Beware—Millions Of Android Users Must Delete This ‘Malicious’ Video App Now

image

The proliferation of dangerous malware within popular Android apps continues to be a serious concern. Google has pledged to clean house, launching the App Defense Alliance "to ensure the safety of the Play Store," but dangerous malware continues to slip the security net, putting hundreds of millions of users at risk.

Now the security team at Upstream has warned that the threat is getting worse, despite everything being done. In a new report, the security team says that in the first quarter of this year, the number of Android apps it identified as "malicious" doubled year-on-year, with fraudulent transactions up 55%. Even more worryingly, the most dangerous app it detected was a known threat, one it warned about last year, one that has now been installed by more than 40 million Android users.

So, what's going wrong? Upstream tells me that "mobile malware today is extremely sophisticated and avoids static, machine-based analysis by encrypting its code and only springing into action when the device is moving." What that means, in simpler terms, is more human analysis, because, the team says, "the App Defense Program will fail to identify sophisticated cases, which are more and more common."

An even bigger risk for Android users is the option to install apps from outside the Play Store—so much so, that Google has prohibited such installs for high-profile and high-risk users. And that's exactly how this video app—SnapTube, the one installed by 40 million users, found its way onto phones—it's not on the Play Store.

I covered Upstream's report into SnapTube last October. The app lets users select and download videos from Facebook and YouTube—but in the background, Upstream warned, it was defrauding users and advertisers to generate a financial return. Upstream also claimed that SnapTube generated premium calls and texts, unbeknownst to its users, that likely generated almost $100 million.

SnapTube was developed by China's Mobiuspace, which claims "100 million users per month around the world," and names Tencent and China Growth Capital among its investors. "We gain valuable experience and insight from our people who used to work for some of the most top-notch companies in the business," it says, "including Tencent, Huawei, Alibaba, ByteDance, SnapPea and Microsoft."

Last year, Upstream warned that SnapTube is no more than "a screen for suspicious background activity... We found not just background advertising click fraud, but also countless examples of users being signed up for premium digital services or subscriptions." Despite those warnings, Upstream now says it blocked more than 32 million SnapTube transactions from January through May this year.

Last October, Mobiuspace told me the issues "related to our collaboration with a third party known as Mango SDK, which allowed fraudulent ad practices that run against our beliefs and commitment with our users." The company promised it had taken "immediate action... and released an update which took Mango SDK off subsequent versions, as well as sending out notifications to all users to update to the latest version through in-app pushes and notifications."

The issue for users, though, is that they need to delete the old version of the app and install a new, safe version. On its website, Mobiuspace tells its users to "update Snaptube and reject ad fraud... to protect you from damage and make you more confident about our app, please download and update to the latest version."

"Here we present our greatest apology," Mobiuspace also says, "and please know we always take user experience and safety as our top priority." Last year the developer told me that "we are looking at potential collaboration with security monitoring companies like Upstream, to constantly monitor our app to prevent similar issues."

No such collaboration has taken place with Upstream, but the security firm does acknowledge that a declining volume of SnapTube issues suggests the newer versions of the app have likely been fixed. That said, it still tops Upstream's chart for fraudulent transactions, which suggests tens of millions of users still need to delete the old app and install the newer one. And they need to do that now. The older version of the app is laced with malware, it is a serious threat.

According to Upstream, the current high-risk environment should make users more cautious than usual. "Bad actors have always prayed upon people's fears, and fear is greater today than ever before." As for its advice for users to stay safe, "the official app stores (Google, Amazon, etc.) are the only ones you should use. Minimize your attack vector by only downloading essential apps. Read the app reviews to see if anybody is complaining. And most importantly, update your Android version."

All that said, Upstream's data is always likely to show year-on-year growth in threats and transaction blocks. More phones, more people, more threats. There is also the added risk with the use of older phones and unpatched phones which are wide open to attack and may even come with malware out of the box. These "no-name Chinese Android vendors," as Upstream describes them, are a particular risk.

In its 2019 report into Android ad fraud, Upstream said that had identified 98,000 malicious apps that had infected 43,000 devices. But, "beware the day blocked transactions drop," the company tells me now, "that just means bad actors have found a new way to avoid detection." All of which means users need to exercise common sense and restraint when it comes to loading their phone with apps.

Android Users Beware: 100 Million Users Must Delete This 'Very Dangerous' App Now

Komentar

Postingan populer dari blog ini

3.5mm to 2.5mm headphone cable for AKG K545 K490NC 5N single crystal copper earphone upgrade line

Blackview BV9600 Waterproof Rugged Smartphone Helio P70 19:9 FHD AMOLED Cellphone 4GB+64GB Android 9.0 Outdoor 4G Mobile Phone

Global Version Huawei Mate 20 6GB 128G Smartphone 6.53 inch Mobile Phone Kirin 980 NFC Kirin 980 Octa Core EMUI 9.0 4000mAh