Tag

Mobile App

Browsing

A foundational element of innovation in today’s app-driven world is the API. From banks, retail and transportation to IoT, autonomous vehicles and smart cities, APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing, and internal applications. By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.

API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs)

Download the OWASP API Security Top 10 2019 today!

[embeddoc url=”https://itblogr.com/wp-content/uploads/2019/12/OWASP-API-Security-Top-10-2019.pdf” viewer=”google”]

Lukas Stefanko, an IT security researcher at ESET has discovered 9 Android apps on Google Play Store spamming users with unwanted ads. One of the apps called “Remote control for TV and home electronics” has been installed by more than 5 million users while in total all 9 apps have been installed by 8 million users around the world. This is the second time in one week that adware apps have been found on Google Play Store.

According to Stefanko, none of the apps actually work and their sole purpose is to bombard users with ads to generate revenue for app developers. It is noteworthy that these apps have been developed by Tools4TV, an Android developer that has been active since 2015.

Embedded video

 

9 fake apps containing functionality found on Google Play with over 8 Million installs.

Unwanted code is hidden in “not working” apps that once launched, hide itself from user’s view and display ads.
All these apps are fake without any promised functionality.

In his tweet dated 

The unwanted code is hidden in “not working” apps that once launched, hide itself from user’s view and display ads. All these apps are fake without any promised functionality,

The current list of well known malicious apps on Google play store is as follow:

– Remote control
– TV remote controller
– TV remote controlling
– Remote for Air conditioner
– Remote for television for free
– Air conditioner remote control
– Universal TV remote controller
– Remote control for the car (prank)
– Remote control for TV and home electronics

This is the second time in a week that researchers have reported the presence of adware apps on the Play Store. Last week, the IT security researchers at Trend Micro revealed that there were 85 adware infected apps on the marketplace bombarding around 9 million Android users with full-screen unwanted ads.

All 85 apps (developed by two different Android developers “Alger games and Kodev”) were then removed by Google however it is unclear whether there is a connection between apps reported by Trend Micro and Lukas Stefanko. 

At the time of publishing this article, Google has booted out Tools4TV along with their apps from the Play Store. To protect yourself from malware and adware apps avoid installing unnecessary apps from Google Play Store or from a third-party marketplace.

We suggest sticking to trusted developers and brands and only download an app after going through its review section. Moreover, installing a reliable antivirus would also be helpful in thwarting impending attacks. Here is a list of 10 powerful antiviruses for Android, iPhone, Mac, and PC

Source: Hack Read