Study: Google Play is riddled with thousands of data-stealing counterfeit apps

Discussion in 'mobile device security' started by mood, Jun 25, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    22,648
    Study: Google Play is riddled with thousands of data-stealing counterfeit apps
    June 24, 2019
    https://thenextweb.com/security/201...-thousands-of-data-stealing-counterfeit-apps/
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,302
    Location:
    The Netherlands
    That's why it's best to limit the amount of installed apps. And it's not even clear if you can trust legitimate apps. Because from what I understood, apps can read data from other apps. That's why I don't do online banking on mobile phones.
     
  3. Floyd 57

    Floyd 57 Registered Member

    Joined:
    Mar 17, 2017
    Posts:
    548
    Location:
    Europe
    I don't have enough knowledge about how android works cuz I don't use my phone that much, BUT this is looking really bad for basically any phone not bought in like the current or maybe last year. Manufacturers are like "why should we update that phone bro, you already gave us your money, loser" :D

    With google play known as being quite secure, you can at least hope that it will protect u from malicious apps even with outdated android (like 6.0.1, for phones bought around this time in 2017) and lacking security patches, as long as you don't download apps with like 200 downloads, BUT it seems like this might not be the case
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    12,302
    Location:
    The Netherlands
    Actually, seems like I have discovered something new about Android's wacky security. Yesterday I decided to install the Yahoo Mail app on my smartphone, and to my surprise it was able to auto-login to my account, it didn't even ask for username and password.

    I wondered how this was possible, and the only thing I could think of is that I had already logged in to Yahoo Finance which is a completely separate app. In other words, seems like even legitimate apps can somehow get access to usernames and passwords stored by other apps. At least, this is what I assume at the moment, there may be another explanation.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.