Tag Archives: google play

Malware Posing as Official Google Play App Found in….Official Google Play Store

Posted on by

When you click on it, the app asks for administrator privileges of the device. Once opened the sole user interface FireEye observed for the app contains pops up saying “Program Error” and “It’s Deleted!” when translated to English from Korean.

via Malware Posing as Official Google Play App Found in….Official Google Play Store.

These exploits usually require the user to approve of something first.

The app captures text messages, security certificates and banking details which it then sends to a Gmail address included in the malware – an email address which Google has now terminated

Inside the Bluebox Android Master Key Vulnerability

Posted on by

The only way an Android user can be attacked via this master key flaw is if they download a vulnerable application.

“It all comes down to where you get your applications from,” Forristal said.

That means if a user gets their applications from trusted sources like Google Play, the risk of the master key exploit is not high, even if the given device has not been updated with the latest patched Android code. Forristal noted that he has seen reports that he has not been able to independently verify, that indicate Google is already scanning apps in the Play store to mitigate risk.

via Inside the Bluebox Android Master Key Vulnerability – eSecurity Planet.

From:  First Malicious Apps Targeting Android ‘Master Key Vulnerability’ Found in the Wild

Bluebox Security has released a free app designed to help Android users check if their device has been patched for the master key vulnerability.