in 2018 — You Can Have It All

Some of The Best Apps for Teaching Students World History – Educators Technology | Banco de Aulas

Source: Some of The Best Apps for Teaching Students World History – Educators Technology | Banco de Aulas

10  Music Apps for High School Students curated by Educators’ Technology


Free resource of educational web tools, 21st century skills, tips and tutorials on how teachers and students integrate technology into educationhttp://bit.ly/2oz9SBR
http://bit.ly/2okC2EJ

10  Music Apps for High School Students curated by Educators’ Technology


Free resource of educational web tools, 21st century skills, tips and tutorials on how teachers and students integrate technology into education
http://bit.ly/2oz9SBR

%d bloggers like this:
Skip to toolbar