'Cellik' Android RAT Leverages Google Play Store
The remote access Trojan lets an attacker remotely control a victim's phone and can generate malicious apps from inside the Play Store.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The remote access Trojan lets an attacker remotely control a victim's phone and can generate malicious apps from inside the Play Store.
Konni, a subset of the state-sponsored DPRK cyberespionage group, first exploits Google Find Hub, which ironically aims to protect lost Android devices, to remotely wipe devices.
The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo.
The number of memory bugs in Android declined sharply after Google began transitioning to Rust for new features in its mobile OS.
The dangerous Anatsa banking Trojan is among the malware being spread to Android users via decoy mobile apps in recent months.
Antidot uses overlay attacks and keylogging to target users' financial data.
A Russian-language campaign aims to compromise corporate users on both Windows and Android devices by mimicking popular online collaboration applications.
Users have already downloaded droppers for the malware from Google's official Play store more than 100,000 times since last November.
A more sophisticated version of a "work in progress" malware is impersonating a Google Chrome app to attack a wider swath of mobile users.
If you are in the market for a smartphone but want to break away from the Apple-Google duopoly, look no further: these alternative smartphones are based on various Linux variants and custom hardware.
The malware, along with a sister strain dubbed "FakeTrade," was found lurking in Google Play.
A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data.
New rules aim to level up the quality of submissions to Google and Android device Vulnerability Reward Program.
The marketplace for malicious Google Play applications and app-takeover tools is thriving, thanks to novel hacking techniques and lax enterprise security.
Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.
Users of affected devices that want to mitigate risk from the security issues in the Exynos chipsets can turn off Wi-Fi and Voice-over-LTE settings, researchers from Google's Project Zero say.
Google's Android and Chrome Vulnerability Reward Programs (VRPs) in particular saw hundreds of valid reports and payouts for security vulnerabilities discovered by ethical hackers.
Some 400 mobile apps have posed as legitimate software on Google Play and the Apple App Store over the past year, and were designed to steal Facebook user credentials.
The heap buffer-overflow issue in Chrome for Android could be used for DoS, code execution, and more.
An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.