Breaking News

Malicious software revealed to the screen detected in the Apple App Store at the first moment of attack

Photo of admin admin6 hours ago
0 0 7 minutes read


Every technological expert They will tell you that the App Store is safer than the Google Play Store. Some might even claim that it is impossible to download a malicious app from the App Store, but they are wrong.

Although I admit that the App Store is a safe and firmly controlled ecosystem, it cannot completely protect you. Security researchers have found that hackers are targeting several apps in the App Store to spread the malicious software that steals information from the screenshot of the device saved to the device.

The question also affects those Download apps from the Google Play store.

Stay protected and informed! Get security warnings and professional technological tips – sign up for Cyberguy Kurt’s report

A person holding an iPhone. (Kurt “Cyberguy” Knutsson)

How does malicious software work and what makes it different

According to Kaspersky researchersThis malicious software campaign is more advanced than the typical theft of information, both in the way it works and how it spreads. Instead of relying on the tricks of social engineering so that users give permits like most banking Trojans or spy software, this malicious software hides within seemingly legitimate applications and goes through Apple and Google’s security checks.

One of his features is optical character recognition. Instead of stealing stored files, it scans the screenshots stored on the device, set aside the text and sends the data to the remote servers.

Once installed, malicious software works in accordance, often activated only after a sleep period to avoid suspicions. It uses encrypted communication channels to send stolen data to its operators, which makes it difficult to monitor. In addition, it spreads through deceptive updates or a hidden code within an app addiction, an approach that helps him avoid initial safety screenings by the App Store Review Teams.

The vectors for infection differ between Apple and Google’s ecosystems. On ios -uThe malicious software is often built into applications that initially pass the Apple’s strict examination process, but later enter harmful functionality through updates. On Android, malicious software can use the side imposition options, but even the official applications of Google Play carry these malicious useful loads, sometimes hidden within the SDKS (software development kits), which are delivered by third developers.

Application application in the app store designed to lure the victims.

Hidden Costs of Free Apps: Your Personal Data

What was stolen and who is responsible?

The scope of stolen information is alarming. This malicious software primarily targets the phrase for recovery of the Crypto wallet, but is also capable of expressing credits to the application, payment details, personal messages, location information, and even biometric identifiers. Some versions are designed to collect tokens to authenticate, allowing attackers to access accounts even if users change their passwords.

Applications that serve as malicious software carriers include Comecoms, Chatai, Wetink, Anygpt and more. They range from a productivity tool to fun and service applications. In some cases, malicious developers create these applications with complete knowledge of the purpose of malicious software. In others, it seems that this is a vulnerability of the supply chain, where legitimate developers unconsciously integrate the compromised SDKs or third parties services that bring a malicious code into their applications.

We reached out to Apple to comment, but we didn’t hear from our deadline.

Application application in the app store designed to lure the victims. (Kaspersky)

Apple’s response to malicious software discovered in the App Store detected in the App Store

Apple removed the 11 iOS apps mentioned in the Kaspersky report from the App Store. Furthermore, they discovered that these 11 applications were shared by the signatures of the 89 other iOS applications, all previously bounced or removed due to the violation of Apple policies, which resulted in the abolition of their accounts for development developers.

Applications that require access to user data such as photos, cameras or locations must provide relevant functionality or facial rejection. They also need to clearly explain the use of data when users seek permission. IOOS privacy features ensure that users always control whether their location information is divided with the application. Also, starting with iOS 14, Photokit API – which allows applications to request access to the user’s photo – added additional controls to allow users to choose only certain photos or videos to share with the application instead of providing access to the entire library.

Guidelines for an App Store Review that developers are responsible for ensuring the whole application, including advertising networks, analytical services and SDK third parties, in accordance with the guidelines. Developers must carefully inspect and select these components. Applications must also accurately represent their privacy practices, including the SDK they use, in their privacy stickers.

In 2023, the App Store rejected more than 1.7 million applications for failure in fulfilling its strict privacy, security and content standards. He also rejected 248,000 applications for applications that were found to be unwanted mail, copied or misconceptions and prevented 84,000 potentially false applications to reach users.

What is artificial intelligence (AI)?

What Google do to stop malicious software

Google spokesman tells Cyberguy:

“All identified applications were removed from Google Play and developers are forbidden. Android users are automatically protected from known versions of this malicious software by Google Play Protectwhich according to the default settings on Android devices with Google Play Services. “

However, it is important to note that Google Play Protect may not be enough. Historically, it is not 100% stupid in removing all the famous malicious software from Android devices. Here’s why:

What Google Play Protect can do:

  • She scans app from the Google Play Store for famous threats.
  • It warns you if the application behaves suspicious.
  • Detects applications from unverified sources (laterally loaded APKS).
  • May disable or remove harmful applications.

What the Google Play Protect cannot do:

  • It does not provide real -time protection from advanced threats such as spy software, ransomware or phishing attacks.
  • It does not scan files, download or links outside the Play Store app.
  • Maybe missing malicious software from third -party app stores or exposed applications.
  • It lacks features such as VPN protection, a tool for theft and tracking privacy.

Picture of a person who button in their password on the screen. (Kurt “Cyberguy” Knutsson)

How fraudists use your personal data for financial fraud and how to stop them

5 ways in which users can protect themselves from such malicious software

1. Use strong antiviral software: Installing a strong antiviral software can add an additional layer of protection by scanning applications for malicious software, blocking suspicious activity and warning you of potential threats. The best way to protect yourself from malicious connections installed by malicious software, which potentially access your private information is to install antiviral software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.

2. Keep up with reliable developers and known applications: Although malicious software has been found in official app stores, users can still reduce their risk by downloading applications from distinguished programmers with long records. Before installing the application, check his programmer’s history, read more views and see the permits he requires. If an unknown developer application suddenly gains popularity but lack a strong history history, approach it with caution.

Get a job with Fox on a clicking movement here

3. Carefully inspect the application licenses: Many malicious applications are disguised as legitimate tools, but are looking for excessive permits that transcend their specified purpose. For example, a simple calculator app should not access your contacts, messages or location. If the application requests permissions that look unnecessary, consider the red flag and or deny those permits or avoid fully installing the application. Go to the phone settings and check the application licenses on your iPhone and Android.

4. Update your device and apps: Cyber ​​-Criminals exploit vulnerability in an outdated software distribution software. Always Inform your operating system and apps To the latest versions because these updates often contain critical security patches. Enabling automatic updates ensures that you remain protected without manually checking new versions.

5. Be careful from applications that promise too much: Many applications infected with malicious software lubricate users by offering features that look too good to be true-for free premium services, extreme optimization of batteries or functionality on AI drive that seems unrealistic. If the apps of the application sound excessive or its download numbers increase overnight with questionable reviews, it is best to avoid it. Keep an app with a transparent development team and verifiable functionalities.

How to remove your private information from the Internet

Kurt’s key step

The new campaign of malicious software emphasizes the need for stricter verification processes, continuously monitoring the APP behavior after approval and greater transparency from applications for safety risks. While Apple and Google removed the malicious apps after discovering, the fact that they made it in the platform in the platform reveals a gap in the existing security frame. While Cyber ​​-Kriminalians are perfecting their methods, app stores must develop equally quickly or risk losing the trust of the beneficiaries themselves they claim to protect.

Click here to get the Fox News app

Do you think the app stores should take over more responsibilities to pass the malicious software? Let us know by writing us on Cyberguy.com/contact

For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter

Ask the Kurt question or let us know which stories would you like to cover.

Follow Kurt on his social channels:

Answer to the most demanding questions about Cyberguy:

New from Kurt:

Copyright 2025 Cyberguy.com. All rights reserved.

Kurt “Cyberguy” Knutsson is a award -winning technological journalist who is a deep love for technology, equipment and gadgets who make life better with their Fox News & Fox Business Start at Fox & Friends. Do you have a technical question? Get Kurt’s free newsletter about Cyberguy, share your voice, idea of ​​a story or comment on Cyberguy.com.



Source link

Photo of admin admin6 hours ago
0 0 7 minutes read
Photo of admin

admin

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Social Media Auto Publish Powered By : XYZScripts.com