The Android Antivirus App You're Using Maybe a Fraud

Google Play Store app Pixel 2 XL AA 3

Google has now removed the malicious apps from the Google Play app store but only after potentially millions of devices were infected. Taking one more step along that road, the company put out new app icon guidelines for app developers - and they're embracing the squircle. Unknowingly to them, the app contained adware known as SimBad. Researchers believe that most, if not all of the developers who were using RXDroider were unaware of its deficiencies.

Android apps that asked for "dangerous" permissions included those downloaded millions of times from the Google Play Store.

Cipot recommended users install anti-malware software since it provides "the opportunity of viewing the rating of the apps and checking if the installed app has any weird behavior listed or uses functionality that should not be there".

Users likely wouldn't notice the malicious app since the malware instructs the device to remove the app icon from the device launcher, making it harder to uninstall the app while it displays ads in the background. Unfortunately, they also identified up to 150 million who have downloaded it unknowingly. Google wants to support you as much as they can by (1) releasing developer-impacting features in the first Q Beta to give you as much time as possible to make any updates needed in your apps and (2) providing detailed information in follow-up posts like this one as well as in the developer guides and privacy checklist. For instance, the adware may hide an icon of a particular app to prevent users from uninstalling it.

3 takeaways from Duke’s ACC Tournament win over UNC
UNC: The Tar Heels are headed to the NCAA Tournament, though it's unclear whether they've done enough to secure a No. 1 seed. It's also the same floor where Virginia lost a second-round game as a No. 2 seed to seventh-seeded Michigan State in 2015.

In many ways, the Android anti-virus scene is similar to the desktop scene a decade ago. Check Point's findings state that SimBad's capabilities range from showing ads to opening a specific URL in the Web browser and exposing users to more malicious apps.

The truth is that Check Point also unearthed other feature in the code. After that it directed users to install rogue app or visit scam websites.

According to Check Point's Research and Development Manager Jonathan Shimonovich, Google reacted very fast to the discovery. It was found that numerous antivirus apps instead of scanning the apps, simply used a whitelist/blacklist approach based on package names than relying on the code for deciding whether an app is unsafe or harmless. Others were found by the researchers at AV-Comparatives to have had their malware reference databases last updated ages ago, rendering them useless when it comes to detecting emerging threats.

Related:

Comments

Latest news

'Game of Thrones' series finale to run 1 hour, 20 minutes
But despite fewer episodes, Season 8 will be nearly as long as Season 7 in total runtime: 432 minutes to Season 7's 440 minutes. Then, the 5th will be on for an hour and 18 minutes, while the 12th will be back up to an hour and 20 minutes.

U.S. plans to test missiles banned by INF Treaty in 2019
However, he thinks it could be possible that the Trump administration was simply arranging for an end of the INF treaty . The missile, which is believed to have a range of 1000 km (620 miles), would be tested in August.

PM statement on the New Zealand attack: 15 March 2019
Following the attack, Prime Minister Jacinda Ardern said: "It is clear that this can only be described as a terrorist attack". Britain's Queen Elizabeth, who is New Zealand's head of state, said she was "deeply saddened by the appalling events".

Lotte Chemical Titan gives assistance over Pasir Gudang pollution
A total of 250 people have been hospitalized, including eight in intensive care, according to the national disaster management agency, after being poisoned by fumes from chemical waste dumped in a river in the industrial district of Pasir Gudang in southern Johor state.

Ireland U20s Bid For Grand Slam Glory Tonight
That plan could be scuppered, however, if the Six Nations accept a reported investment offer from former Formula One owners CVC Capital Partners.

Ancelotti's Napoli faces Arsenal in Europa League
He said: "In the last period, every time he has been on the pitch, he was able to play really very well". He has scored only one Premier League goal but started just six top-flight games during this campaign.

Fraser Anning Slammed For "Disguting" Christchurch Comments
My warmest sympathy and best wishes goes out to the people of New Zealand after the awful massacre in the Mosques. The PM's comments came just before Anning was egged at a public event in Melbourne.

Strip club visit at center of Georgia Tech probe
Georgia Tech has received an NCAA notice of allegations regarding its men's basketball program, the school acknowledged on Friday. LaBarrie was placed on leave in November 2017 and later resigned . "People who know me know my character and what I stand for".

Federer, Nadal, steam into Indian Wells quarters
He became the first lucky loser to reach the quarterfinals since the tournament achieved Masters 1000 status in 1990. Kecmanovic next plays 13th-seeded Canadian Milos Raonic , who beat Jan-Lennard Struff 6-4, 6-3.

Bryce Harper leaves game after being hit by a pitch
Harper was drilled with a 96 miles per hour fastball right in the ankle, which sent him to the ground in pain. Harper fell to the ground in pain before slowly limping off the diamond and making his way to the dugout.

United States imposes new Ukraine-related sanctions on Russian Federation
We will continue to take necessary action together in response to Russia's efforts to destabilise Ukraine. He claimed his net worth has dropped by $7.5bn because of the measures.

New Zealand terror attack suspect appears in court on murder charges
He said there will be a heightened police presence at community events on Saturday "for safety and reassurance". Green Leader Elizabeth May did not mention Muslims in her first Tweet but retweeted several others who did.

Celebrate Pi Day With Math (Not Pie)
If you're dining at a BJ's Restaurant & Brewhouse location on Thursday, you can get a mini one-topping pizza for just $3.14. Bojangles : Get three Sweet Potato Pies for $3.14 Thursday while supplies last at participating locations.

Suspect in New Zealand mosque killings makes first court appearance
Ambulance officers transfer a boy to Dunedin Public Hospital, New Zealand, Nov. 14, 1990, after he had been shot in Aramoana. Twitter and Google, which owns YouTube, say they're working to remove any video of the shootings from their sites, as well.

New Zealand Shooter Said 'Subscribe to PewDiePie' Before Mosque Massacre
Givealitte: This New Zealand-based crowdfunding platform is hosting a live campaign where people can donate for victim support.

Other news