Security Alerts & News
by Tymoteusz A. Góral

History
#1394 How trojans manipulate Google Play
For malware writers, Google Play is the promised land of sorts. Once there, a malicious application gains access to a wide audience, gains the trust of that audience and experiences a degree of leniency from the security systems built into operating systems. On mobile devices, users typically cannot install applications coming from sources other than the official store, meaning this is a serious barrier for an app with malicious intent. However, it is far from easy for the app to get into Google Play: one of the main conditions for it is to pass a rigorous check for unwanted behavior by different analysis systems, both automatic and manual.

Some malware writers have given up on their efforts to push their malicious creations past security checks, and instead learned how to use the store’s client app for their unscrupulous gains. Lately, we have seen many Trojans use the Google Play app during promotion campaigns to download, install and launch apps on smartphones without the owners’ knowledge, as well as leave comments and rate apps. The apps installed by the Trojan do not typically cause direct damage to the user, but the victim may have to pay for the created excessive traffic. In addition, the Trojans may download and install paid apps as if they were free ones, further adding to the users’ bills.
Read more
#1394 How trojans manipulate Google Play
#1393 How we helped to catch one of the most dangerous gangs of financial cybercriminals
#1392 Google won't fix login page flaw that can lead to malware download
#1391 OSX/Keydnap spreads via signed Transmission application
#1390 New ransomware threat deletes files from Linux web servers
#1389 An unsecured database leaves off-the-grid energy customers exposed
#1388 Google login issue allows credential theft
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12