Tag Archive for: Apps

The 21 apps Android users should delete immediately over malware concerns


A list of more than 20 apps designed for Android users known to contain malware has been released.

The list was released by Malware Fox, an anti-malware program.

“Currently, there is no better medium with a huge user base than Android,” Malware Fox said.

Stream local 7NEWS free on 7plus 7plus

“Over the last decade, Android has become a soft target for cyberattackers to carry out illicit activities.

“It is because Android is an open-source program, making it highly customisable, unlike iOS.

“It is easy for cybercriminals to infiltrate an Android device using malicious apps.”

The compromised apps contain one of four types of malware.

Harly Trojan obtains data about the user’s device, especially data about the mobile network.

This malware is found in:

  • Fare Gamehub and Box
  • Hope Camera-Picture Record
  • Same Launcher and Live Wallpaper
  • Amazing Wallpaper
  • Cool Emoji Editor and Sticker

Joker Spyware gathers contact lists, SMS messages, and details about affected devices.

This malware also has the capacity to register the device for premium services without consent, monetising the malware infection.

It is found in:

  • Simple Note Scanner
  • Universal PDF Scanner
  • Private Messenger
  • Premium SMS
  • Blood Pressure Checker
  • Cool Keyboard
  • Paint Art
  • Color Message

Autolycos Malware is a Trojan spyware that is known for subscribing victims to paid services.

This malware is found in:

  • Vlog Star Video Editor
  • Creative 3D Launcher
  • Wow Beauty Camera
  • Gif Emoji Keyboard
  • Instant Heart Rate Anytime
  • Delicate Messenger

Fleckpe is another Trojan spyware that is known for subscribing victims to paid services.

This malware is found in:

  • Beauty Slimming Photo Editor
  • GIF Camera Editor Pro

Days after McAfee warning

The warning comes just days after computer security company McAfee warned Android users about new malware.

A new variant of Xloader malware, otherwise known as MoqHao, makes it easier for hackers to access your phone’s data.

While previous versions of Xloader required the phone user to download and open the malware, the new programming means the malware can silently run in the background straight…

Source…

RiskInDroid: Open-source risk analysis of Android apps


RiskInDroid (Risk Index for Android) is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques.

RiskInDroid

How RiskInDroid works

“A user should be able to quickly assess an application’s level of risk by simply glancing at RiskInDroid’s output, and they should be able to compare the app’s risk with others easily,” Gabriel Claudiu Georgiu, developer of RiskInDroid, told Help Net Security.

Unlike other tools, RiskInDroid does not take into consideration only the permissions declared into the app manifest but carries out reverse engineering on the apps to retrieve the bytecode and then infers (through static analysis) which permissions are used, extracting four sets of permissions for every analyzed app:

1. Declared permissions – Extracted from the app manifest.
2. Exploited permissions – Declared and used in the bytecode.
3. Ghost permissions – Not declared but with usages in the bytecode.
4. Useless permissions – Declared but never used in the bytecode.

“The precision and reliability of RiskInDroid have been tested on a large dataset made of more than 6,000 malware samples and 112,000 apps. We released everything to the public so our results could be easily reproduced and verified,” Georgiu added.

Future plans and download

“Currently there are no future versions planned, I just make sure everything works with the latest versions of Python and occasionally update the underlying libraries. Probably the most straightforward improvement would be to include other features in the analysis. Now, only permissions are considered, but we could also consider API calls and URLs that can be extracted through static analysis as we did for permissions, Georgiu concluded.

RiskInDroid is available for free on GitHub.

Must read: 15 open-source cybersecurity tools you’ll wish you’d known earlier

More open-source tools to consider:

Source…

These Are the Best Antivirus Apps for Macs in 2024



There are certainly fewer viruses around targeting Macs—partly because it makes more sense for bad actors to target Windows, which has a significantly bigger user base—but macOS is certainly not immune to viruses. Don’t think that just because you own an Apple computer, you don’t have to worry about malware.

Your Mac comes with some impressive security features built right in, including XProtect and Gatekeeper, but there’s no harm in installing extra protection for extra peace of mind—the right antivirus tool is only going to improve your Mac’s defenses, and some of the best anti-malware software developers out there offer packages for macOS.

What’s more, they often come with extras besides the virus-fighting capabilities, including web tracker blocking and junk file removal. Here we’ve picked out our current favorites, weighing up everything from the ease-of-use of the interface to the range of features.

Malwarebytes for Mac

Malwarebytes for Mac

Malwarebytes for Mac offers a clean, straightforward interface.
Credit: Lifehacker

Malwarebytes is an antivirus tech veteran, and its Malwarebytes for Mac software comes with a variety of useful features: An at-a-glance look at your computer’s current safety status, basic VPN features to improve the privacy of your web browsing, and quick and easy manual scans that run a comprehensive audit of all the files on your system.

Okay, it’s not the most feature-packed security tool out there, but it does the basics (like scheduled scanning) very well, and couldn’t be any easier to use. The basic Malwarebytes for Mac scanner is free, while the Premium version (from $6.67 a month after a 14-day trial) offers round-the-clock protection and the additional VPN shield for connecting to the web.

Intego Mac Internet Security X9

Intego Mac Internet Security X9

Intego Mac Internet Security X9 gives you a comprehensive set of features.
Credit: Lifehacker

Few companies take Mac security as seriously as Intego does, and it makes several antivirus packages available for macOS, including Intego Mac Internet Security X9: It’ll protect against viruses and other network attacks, and comes with protections against fraudulent websites and email threats too, all wrapped up in an intuitive interface.

A…

Source…

Singapore Android users to be blocked from installing certain unverified apps as part of anti-scam trial


In a previous update of Google Play Protect, users were recommended to conduct a real-time app scan to better detect whether an Android app may be infected with malware. When the scan was completed, users were notified about whether it could be safely installed. 

Eugene Liderman, director of Android security strategy at Google, told CNA the real-time scanning enhancement to Google Play Protect was fully rolled out in Singapore in November 2023.

Since the launch of real-time scanning last October, Google said it has helped identify over 515,000 potentially harmful apps, and blocked or warned users almost 3.1 million times when they attempted to install such apps. 

Scam victims are often directed to download an Android package kit (APK) file through sources such as websites, messaging apps or file managers. 

“Members of the public are advised not to download any suspicious APK files on their devices as they may contain malware which will allow scammers to access and take control of the device remotely as well as to steal passwords stored in the device,” the police said in an advisory last July. 

Sideloaded apps typically ask for permission to read and receive SMSes and notifications, and grant accessibility to devices.

These permissions enable scammers to intercept one-time passwords via SMS or from notifications and spy on screen content, said Google.

The tech giant’s newest security feature is designed to look out for such permissions, which are “frequently abused by fraudsters”, and block the app’s installation.

“Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources,” it added. 

Source…