Google Play Protect | Breaking Cybersecurity News | The Hacker News

Google has announced an update to its Play Protect with support for real-time scanning at the code level to tackle novel malicious apps prior to downloading and installing them on Android devices. "Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats," the tech giant  said . Google Play Protect is a  built-in, free threat detection service  that scans Android devices for any potentially harmful apps downloaded from the Play Store as well as other external sources. In extreme cases, an app may be blocked from being installed. The check expands on previous existing protections that alerted users when it identified an app known to be malicious from existing scanning intelligence or was identified as suspicious from heuristics gathered via on-device machine learning. With the latest safeguards, important signals from the app are extracted and sent to the Play Protect backend infr

Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge. In a report published by Check Point research today, the malware — infamously called Joker (or Bread) — has found another trick to bypass Google's Play Store protections: obfuscate the malicious DEX executable inside the application as Base64 encoded strings, which are then decoded and loaded on the compromised device. Following responsible disclosure by Check Point researchers, the 11 apps ( list and hashes here ) in question were removed by Google from the Play Store on April 30, 2020. "The Joker malware is tricky to detect, despite Google's investment in adding Play Store protections," said Check Point 's Aviran Hazum, who identified the new modus operandi of Joker malware. "Although Google removed the malicious apps from the P

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or

Google has banned nearly 600 Android apps from the Play Store for bombarding users with disruptive ads and violating its advertising guidelines. The company categorizes disruptive ads as "ads that are displayed to users in unexpected ways, including impairing or interfering with the usability of device functions," such as a full-screen ad served when attempting to make a phone call. Although Google didn't name the specific apps in question, many of the apps — which had been installed more than 4.5 billion times — primarily targeted English-speaking users and were mainly from developers based in China, Hong Kong, Singapore, and India, according to Buzzfeed News. Highlighting that malicious developers are getting "more savvy in deploying and masking disruptive ads," the company said it has developed new counter mechanisms to detect such behavior. Trouble in Google Play Store This is not the first time adware apps have been removed from the Google P

Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research team, infecting thousands of Android users who have already downloaded them with banking malware. The apps in question masquerade as a currency exchange app called Currency Converter and battery saver app called BatterySaverMobi , and are using motion-sensor inputs of infected Android devices to monitor them before installing a dangerous banking Trojan called Anubis. The malicious Android apps, with a large number of fake five-star reviews, use this clever trick instead of traditional evasion techniques in order to avoid detection when researchers run emulators (which are less likely to use sensors) to detect such malicious apps. &quo

Google has removed 85 apps from its Play Store after finding out that they were pushing aggressive, full-screen adware to Android users. With the rise in the mobile market, Adware has become one of the most prevalent mobile threats in the world. Adware has traditionally been used to aggressively push ads like banners or pop-ups on mobile screens to make money for its makers. The now-removed 85 apps in question disguised as games, streaming TV, and remote control simulator apps in the Google Play store and had collectively been installed by nine million users all over the world. Researchers from cyber security company Trend Micro spotted these apps which has the ability to bombard user devices with full-screen advertisements at regular intervals or when users unlock their device by monitoring their screen unlocking functionality. The apps can display ads even when you are not browsing the internet, hide themselves and run in the background on infected devices. The most popul

If you are wondering how to receive latest updates for an Android app—installed via a 3rd party source or peer-to-peer app sharing—directly from Google Play Store. For security reasons, until now apps installed from third-party sources cannot be updated automatically over-the-air, as Google does not recognize them as Play Store apps and they do not show up in your Google account app list as well. Late last year, Google announced its plan to set up an automated mechanism to verify the authenticity of an app by adding a small amount of security metadata on top of each Android application package (in the APK Signing Block) distributed by its Play Store. This metadata is like a digital signature that would help your Android device to verify if the origin of an app you have installed from a third-party source is a Play Store app and have not been tempered, for example, a virus is not attached to it. From early 2018, Google has already started implementing this mechanism, which doesn

In an attempt to protect Android users from malware and shady apps, Google has been continuously working to detect and remove malicious apps from your devices using its newly launched Google Play Protect service. Google Play Protect —a security feature that uses machine learning and app usage analysis to check devices for potentially harmful apps—recently helped Google researchers to identify a new deceptive family of Android spyware that was stealing a whole lot of information on users. Discovered on targeted devices in African countries, Tizi is a fully-featured Android backdoor with rooting capabilities that installs spyware apps on victims' devices to steal sensitive data from popular social media apps like Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and Telegram. "The Google Play Protect security team discovered this family in September 2017 when device scans found an app with rooting capabilities that exploited old vulnerabilities," Google said in

Security researchers at Google have discovered a new family of deceptive Android spyware that can steal a whole lot of information on users, including text messages, emails, voice calls, photos, location data, and other files, and spy on them. Dubbed Lipizzan , the Android spyware appears to be developed by Equus Technologies, an Israeli startup that Google referred to as a 'cyber arms' seller in a blog post published Wednesday. With the help of Google Play Protect , the Android security team has found Lipizzan spyware on at least 20 apps in Play Store, which infected fewer than 100 Android smartphones in total. Google has quickly blocked and removed all of those Lipizzan apps and the developers from its Android ecosystem, and Google Play Protect has notified all affected victims. For those unaware, Google Play Protect is part of the Google Play Store app and uses machine learning and app usage analysis to weed out the dangerous and malicious apps. Lipizzan: Soph

In order to keep its billions of users safe, Google has introduced another security defense for its Android devices, called Google Play Protect . Google Play Protect , which is part of the Google Play Store app, uses machine learning and app usage analysis to weed out the dangerous and malicious apps, which have always been albatross around the tech giant's neck. Since Google Play Protect actually comes with the Google Play Store, users do not need to install or activate this security feature separately. Google Play Protect for Android devices consists: App scanning Anti-Theft Measures Browser Protection Play Protect's App Scanning Feature Google Play Protect is an always-on service on devices which said to scan 50 billion apps each day across a billion Android devices to ensure they are safe. Google already has a number of security measures in place to help keep your smartphones safe, including Verify Apps and its Bouncer service, but once apps are uploa