[]()
Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being published to the Play Store in 2022.
In addition, the company said it banned 173,000 bad accounts and fended off over $2 billion in fraudulent and abusive transactions through [developer-facing features]() like Voided Purchases API, Obfuscated Account ID, and Play Integrity API.
The addition of identity verification methods such as phone number and email address to join Google Play contributed to a reduction in accounts used to publish apps that go against its policies, Google pointed out.
The search behemoth further said it “prevented about 500K submitted apps from unnecessarily accessing sensitive permissions over the past 3 years.”
“In 2022, the [App Security Improvements program]() helped developers fix ~500K security weaknesses affecting ~300K apps with a combined install base of approximately 250B installs,” it [noted]().
In contrast, Google [blocked]() 1.2 million policy-violating apps from being published and banned 190,000 bad accounts in 2021.
The development comes weeks after Google [enacted]() a new data deletion policy that requires app developers to offer a “readily discoverable option” to users from both within an app and outside of it.
Despite these efforts from Google, cybercriminals are [continuing]() to [find ways]() around the app storefront’s security protections and publish malicious and adware apps.
Case in point, McAfee’s Mobile Research Team discovered 38 games masquerading as Minecraft and which have been installed by no less than 35 million users worldwide, primarily located in the U.S., Canada, South Korea, and Brazil.
[]()
These gaming apps, while offering the promised functionality, have been found to incorporate the [HiddenAds malware]() to stealthily load ads in the background to generate illicit revenue for its operators.
Some of the most downloaded apps are as follows –
* Block Box Master Diamond (com.good.robo.game.builder.craft.block)
* Craft Sword Mini Fun (com.craft.world.fairy.fun.everyday.block)
* Block Box Skyland Sword (com.skyland.pet.realm.block.rain.craft)
* Craft Monster Crazy Sword (com.skyland.fun.block.game.monster.craft)
* Block Pro Forrest Diamond (com.monster.craft.block.fun.robo.fairy)
“One of the most accessible content for young people using mobile devices is games,” McAfee [said](). “Malware authors are also aware of this and try to hide their malicious features inside games.”
Complicating the problem is the surge in [Android]() [banking]() [malware]() that can be weaponized by threat actors to gain access to victim devices and harvest personal information.
Another emerging trend is the [use of binding services]() to trojanize legitimate applications and conceal a rogue APK payload. This technique has been adopted by bad actors to distribute an Android botnet dubbed DAAM, Cyble said.
The malware, once installed, establishes connections with a remote server to perform a wide range of nefarious actions, including acting as ransomware by encrypting files stored in the devices using a password retrieved from the server.
DAAM also abuses Android’s accessibility services to monitor users’ activity, thereby allowing it to log keystrokes, record VoIP calls from instant messaging apps, collect browser history, call logs, photos, screenshots, and SMS messages, run arbitrary code, and open phishing URLs.
“Malware authors often leverage genuine applications to distribute malicious code to avoid suspicion,” the cybersecurity firm [said]() in an analysis published last month.
[]()
The findings also follow an [advisory]() from CloudSEK, which discovered that several popular Android applications like Canva, LinkedIn, Strava, Telegram, and WhatsApp do not invalidate or revalidate session cookies after app data is transferred from one device to another.
While this attack scenario requires an adversary to have physical access to a target’s phone, it could allow for account takeover and grant an adversary unauthorized access to confidential data.
To mitigate such threats, it’s advised to enable two-factor authentication (2FA) to add an extra layer of account protection, scrutinize app permissions, secure devices with a password, and avoid leaving them unattended in public places.
Found this article interesting? Follow us on [Twitter _ï_]() and [LinkedIn]() to read more exclusive content we post.Read More