Tag Archive for: app’

Samsung’s app store is home to potentially harmful apps

/in


Samsung's app store is home to potentially harmful apps

Samsung’s app marketplace Galaxy Store that comes pre-installed on its smartphones appears to be home to sketchy movie streaming apps, Android Police has found.
Several clones of the now-defunct Showbox movie streaming app being hosted on the Galaxy Store could be potentially dangerous. Per mobile security analyst linuxct, while these apps may not be harmful on their own, they appear to be armed with technology that may let them download and execute malware. 
The issue came to light when the outlet’s writer Max Weinbach discovered that at least five of the Showbox copycats were possibly malicious after warnings from Google’s Play Protect and this prompted the publication to conduct an investigation.

Analysis done through online virus and malware scanning service Virustotal showed that something is definitely fishy. Some of the apps also ask for excessive permissions, including access to call logs. 

The other issue is that Showbox had a reputation for being a pirate tool and there is little chance that the clones that are on the Galaxy Store are not infringing on copyrights. None of these apps can be found on Google’s Play Store. 

Since the Galaxy Store doesn’t show an install count, it’s hard to ascertain how many times the apps in question were downloaded, but for what it’s worth, they have received hundreds of reviews, with some mentioning the malware warnings.
Samsung is yet to comment on the findings. Thus, for now, it might be a better idea for Samsung phone users to only download apps from Google’s Play Store.

Source…

App-etite for Notification: FTC Says “Welcome to the Jungle” to Mobile Health App Developers in Policy Statement on Health Breach Notification Rule | Wyrick Robbins Yates & Ponton LLP

/in


Last week’s news that the Federal Trade Commission is taking steps to begin rulemaking on consumer privacy and artificial intelligence drew plenty of attention from privacy professionals, and suggests 2022 could be an interesting year for federal regulation of privacy and data security. But that development is only one of a series of moves the Commission has recently made in this space.  In September, a divided Commission issued a Policy Statement that adopts a surprisingly broad interpretation of the FTC’s existing Health Breach Notification Rule, and suggests the FTC is seeking opportunities to use its existing authority to crack down on mobile health apps’ lax privacy and data security practices.

In that Policy Statement, the FTC takes the position that the Health Breach Notification Rule, which applies to “vendors of personal health records,” covers any mobile app that processes health information and that can draw personal information from multiple sources. The FTC also states that the Rule broadly requires notification of any unauthorized access to consumer health information, including the sharing of a consumer’s health information without the consumer’s authorization.

Mobile health app developers should take careful note of the Policy Statement’s interpretations and assess their offerings’ compliance posture accordingly.

Overview of the Health Breach Notification Rule

The FTC issued the Health Breach Notification Rule in 2009 to impose breach notification requirements on companies that process consumer health information, but are not subject to HIPAA. To that end, the Rule requires a “vendor of personal health records” to notify affected consumers and the FTC whenever  “unsecured [personal health record] identifiable health information [is] acquired by an unauthorized person” as a result of “a breach of security of unsecured [personal health record] identifiable health information.” A “vendor of personal health records” is an entity that (1) is not a HIPAA covered entity or business associate and (2) offers or maintains “personal health records.”

“Personal health records” are in turn defined under the Rule as electronic…

Source…

Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store

/in


Android Malware

A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users’ contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge.

The latest Joker malware was found in a messaging-focused app named Color Message (“com.guo.smscolor.amessage”), which has since been removed from the official app marketplace. In addition, it has been observed simulating clicks in order to generate revenue from malicious ads and connecting to servers located in Russia.

Automatic GitHub Backups

Color Message “accesses users’ contact list and exfiltrates it over the network [and] automatically subscribes to unwanted paid services,” mobile security firm Pradeo noted. “To make it difficult to be removed, the application has the capability to hides it icon once installed.”

Android Malware

“We is [sic] committed to ensuring that the app is as useful and efficient as possible,” the developers behind Color Message state in their terms and conditions. “For that reason, we reserve the right to make changes to the app or to charge for its services, at any time and for any reason. We will never charge you for the app or its services without making it very clear to you exactly what you’re paying for.”

Prevent Data Breaches

Joker, since its discovery in 2017, has been a notorious fleeceware infamous for carrying out an array of malicious activities, including billing fraud and intercepting SMS messages, contact details, and device information unbeknownst to users.

The rogue apps have continued to skirt Google Play protections using a barrage of evasion tactics to the point that Android’s Security and Privacy Team said the malware authors “have at some point used just about every cloaking and obfuscation technique under the sun in an attempt to go undetected.”

Source…


[the_ad_group id="27628"]

New version of the Advice to Travelers app (Dec. 16 2021)

/in


A new version of the mobile Advice to Travelers app is now available. Created in 1999, the Advice to Travelers page has seen a massive increase in hits on the France Diplomatie site in recent years, with 32 million hits in 2020 compared with 9.4 million in 2019, and more than 58 million since the beginning of 2021.

In light of the rapidly evolving health situation, it is more necessary than ever to make proper preparations for travel abroad.

To meet the needs of French citizens who travel abroad, the Ministry for Europe and Foreign Affairs decided to update the mobile app launched in 2012. In this latest version, users will have access, as they do on the website, to the 191 files that provide information on the situation in destination country to facilitate smooth stays abroad.

That information includes security advisories (written references and maps), conditions for entry and stays, health information (vaccination requirements, restrictions on movement linked to the Covid-19 pandemic, etc.) and practical information (practices and customs, local laws, etc.).

It is updated regularly by the Ministry for Europe and Foreign Affairs’ Crisis and Support Center in partnership with our field-based posts using a system certified by the ISO 9001 standard. In 2020, 3,378 updates were made.

The latest version of the app can be downloaded onto Android and IOS devices.

Source…