While we love our smartphones, they are vulnerable to hackers. Here are some ways to keep them hacker free. Veuer’s Natasha Abellard has the story.
Two separate accounts surfaced over the past week, revealing how developers can use sketchy methods to infect your phone, take your money and even control your device.
A new reportÂ from CSIS Security GroupÂ found that a suspicious third-party app calledÂ “Updates for Samsung”Â hadÂ more than 10 million downloads before it was pulled from theÂ Google Play store this week. To make matters worse for Android owners, aÂ separate account says that aÂ new type of mobile attack is emerging where a maliciousÂ app’s icon is hidden from your home screen.Â
“Updates for Samsung” was meant to provide operating updates, however, it also reportedly tried to trick people into paying money for what would otherwise be a free refresh.Â
In a July 4 blog post, Aleksejs Kuprins,Â who works for CSIS Security GroupÂ in Denmark, detailed how the app worked.
Auto attacks: Here’s how hackers are making your Tesla, GM and Chrysler less vulnerableÂ
Hacking diabetes:People break into insulin pumps as an alternative to delayed innovations
“Besides being stuffed with advertisement frameworks and not being affiliated with Samsung (yet distributing their firmware), the app offers paid subscriptions for the downloads of the said firmware,” Kuprins wrote. “A user can get an annual subscription for Samsung firmware update downloads for a small fee of $34.99. Â Interestingly, that doesnâ€™t happen through the official Google Play subscriptions.”
The app’s developer told the computer support website BleepingComputer that the application was temporarily taken downÂ to remove the firmware and make other service adjustments. A Google spokesperson said that the app was suspended for violating Google Play Developer Policies.Â
“Providing a safe and secure experience is a top priority,” Google said in an emailed statement.Â “OurÂ Google Play developer policiesÂ strictlyÂ prohibitÂ apps that are deceptive, malicious, or intended to abuse or misuse any network, device, or personal data. When violations are found, we take action.”
A report by the softwareÂ technologies company Check Point revealed that apps similar to Updates for Samsung aren’t very uncommon.
In a memoÂ sent to USA TODAY, the research teamÂ said they observed a surge of Android malware attack attempts earlier in 2019, and that some of the applications had the ability to hide theirÂ icons and claim to be Google related-services.
Dubbed “Agent Smith,” the “new species of mobile malware” often uses a weaponized dropper app to install malware and extract the smartphone’s installed apps lists.Â “Agent Smith will then hijack compromised user apps to show ads,” according to the Check Point report.Â
“The developers useÂ fraudulent ads for financial gain,” the research team wrote.
Check PointÂ says over 25 million devices were “quietly infectedÂ while the user remains completely unaware.” The research companyÂ has since submitted the data to Google and law enforcement units to facilitate further investigation.
Cyber attacks: These three things make your business an easy target
The good news is, there are things you can do to better protect your smartphone from mobile malware.Â
Firstly,Â only install official updates. For Android phones, go toÂ Settings About phone Software/System/OS Update. For Apple devices, go to Settings General Software Update.
You can also protect yourself by updating your passwords, never letting anyone know your passcode, and running antivirus apps on your smartphone. Also, don’t open random links.Â
Follow Dalvin Brown on Twitter: @Dalvin_Brown.Â
Article source: http://rssfeeds.usatoday.com/~/604295778/0/usatoday-techtopstories~Report-Millions-of-Android-phones-silently-infected-with-malware-through-Samsung-app-scam/