Researchers Find 36 Android Devices Pre-Owned With Malware
About 10 years ago, security researchers began warning users and technology manufacturers about the problem of hardware devices coming out of the box pre-loaded with malware. It began with digital picture frames and USB drives, and it has moved to mobile phones, with the latest example coming in the form of 36 Android phones that shipped with […]
Google Roots Out Harmful Chamois Apps From Play Store
Fraudsters and cybercriminals continue to target mobile app stores with garbage apps disguised as benign ones, and Google has just identified a large family of potentially harmful apps in the Play marketplace and banned the apps and some people who were trying to take advantage of the company’s ad system to make money on the apps. […]
Google Details Scoring System for Potentially Malicious Apps
Google has introduced a number of different layers of security protection for Android devices recently, many of which are invisible to users. One of those protective measures is a scoring system that looks at how often a specific app has been downloaded and how many devices with the app are still checking in with Google’s […]
Bugs in AirDroid App Allow Traffic Interception, Malicious Updates
AirDroid, a popular Android app used for remote management, has a number of security vulnerabilities that could allow an attacker to intercept and decrypt secure traffic and even inject a malicious app update to gain remote code execution on a target device. The main issue with the app is the use of a hard-coded encryption […]
More Than a Million Android Devices Rooted by Gooligan Malware
A new version of an existing piece of malware has emerged in some third-party Android app stores and researchers say it has infected more than a million devices around the world, giving the attackers full access to victims’ Google accounts in the process. The malware campaign is known as Gooligan, and it’s a variant of […]
Google Fixes Dozens of Bugs in November Android Patch
Google’s November update for Android includes patches for more than a dozen critical vulnerabilities, several of which are in the kernel. The monthly update also includes fixes for a number of remote code execution flaws. One of the critical vulnerabilities is an issue with the Qualcomm cryptographic driver that could lead to code execution. “A […]
Pork Explosion Backdoor Found in Some Android Bootloaders
A security researcher has uncovered a debugging feature left in some Android firmware images on devices assembled by Foxconn that essentially serves as a fully functioning backdoor that can be exploited in as little as five seconds. Researcher Jon Sawyer found the backdoor in a bootloader that Foxconn provides on some of the Android phones it […]
Bypassing the CA Restrictions in Android Nougat
One of the new security features Google added to Android Nougat is a function that prevents the OS from trusting by default any user-installed certificate authorities. The goal is to protect the traffic to and from apps, but a researcher has found a way around that protection and a method to intercept HTTPS traffic from […]
Android Bug in Nexus 5 Devices Allowed Memory Access
Google quietly patched a serious vulnerability in the Android image used on some Nexus devices that could allow an attacker to get full access to a device’s memory even while it was locked. The bug could have been exploited by a remote attacker or someone who had physical access to a vulnerable device. Researchers from IBM’s […]