Free VPN apps on Google Play turned Android phones into proxies

Android

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots.

Residential proxies are devices that route internet traffic through devices located in homes for other remote users, making the traffic appear legitimate and less likely to be blocked.

While they have legitimate uses for market research, ad verification, and SEO, many cybercriminals use them to conceal malicious activities, including ad fraud, spamming, phishing, credential stuffing, and password spraying.

Users may voluntarily register on proxy services to get monetary or other rewards in return, but some of these proxy services employ unethical and shady means to install their proxying tools on people’s devices secretly.

When secretly installed, victims will have their internet bandwidth hijacked without their knowledge and risk legal trouble due to appearing as the source of malicious activity.

Proxying Android VPN apps

A report published today by HUMAN’s Satori threat intelligence team lists 28 applications on Google Play that secretly turned Android devices into proxy servers. Of these 28 applications, 17 were passed off as free VPN software.

Satori analysts report that the offending apps were all using a software development kit (SDK) by LumiApps that contained “Proxylib,” a Golang library to perform the proxying.

HUMAN discovered the first PROXYLIB carrier app in May 2023, a free Android VPN app named “Oko VPN.” The researchers later found the same library used by the LumiApps Android app monetization service.

“In late May 2023, Satori researchers observed activity on hacker forums and new VPN applications referencing a monetization SDK, lumiapps[.]io,” explains the Satori report.

Upon further investigation, the team determined that this SDK has exactly the same functionality and uses the same server infrastructure as

Read More ...

Google’s Surprise New Update Brings Unique iPhone Feature To Android Phones

Android and iPhone users may jealously protect their phone platform of choice, but secretly, both camps know there are some features the other phones have that theirs do not. Google is now, it seems, addressing one place it underperforms, by improving Google Wallet so it can be better at something the iPhone does brilliantly: digital tickets and boarding passes.

March 21 update below. This post was first published on March 18, 2024.

Both Apple Wallet and the equivalent on Android phones, Google Wallet, are good when it comes to housing digital versions of credit and debit cards. But the iPhone version has always been stronger for passes—it’s no coincidence that it originally used to be called Passbook.

MORE FROM FORBESGoogle Pixel 8 Pro: Smart New Feature Neatly Upgrades Pixel Experience

Because it’s done this for longer, apps for airlines, theaters, concert halls and others routinely include a button designed to add them to the Wallet where they’re easily found.

It now looks like the passes that slide so easily into the iPhone Wallet app could pop into Google Wallet just as smoothly. Android writer Mishaal Rahman posted on X that files in the .pkpass format used by Apple can now be imported into Google Wallet.

And 9to5Google has followed up by saying that other users have confirmed that they have been able to do the same, though this doesn’t seem to have rolled out to everyone yet.

When it is more widespread, this will be a significant uptick in convenience. Those websites and apps with buttons inviting users to click to add passes to Apple Wallet all too often did not include an equivalent for downloading to Google Wallet.

MORE FROM FORBESApple Unveils

Read More ...

Android owners warned of bank-raiding attack that’s found a new way to hide in plain sight on their phones

ANDROID owners have been warned that an invisible bank thief could be hiding in plain sight on their phones.

A banking trojan malware, known as PixPirate, has been discovered on phones without an app icon – making it impossible to detect by the untrained eye until victims see their cash is gone.

The malware can steal bank details and two-factor authentication codes to make unauthorised money transfers

1

The malware can steal bank details and two-factor authentication codes to make unauthorised money transfersCredit: Getty

Cyber experts at Cleafy TIR first documented the threat last month, where they found it had been targeting Latin American banks.

Typically, smartphone owners can spot if they have installed a malicious app because an icon will appear on their home screen.

However, PixPirate does not use an app icon.

This has allowed hidden malware to run rampant on Android phones – even on handsets with the latest Android 14 software.

In a separate investigation by IBM’s security company Trusteer, researchers explain that this new version of PixPirate versions uses two different platforms that work together to steal information from devices.

The first is the ‘downloader’ that victims accidentally install from phishing messages received via WhatsApp or text.

The ‘downloader’ app requests invasive permissions when users install it, which, if they approve, will allow the app to install a second app which carries the banking malware.

Silent fraud

PixPirate has remote access capabilities, meaning hackers can force actions on a device without the owners knowledge or consent.

Most read in Phones & Gadgets

It’s this that has allowed the malware to steal bank details and two-factor authentication codes to make unauthorised money transfers.

Android owners have been urged to be cautious when installing apps and clicking links in messages.

Links to avoid are Android Package Files (APKs) which are what are used to disguise PixPirate.

A Google spokesperson told Bleeping

Read More ...

New Android features coming to phones and smartwatches

6. View your health, wellness and fitness data in one place

See a more complete picture of your health right in the redesigned Fitbit app through Health Connect — with data from your favorite wearables and apps like AllTrails, Oura Ring and MyFitnessPal. In the Fitbit app on your Android phone, head to the You tab to see data from connected apps next to your Fitbit data. And in the Today tab, you can see data like exercise, steps, calories burned, floors climbed and distance traveled from Health Connect-compatible apps.

link … Read More ...

Google Photos Android 14 share sheet appears on Pixel phones

Back in October, Google Photos started rolling out a native Android 14 share sheet instead of its custom implementation, and we’re not seeing it widely available on Pixel phones.

Android 14 allows developers to add application-specific actions to the system share sheet. Google Photos has long used a custom implementation with a “Send in Google Photos” carousel of people and shortcut to create a “New group.” This is followed by high-level buttons for “Nearby Share” and “Create link,” while “Share to Apps” appears at the bottom. 

Google Photos is now replacing its custom implementation with a native one. The “Sharing image” sheet features a preview, with support for multiple pictures. You then get a carousel of actions: Create Link, Send in Photos, Add to Album, and Create Album.

This is followed by the usual Direct Share targets and app grid that you scroll up to access.

In mid-October, the Android 14 Google Photos share sheet only widely rolled out to the Pixel 8 and 8 Pro. We’re now seeing it on every Pixel phone, including the Fold, running version 6.71 of Google Photos. However, it’s not appearing on the Pixel Tablet or a Samsung phone running Android 14.

Meanwhile, Google is also more widely rolling out auto-grouping Stacks and a system photo picker with Google Photos support.

More on Google Photos:

FTC: We use income earning auto affiliate links. More.

link … Read More ...

Google improving integration between Android phones and tablets

It is well-known that Apple has better integration between its devices than any other brand. While Samsung has the second-best integration among its devices, it is still not as seamless or easy to use as Apple’s. Google is trying to bring the same level of integration among Android devices.

Google is building better integration between Android devices

Google has been testing for ‘Cross-Device Services’ over the past few years for integration between Android and Chrome OS devices. It looks like Google is finally developing more cross-device features for better integration between Android-based smartphones and tablets. Some of those features have been available on iPhones, iPads, and Macs have had for years. It was discovered by @AssembleDebug (via 9To5Google) that Google could rename the Cross-Device Services settings in Play Services (version 24.06.12) to ‘Devices & Sharing,’ and it has three features: Call Cast, Hotspot Sharing, and Wi-Fi Sharing.

All these three features are self-explanatory. Call Cast allows you to transfer an incoming/ongoing video or voice call from one Android device to another device that is logged into the same Google account. Hotspot Sharing allows you to automatically enable Wi-Fi Hotspot on one device from another device and then connect it to it automatically. With the Wi-Fi Sharing feature, you can get the Wi-Fi network password on one device from another device that is already linked to that Wi-Fi network.

Google has been building a feature called Device Groups that allows a user to link multiple devices to the same Google account and enable certain features between them. Earlier this year, Google merged its Nearby Share feature into Samsung’s Quick Share feature for seamless wireless file sharing.


link … Read More ...