Google blocks more than 158,000 non -developer accounts, trying to publish such harmful apps that Android apps that use more than 2.36 million policies in 2024 will be released on Google Play App Place. He said he was banned.
Tech Giant also stated that cooperating with third -party application developers has hindered 1.3 million apps from getting excess or unnecessary access to sensitive user data.
In addition, Google Play Protect is a security feature that allows you to flag a novel threat by default on Android devices, and has identified 13 million new apps other than the official App Store.
“As a result of closely affiliated with the developer, more than 91 % of the installation of the Google Play Store’s apps uses the latest protection after Android 13,” And Ron Aquino He said the trust and safety of Shams Google Play.
In comparison, the company has blocked 1.43 million and 2.28 million dangerous apps for being released to the play store in 2022 and 2023.
Google also states that the use of the Play Integrity API to confirm that the app is changing with malicious intent or in a potentially infringing environment. 。
Furthermore, 36 million in Brazil, Hong Kong, India, Kenya, Nigeria, the Philippines, Singapore, South Africa, Thailand, Vietnam, etc., which automatically block the side loading of apps that are not safe. We have secured 10 million devices from people and above. Attempts to install a high risk that spans more than 200,000 uniquely apps.
Google, which complements these Initiative, has announced this week that a new “verified” badge will be introduced in a VPN application for consumers who have successfully completed the mobile application security evaluation (MASA) audit. Google originally announced this plan in November 2023.
“This new badge emphasizes apps that prioritize the privacy and safety of the user, make choices based on more information on the VPN app used by users, and build confidence in the app to be ultimately downloaded. It is designed like. “
Rather, it indicates that protecting the Android and Google Play ecosystem is a continuous effort, as new malware stocks continue to find the path to mobile devices.
The latest example is Tria Stealer, which is mainly targeted for Android users in Malaysia and Brunei. This campaign is thought to be ongoing since at least since March 2024.
In the form of APK files, malicious apps distributed via Telegram and WhatsApp are Gmail, Google Message, Samsung Message, WhatSapp, etc. Harvest a wide range of data from ri Requires confidential authority. Business, and Yahoo! Post.
Malware suggests that it is an Indonesian threat actor’s work for the existence of an artifact written in Indonesian and the telegram bot’s naming treaty used on the host of command and control. There is. server.
“Tria Stealer collects the victim’s SMS data and tracks call logs, messages (messages from WhatsApp, WhatsApp Business, etc.), and tracks email data (for example, Gmail or Outlook Mailbox).” Says. “Tria Stealer removes data by transmitting to various telegram bots using the Telegram API for communication.”
The stolen information hijacks personal messaging accounts such as WhatsApp and Telegram, requesting the victim to remittance from contact to bank accounts, and distributing the APK files of the malware layer to further permanent. , I am impersonating as a victim. For all family and friends.
The fact that TRIA Stealer can extract SMS messages is that the operator may use malware to steal one -time password (OTP) and allow access to various online services, including bank accounts. It is shown.
Kaspersky distributes malware called Udangasteal in 2023, and in early 2024, wedding invitations, package distribution, and customer support lures targeting Indonesia and India victims. Was distributed. However, at this stage, there is no evidence to connect two malware family to the same threat actor.
Source link
