Hackers Hiding Everywhere
This week The Hacker News reported that 21 apps have been removed from the Google Play Store after they were found to have malicious or intrusive ads. Additionally, the recent iOS 14 update that warns users when an app is trying to access device clipboard information without the user’s permission. The iOS update also added a new permission that protects clipboards from that attempt.
It may be a little shocking to hear that apps through a verified source could contain scripting that could steal your data. We trust our providers to screen what’s coming onto their platforms. Don’t they have a responsibility to keep us safe?
To their credit, Apple is pretty good about identifying trouble and containing it. When you see a system update in between a number switch, those are patches meant to keep you safe. While the iOS 14 rollout gave us more advanced security settings, there will be numerous patches released before whatever is planned for iOS 15. This isn’t because the developers aren’t doing their job right the first time, it’s because security evolves.
The Play Store is a little less discerning with what it allows its users to access. And it doesn’t matter what side of the Apple/Android fight you fall on, this is just a fact.
On Monday, Czech security firm Avast reported the findings. The 21 identified apps were downloaded more than 8 million times. (List of apps here.) This isn’t the first time this year Avast has discovered malicious apps in the Play Store either. In June, they identified 47 apps with over 15 million downloads.
The HiddenAds malware is a notorious Trojan. It’s capable of serving intrusive ads outside of the app. The group behind it relies on social media marketing. This makes identifying it tricky, as there is a slew of legitimate marketing out there flooding social media daily.
The apps are also great at hiding themselves so it makes it more difficult to delete them. Additionally, they have the ability to draw over other apps and even open ads in your browser. Spooky.
Google is actively trying to squelch these apps from making their way into the Play Store. Google Play Protect was created in an effort to screen potentially dangerous apps before they’re released to the public.
How To Protect Yourself
So how do you know what’s a new, fun game and what’s a potentially dangerous app? And do you have to forgo everything to keep your device safe?
Checking out reviews in the store, developer information, and the list of requested permissions on the app. That may sound overwhelming, but that information is listed readily on the download page within the store. If you’re unsure, do a quick internet search of the developer. Also, leave reviews for other users! It takes a lot for me to leave a bad review, but I’ll jump at the chance to leave a good one. A strong community can keep each other educated on what’s safe.
When you just aren’t sure, however, better safe than sorry. There are millions of apps out there, make sure you’re choosing the ones that are verified and safe. This way, you’ll protect yourself from the hackers lurking in the dark parts of the internet.
As always, stay safe out there.
1,717 total views, 3 views today