Last week, Google upgraded the Android app section of its store and introduced a new way for users to manage permissions. Google claims it will be easier for users to understand and that users will pay more attention to app permissions. The new interface has a cleaner look and the common user can now install apps more quickly. But does this simplicity come with a price?
Android controls the security and the amount of access every app is granted by using “permissions”. Each action has to ask the operating system for permission to take a new action. In older versions, when an app update asked for new actions or requested additional permissions, Google Play would notify the user prompting them to explicitly accept or deny the new action. Even if the user had automatic updates set, in the cases of new permissions being asked, the user would need to manually perform the update. Even if the user wasn’t exactly sure what they were giving permission for, at least the user was aware and could make the decision themselves. Security was preserved.
Everything is different now
Everything changed last week.
Individual permissions, which could range from important to trivial, are now joined into 13 groups, including a catch-all called “Other”. Now the user has to accept a “new group” change. This means that if you have already allowed certain permissions within a group, then any other permission within that group will automatically be allowed. For example, an app that could access your calendar can now also read your contacts. If you set a meeting and have invited people by email, the app will be able to use the calendar to send emails to them, even without your consent! Read more…
Official app stores are the primary sources to finding and downloading apps. Experts advise users to stay within the official app stores as they are approved ecosystems, which are widely recognized as safe. But are these sources really trustworthy? Some experts, however, claim that “Android malware is non-existent and security companies just try to scare us. Keep calm and don‘t worry.“ So which is it?
We’ve already blogged about plenty of threats that sneak onto your device from trusted sources, but here we have a really fresh one, one that is still undetected by other security vendors. An Application called Cámara Visión Nocturna (package name: com.loriapps.nightcamera.apk), which is still available in the Google Play Store as I am writing this post, is something you definitely don’t want to have on your Android device.
Starting with the application’s permissions you might notice there are some unusual requests for an app that should be able to work only using your camera.
<uses-permission android:name=”android.permission.CAMERA” />
To celebrate the new version of our top-rated avast! Mobile Security along with the new avast! Mobile Premium, AVAST and Android Police are giving away 9 new Nexus devices. You have one week to enter the contest to win one of these great Android phones or tablets:
- 2x Nexus 4 8GB
- 2x Nexus 4 16GB + bumpers + charging orb (2 bundles)
- 1x 2012 Nexus 7 16GB
- 2x Nexus 10 16GB
- 2x Nexus 10 32GB
Getting your name in the hat is easy – just go to the AVAST/Android Police contest page and answer a simple question:
What do you value most about your phone?
This can be a tricky question, so here are some examples of good answers:
- The device itself
- Text Messages
The International Mega Giveaway will run for one week and end at midnight (PST) on August 31st. Visit Android Police now to enter!
How to download avast! Mobile Premium
avast! Mobile Security and avast! Mobile Backup are FREE downloads in the Google Play store and can be used stand-alone as free versions or be upgraded to avast! Mobile Premium for access to all premium features. avast! Mobile Premium is available for $1.99 per month or $14.99 per year. Download and install on your Android device now.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun, and contest information, please follow us on Facebook, Twitter, Google+ and Instagram.
A few months ago, Google announced a new feature in Android. Version 4.2 Jelly Bean has an integrated real-time app scan which should be able to check if applications you install are clean or malicious. But is this enough? Sleazy Android app developers continue to sneak their fake apps by the Google Play gatekeepers. These guys rip off popular apps in an attempt to fool unsuspecting users.
“In the start of this week, Google released a few applications from a developer called GILBERT8332 which pretend they are legitimate applications. Between these applications you can find quite common games such as The Sims 3, Asphalt 6, Ninjago Lego and so on. And compared to original developers they are free,” said Filip Chytrý, a researcher from Avast Virus Lab.
The common result of downloading a bogus app is that personal information like your email address and mobile phone number are stolen and you are served an unending stream of spam and unwelcome offers.
Chytrý warns, “When you download them and install in your android device you will be surprised. All of them are malware. They all start quite innocently with a license agreement of AirPush advert. (AirPush is a advert system which allows to show advertisement in notification bar of your Android device.)”
“And then the funny parts come up. The Game will ask you if you want to change your main page in browser and put a search icon on desktop. Even if you decline, it’s too late. Your browser is already changed for another search page and your device is filled with uncomfortable adverts and as a bonus, the device will send personal information to a third party,” said Chytrý.
Block fake apps
avast! Free Mobile Security blocks fake apps and our new signature targeting protects you against
malware distributed with them. Our popular anti-virus/anti-theft app for Android stops downloads of fake apps and games, so you won’t be duped.
“All of these apps use multiple advert services, steal your personal data and they even are hidden under different creators. But don’t worry. Avast detects all of the mentioned applications as Android:FakeInst-DL, and urls of fake searchers are blocked also,” said Chytrý.
Get avast! Free Mobile Security for your Android device from Google Play. Please add a review and share with your friends if you like it!
Lots of smartphone users are still unaware of the actual risks arising from the use of smartphones based on operating systems, and they have a tendency to underestimate their security risks. Be honest, how many of you check if an application you install on your phone comes from a trusted source? Do you check which permissions the applications has? How many of you install applications that have “cool icons” and don’t check anything else?
I’ve asked a few people these questions, and was totally surprised by their answers! Even IT geeks don’t read permissions of applications and they just click and install whatever they find. What’s WORSE is that most of them think they are secured without any security application.
Do you remember my last article? We identified something very similar, also coming from blog and upload services such as 4shared. It’s really strange how many hijacked and infected applications are offered through those services.
One month ago, I pointed out a really nasty malware that pretends to be a Google Play app. I looked into what the creators of that malware have been doing for the last month. They definitely haven’t been lazy.
For the last two weeks, we saw more mutations of similar malware, with similar behavior. It sends numerous paid SMS messages to premium numbers without the user being aware of it. They try to pretend it is some kind of wanted application, but you obviously don’t want that.
This malware hide themselves under legitimate-sounding names like Flash Player, Talking Tom Cat, Kaspersky Lite, etc. But many of the apps have something in common: The package name is the same in hundreds of them. But don’t worry, all of them are detected.
My phone is infected! What can I do?
This leads me to the most important point of this blog post. For those who still believe they are fine without antivirus protection on their smartphone, there are a few steps to follow when you realize your phone is acting strangely.
1) Switch off GSM module or take out your SIM card immediately. (This should disconnect your phone from the mobile network and prevent losing your money.)
2) Restore your phone back to factory setup. (Malware should be removed, as well as all your data.)
3) Put your SIM card back, and you can use your phone again.
Is there a safer and easier way to protect my smartphone?
Luckily, yes. Malware that we meet comes mostly from untrusted sources. People often put the name of a wanted application in their browser and just click on the first URL that comes up. That practice is, of course, really dangerous. The viruses mentioned above come from file sharing servers such as 4shared.com, filestube.com, rapidshare.com, fake blogs, or from fake Android stores. Those file sharing servers are suspicious sources and one should not download applications from there. Even on Google Play you can find a dangerous application once in a while, so you should be cautious even when you look for applications there!
Here’s a quick example. When you search for popular games, for example, “Asphalt 6 adrenaline скачать бесплатно” (free download in Russian language) in one of the top pages on Google you will find a pretty nasty blog full of repacked games but with a small gift in the form of a malware.
My recommendation is to use an antivirus program on your phone – for example, avast! Free Mobile Security – and download applications from less dangerous sources – for example, Google Play, Amazon.com, etc.
Android is one of the fastest growing platforms in the world. In the second quarter of this year there were more than 300 million active Android devices. The increase is almost 900,000 of new devices per day and still rising. These days Android occupies more than 60% of the mobile devices market! By the way there is around 300,000 newborn children a day all around the world, and this number constantly decreases.
Hand in hand with this trend goes the rise of applications and viruses for this platform. In the past week we noticed one of them that was especially tricky. At first look, it’s trying to act like a regular Google Play application, but that’s just an illusion. It is a fake application which not only downloads other fraudulent application, but it is also able to send premium text messages without user’s knowledge
After the installation it replaces the original Google Play from the menu and just waits for a first start from the user.
Immediately after the first start you are asked to update the program and there your troubles continue “Critical update, install new version, click the continue”.
After this step follows another nasty download from this link shows up:
After the installation of second aplication, your phone turns into a money sucking machine. Without your knowledge it starts sending premium messages on paid numbers. Luckily we caught this threat and Avast! detects both samples as Android:OpFake-BV.
This file is easily accessible from more than thirty malware pages, which are made to resemble various markets and download pages! But no worries Avast! users are protected even if you accidentally visit these pages.