GO Keyboard, an insanely popular custom keyboard app for the Android OS, also available on the official Google Play Store, was caught collecting user data and downloading and running code from a third-party server.
Google removed — and then reinstated — one of the most popular mobile antivirus apps on the Play Store after security firm Check Point discovered that the app was secretly collecting device data from users' smartphones.
Google will automatically delete all of a user's Android backup files — stored in his Google Drive account — if the user does not use his phone for two weeks.
Malware authors hid malicious code inside a software development kit (SDK) that developers embedded in their Android apps, unwittingly exposing their users to a mobile malware strain that Check Point identifies as ExpensiveWall.
A team of Oxford and Cambridge researchers is the latest to join a chorus of voices sounding the alarm on a new attack vector named Intra-Library Collusion (ILC) that could make identifying Android malware much harder in the upcoming future.
A bug discovered in the recently launched Android 8.0 Oreo spends users' mobile data allowance, even when the phone's mobile WiFi connection is enabled.
Mobile security experts from Palo Alto Networks have detailed a new attack on Android devices that uses "Toast" notifications to help malware in obtaining admin rights or access to Android's Accessibility service — often used to take over users' smartphones.
An attacker can downgrade components of the Android TrustZone technology to older versions that feature known vulnerabilities and use older exploits against smartphones running an up-to-date operating system.
Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks.
After years of silence, WAP-billing trojans are making a comeback, with four new strains becoming active in the second quarter of 2017, targeting Russia and India primarily.
Security researchers from Akamai, Cloudflare, Flashpoint, Google, Oracle Dyn, RiskIQ, Team Cymru, and a few other companies have worked together to take down a DDoS botnet made up of Android devices.
Chinese malware developers have created a specialized Android application that allows anyone to generate a fully-working Android ransomware just by filling in a form and pushing a few buttons.
Google has yet to remove two apps infected with dangerous malware that are currently still available for download via the official Google Play Store.
An advertising software development kit (SDK) embedded in many legitimate apps has been secretly siphoning user data and sending it to the servers of a Chinese company.
It was to be expected that Android banking trojan operators would eventually set their sights on ride-hailing applications, considering that these apps work with a user's financial data on a daily basis.
The developer(s) of an Android adware family named GhostClicker has managed to sneak his malware on the official Google Play Store on several occasions, hiding it in as much as 340 mundane Android apps.
A new version of the Svpeng Android banking trojan has started making victims during the past month, and at the origin of this sudden surge in activity is a criminal selling a new and improved version of Svpeng on a Russian underground hacking forum.