An Android banking trojan is requesting users to whitelist its process against the Android Doze power saving module in order to stay connected to its command and control (C&C) servers and continue its malicious behavior.
Security researchers have discovered that third-party firmware included with over 2.8 million low-end Android smartphones allows attackers to compromise Over-the-Air (OTA) update operations and execute commands on the target's phone with root privileges.
Researchers from Red Naga Security have discovered new Android spyware that was used to target government employees, which initially appeared to be tied to the HackingTeam, but might very well be the work of a fellow Italian company, also a maker of surveillance software.
Security researchers have found a secret backdoor in the firmware of many Android smartphones sold in the US, which covertly gathers information on phone owners and sends it to a server in China.
Security researchers from Dr.Web say they've identified a new malware family inside an Android app found on the Google Play Store under the name of "Multiple Accounts: 2 Accounts."
Google released today Android's Security Bulletin for the month of November, which among a total of 83 security vulnerabilities has also patched two high profile bugs identified as Drammer and Dirty COW.
Crooks distributing the Svpeng Android banking trojan have discovered a flaw in how Google Chrome for Android handles file downloads and have used it to forcibly and secretly download their malicious payload on the devices of over 318,000 users in the span of three months, starting with July 2016.
Over the course of three months, more than 200,000 users have downloaded apps infected with an Android malware derived from the source code of the GM Bot, Czech security firm Avast reports.
A mobile banking trojan called Trojan-Banker.AndroidOS.Gugi.c, or "Gugi" for short, found no problem bypassing a couple of the security measures introduced in Android 6.. Even worse, it does it through social engineering rather than exploiting vulnerabilities.
A set of malicious gaming applications for Android available on the Google Play Store employ obfuscation at multiple levels and antiemulation techniques to avoid detection. There are six malicious apps in total. They all advertise a different mod for Minecraft, the popular sandbox video game.
Fake versions of the Prisma application for Android threaten as many as 1.5 million users with unwanted advertisements and data theft.
A new trojan potentially threatens as many as 2.8 million Android users with unwanted mobile advertisements. On 29 July, researchers at the Russian computer security firm Doctor Web published an alert about the trojan, which goes by the name "Android.Spy.305.origin".