Tag Archive for: store

SharkBot Malware Reappears in the Google Play Store

/in


This site may earn affiliate commissions from the links on this page. Terms of use.

The best way to prevent malware from creeping onto your Android phone is to only download apps from the official Play Store. However, no method is foolproof. Malware creators occasionally find a way to hide malware in Google’s repository, at least for a little bit. Earlier his year, security researchers spotted a malicious software package called SharkBot spreading through the Play Store. It was stamped out, of course, but now it’s back with a vengeance. 

In the early days of the Play Store, Google would allow every app to go live with minimal oversight. Slowly, it has ratcheted up its automated and human-powered checks, which makes it very difficult to upload a known piece of malware. So, most malware campaigns today attempt to distribute a seemingly innocuous app that then downloads a malicious payload. That’s what SharkBot does. 

When originally detected in February 2022, SharkBot dropper was ironically pretending to be an antivirus app. It used Android’s Accessibility service to download and install its malicious code without user interaction, giving the creators access to banking information, keystrokes, and even the ability to take over a phone completely. The latest version even adds a feature to steal login cookies so the attackers can access user accounts. 

The new dropper doesn’t have the same installation trick. Google has started cracking down on apps that use the Accessibility service for exactly this reason. The same systems that help disabled people use their phones can be hijacked to install malware without the user’s knowledge. Now, apps that call for Accessibility need to have a good reason, and Google will boot apps that don’t. Instead, the new SharkBot dropper downloads the malware, which masquerades as a fake security update and has to be installed by the user. 

One of the listings for the new SharkBot dropper.

Since the new dropper can’t use Accessibility to get the job done, it relies on the user to manually allow unknown sources and install the dangerous code. That’s much less likely, but it still happens. The dropper popped up in several listings,…

Source…

Chinese malware hides in App Store apps for macOS

/in


A Chinese publisher has managed to deceive the vigilance of Apple, which has accepted malicious applications on the App Store for macOS.

Apple puts a lot of its communication on the security of the App Store, its application store, thus justifying more closed ecosystems than Android or Windows. But even the apple brand is not infallible and can overlook threats. This is according to a report by Alex Kleber, a cybersecurity researcher, who identified several malicious Chinese apps on the macOS App Store.

The investigation uncovered seven different Apple developer accounts, actually belonging to a single China-based publisher. Applications from this publisher contain hidden malware that can receive commands from a server. Thus, the malicious code can be active only once the application in question has been available on the App Store, and thus deceive Apple’s security systems.

Investigation report about the abuse of the Mac App store

Apple App Store

Using this technique, the developer can even change the interface of the application entirely. The app validated by Apple therefore bears no resemblance to the app that is ultimately downloaded and installed by users. To make it harder to trace them, all communication is with domains using services like Cloudflare and GoDaddy. Which allows them to hide their hosting provider.

One of the applications is a PDF reader that has got a countless times downloads on the App Store for macOS in the United States. Even making it one of the most installed apps. The app requires a paid subscription, while it offers the same features as any regular free PDF reader. Or even does not work at all.

To make believe that the app is legitimate and encourage users to download it. It is drowned in false positive comments, which hide the real opinions denouncing it. Since the report’s release, Apple has responded by removing many fake reviews of these apps. Some of them are no longer available in the App Store altogether.

Source…

13 cleaner apps caught hiding malware on the Google Play Store

/in


Between thousands of photos, shared videos and information-intensive applications, your mobile phone’s internal storage can fill up quickly. And if you aren’t sure what is using up the most space, it often involves sifting through the settings to find the culprits.

However, there are a few apps that can do that for you. They scan all the folders, browser cache, system files and games to determine where you can free up some real estate. Many of these apps are helpful, but some only pretend to clean up your device.

Read on for 13 dangerous apps recently found to be hiding malware.

Here’s the backstory

McAfee’s Mobile Research Team found several apps on the Google Play Store that aren’t what they seem. The apps promote themselves as mobile cleaners, promising to remove junk and unused files so your Android device can run smoother.

But instead of doing that, the apps hide malware and continuously show advertisements on the infected device. Furthermore, you don’t need to open the app for the malicious code to start working, as simply downloading it to your phone is enough to trigger it.

According to McAfee, some of the apps hide on the infected device by changing their icon and name to something familiar. The built-in automatic advertising is so aggressive that it pops up every time you install, uninstall, or update apps.

Here’s a list of the malicious apps grouped into the number of downloads:

  • Junk Cleaner (1 million downloads)
  • Keep Clean
  • Full Clean – Clean Cache
  • Quick Cleaner
  • Power Doctor (500,000 downloads)
  • Windy Clean
  • Cool Clean
  • Super Clean
  • Fingertip Cleaner
  • Strong Clean
  • EasyCleaner (100,000 downloads)
  • Carpet Clean
  • Meteor Clean

What you can do about it

In most cases, Google quickly acts when malicious applications appear on the Play Store, removing them before spreading too wide. But don’t leave cybersecurity up to Big Tech. You also need to take precautions on your own.

Here are some tips on how to stay safe:

  • Before downloading an app, check the reviews to see what others say about it. If it has a relatively low…

Source…

UTSA professor’s thrift store score becomes priceless addition to Georgia museum | UTSA Today | UTSA

/in


While the artwork itself was striking, so too was the crisp, clear blue signature in the painting’s lower right-hand corner. Pugh realized he had come across an original painting and immediately searched the web to find out more about Keith Bankston.

According to the Digital Library of Georgia, Bankston was born and raised in Macon. He was inspired to pursue a career in art during a trip to Paris shortly after his high school graduation. After attending Florida State, he would return to Middle Georgia to teach art in the Bibb County public schools while simultaneously working to establish himself as an exhibiting artist. However, his fledgling art career was cut short when he died from AIDS in 1992 at the age of 34.

Pugh also found that multiple Bankston paintings were part of the collection at the Tubman African American Museum in Macon, an educational and cultural hub that strives to enrich cultural understanding and present the highest quality art to the Georgia communities it serves. Upon reading about Bankston and the Tubman Museum, Pugh knew he wanted to purchase the painting. But he no longer wanted to keep it.

“I really like it. But something like this—by a known artist in Georgia—would provide the most benefit in a museum in Georgia where everyone else can enjoy it,” Pugh said.

He bought Bankston’s “Eve in the Rose Garden” for $125 and wasted no time reaching out to Jeff Bruce, the director of exhibitions for the Tubman Museum, with intentions of donating the piece. The museum was excited to hear about the painting’s existence and happy to accept his gift. The museum will add “Eve in the Rose Garden” to its permanent collection of African American art.

“Keith Bankston is a beloved figure in the art community in Macon. His story is a kind of tragic tale of what could have been—of great potential that was never fully realized due to the AIDS epidemic.” Bruce said. “His light was just beginning to shine, so we honor the promise of his talent by collecting and exhibiting his work, and by sharing the story of his short but impactful career with young people in Middle Georgia, as well as visitors…

Source…