Posts: 129
Threads: 101
Joined: Jun 2019
Reputation:
0
Attackers behind the campaign used several effective techniques to repeatedly bypass the vetting process Google uses in an attempt to keep malicious apps out of Play. One method was to initially submit a benign version of an app and add the backdoor only after the app was accepted. Another approach was to require few or even no permissions during installation and to later request them dynamically using code hidden inside an executable file. One of the recent apps posed as a browser cleaner.
Posts: 115
Threads: 5
Joined: Jun 2019
Reputation:
0
Compared to buying an iPhone, buying an Android phone can be a dizzying choice thanks to the huge array of different devices from different manufacturers. While there are mid-range and budget Android options, this list is our collection of the best Android phones overall, so they’re higher in price as they have the best current features like top cameras, displays and build quality.
Posts: 105
Threads: 3
Joined: Jun 2019
Reputation:
0
We’ve included all of the Android world’s big hitters like Samsung, Huawei, Google and OnePlus, as well as newer contenders like Xiaomi, with the OnePlus 8 Pro and Xiaomi Mi Note 10 being the latest additions. Plus we've just included the Samsung Galaxy S20 Ultra too. And more phones will likely be added soon. Sony recently unveiled its Xperia 1 II, which looks very strong. We’ll be reviewing it soon, along with the LG Velvet, which is expected to be announced in the coming few weeks.
Posts: 109
Threads: 0
Joined: Jun 2019
Reputation:
0
Attackers behind the campaign used several effective techniques to repeatedly bypass the vetting process Google uses in an attempt to keep malicious apps out of Play. One method was to initially submit a benign version of an app and add the backdoor only after the app was accepted. Another approach was to require few or even no permissions during installation and to later request them dynamically using code hidden inside an executable file. One of the recent apps posed as a browser cleaner.
Posts: 96
Threads: 0
Joined: Jul 2019
Reputation:
0
Within time, the apps provided a backdoor that collected data about the infected phone, including the hardware model, the Android version it ran, and the apps that were installed. Based on that information, the attackers could use the malicious apps to download and execute malicious payloads specific to a particular infected device. The payloads could collect locations, call logs, contacts, text messages, and other sensitive information.
Posts: 101
Threads: 1
Joined: Jun 2019
Reputation:
0
Google officials declined to say how or even if the company is working to prevent malicious apps from using the described techniques used to bypass the app-vetting process. Instead, the officials issued a statement that said: “We’re always working to improve our detection capabilities. We appreciate the work of the researchers in sharing their findings with us. We’ve since taken action against all the apps they identified.â€
Posts: 87
Threads: 1
Joined: Jun 2019
Reputation:
0
Most of the apps contained functionality that require that phones be rooted. That would require apps to run on devices with known rooting vulnerabilities or for the attackers to exploit flaws that aren’t yet known to Google or the general public. Kaspersky Lab researchers didn’t find any local privilege escalation exploits in the apps themselves, but they haven’t ruled out the possibility such attacks were used. In an email, a researcher wrote:
![[Image: banner.jpg]](http://trck.me/345650/banner.jpg)
