TrendMicro has discovered 36 apps in Google Play that execute unwanted behavior:
These apps posed as useful security tools under the names Security Defender, Security Keeper, Smart Security, Advanced Boost, and more. They also advertised a variety of capabilities: scanning, cleaning junk, saving battery, cooling the CPU, locking apps, as well as message security, WiFi security, and so on.
The apps were actually able to perform these simple tasks, but they also secretly harvested user data, tracked user location, and aggressively pushed advertisements.
The apps in question have been removed from Google Play.
Related: Google Pauses Crackdown on Apps That Use Accessibility Features
(Score: 3, Interesting) by frojack on Friday January 05 2018, @07:37PM (1 child)
A much finer grained permissions system would go a long way.
On android, you can not find out (without rooting your phone) what is keeping the processors awake all the time, draining your battery.
You have to do this horrible process of elimination, killing one at a time, waiting an hour or so for the awake bar graph to paint, rinse, repeat. Or you have to root, void your warranty (perhps) lose Google Pay support (and other things), find it by voodoo, then unroot to regain some level of security.
I found, (quite by accident), a couple apps that appeared to be using the microphone. Removing mic permission also had the effect of reducing network usage. Removing those apps after posting a negative review prevented the problem from coming back.
If your Android shows awake continuously in Power utilization you got bugs.
No, you are mistaken. I've always had this sig.
(Score: 2) by urza9814 on Friday January 05 2018, @08:06PM
What's wrong with settings > battery? Gives lots of stats for each app...
Why did you give those apps microphone permission in the first place?
I highly doubt that. Too many -- in fact, I'd guess it's probably *most* -- users just click 'ok' or 'allow' on any goddamn window that comes up. They don't read it, they don't try to understand it, their only goal is "make it go away". When that's the user base, security means not just protecting the user from attackers and malware, but protecting the users from themselves too. Which is probably why modern computing is such shit...and part of THAT is thanks to all the usual corporate suspects, who want to sell their hardware/software to anything with a pulse, and will happily let their support techs get abused with "All I did was click every single 'Download now!' link on the sketchiest websites I could find, now this stupid fucking PC has a virus and it's all your fault for your garbage software, FIX IT!" Companies suck up to stupidity and this is what we get....finer permissions will just mean more pop-ups, and strengthen the "just click OK" reflex...which will piss off the customers, and the companies like Google will gladly make the devices less secure to cater to that whining.