Category Archives: android

More Android apps from dangerous Ztorg family sneak into Google Play

Enlarge (credit: Kaspersky Lab)

For the second time this month, Google has removed Android apps from its Google Play marketplace. Google did so after a security researcher found the apps contained code that laid the groundwork for attackers to take administrative "root" control of infected devices.

"Magic Browser," as one app was called, was uploaded to Google's official Android App bazaar on May 15 and gained more than 50,000 downloads by the time it was removed, Kaspersky Lab Senior Research Analyst Roman Unuchek said in a blog post published Tuesday. Magic Browser was disguised as a knock-off to the Chrome browser. The other app, "Noise Detector," purported to measure the decibel level of sounds, and it had been downloaded more than 10,000 times. Both apps belong to a family of Android malware known as Ztorg, which has managed to sneak past Google's automated malware checks almost 100 times since last September.

Most Ztorg apps are notable for their ability to use well-known exploits to root infected phones. This status allows the apps to have finer-grain control and makes them harder to be removed. Ztorg apps are also concerning for their large number of downloads. A Ztorg app known as Privacy Lock, for instance, received one million installations before Google removed it last month, while an infected Pokémon Go guide racked up 500,000 downloads before its removal in September.

Read 3 remaining paragraphs | Comments

Google Play is fighting an uphill battle against Android adware

Enlarge (credit: SophosLabs)

Google's official Play marketplace is waging an uphill battle against Android apps that display an unending stream of popup ads even when users try to force them to stop, researchers said Friday.

The researchers, from UK-based SophosLabs, said they have found a total of 47 apps in the past week that collectively have racked up as many as six million downloads. They all use a third-party library that bombards users with ads that continue to display even after users force close the app or scrub memory. In a blog post, SophosLabs said Google has removed some of the privately reported apps while allowing others to remain.

The MarsDae library that's spawning the popup torrent supports Android versions 2.3 through 6, as well as Samsung, Huawei, Mizu, Mi, and Nexus devices. One app that incorporates MarsDae, SophosLabs said, is Snap Pic Collage Color Splash, which remained available on Google servers as this post was being prepared. Snap Pic has been downloaded from 50,000 to 100,000 times. Once installed, it displays ads on the Android home screen. Even after a user uses the Android settings to force close the app, the ads resume a few seconds later.

Read 3 remaining paragraphs | Comments

Google Play introduces ‘Android Excellence’ collections that showcase editorially selected top apps and games

 At WWDC this month, Apple introduced an entirely revamped App Store that puts a much greater focus on editorial, with plans for stories about the apps, how to’s, interviews, and more, in addition to regular postings of curated lists and “app of the day” type features. Today, Google announced its own plans to expand editorial involvement on Google Play, with the launch of its… Read More

Android Auto finally gets Waze integration—in beta, at least

Google owns Waze, a popular car navigation app with crowd-sourced traffic data. Google also owns Android Auto, an in-car Android interface that makes it safe and easy to use apps in the car. You would think Waze would have ended up on Android Auto pretty quickly. You'd be wrong.

After showing off Waze Android Auto integration at Google I/O 2016 (yes, over a year ago), the integration has finally launched—in beta, at least. Android Police reports that after an April beta sign-up, real, working code has finally gone out to beta testers. (You can sign up here to be one of those testers if you'd like.)

Read 5 remaining paragraphs | Comments

OnePlus 5 launches on June 20

Enlarge (credit: Android Police)

The OnePlus 5, the follow-up to the excellent OnePlus 3T Android smartphone, launches on June 20. In classic OnePlus style, the OnePlus 5 will debut via an online livestream that starts at 5pm UK time (12pm EDT), as well as at several pop-up events in London, New York, and other cities in Europe.

Details on the OnePlus 5 other than its release date are thin on the ground, but the company has revealed that it's skipping the OnePlus 4 (four being an unlucky number in China), as well as equipping the phone with the latest Snapdragon 835 SoC. That's the same SoC found on flagship devices like the Galaxy S8 and HTC U11.

As with its previous phones, OnePlus is expected to charge far less for the OnePlus 5 than the likes of Samsung or HTC, whose devices typically retail for around £600+. The OnePlus 3, which came equipped with a then brand new Snapdragon 820, launched at a mere £330.

Read 7 remaining paragraphs | Comments

Android Pay expands to Canada

 Android Pay launched in Canada on Wednesday, with support for a number of major banks at launch, and additional banks to be added soon. The Android Pay debut in Canada was teased at Google’s I/O developer conference keynote earlier this month, and reported as imminent last week by MobileSyrup. The launch today includes support for Visa and MasterCard credit and debit, as well as… Read More

Android creator Andy Rubin’s Essential Phone looks stunning and will cost $699

 There’s been much speculation around the new project from Andy Rubin, the man responsible for developing Android, and now we have the answer. Well, part of the answer, at least. Essential, Rubin’s new company, unveiled its first smartphone alongside an Amazon Echo-like device and a new operating system called “Ambient”. The three products were unveiled to the Verge, but… Read More

Cloak & Dagger is a newly-discovered Android exploit that lets hackers hide malicious activity

 Researchers from Georgia Institute of Technology have released a full report on a new attack vector that affects Android up to version 7.1.2. The exploit, called Cloak & Dagger, uses Android’s design and screen behaviors against users, effectively hiding activity behind various app-generated interface elements that lets a hacker grab screen interactions and hide activity behind… Read More