Types of malware on your Android [PART 3]
In this part of our new category, we want to show you why you can’t fully trust apps on Google Play or Amazon Appstore. These 2 types of malware very tricky, so it is not so easy to define them and a both were noticed on official sources. Be aware!
» Insidious webview
Webview is usual for us thing, but it can be dangerous to some versions of Android (Android 4.3 Jellybean and lower).
Webview is a browser bundled inside of a mobile application, so apps allow you open links inside them.
Users are vulnerable to a Universal Cross-Site Scripting (UXSS) attack. A flaw in UXSS was found in all the latest versions of Internet Explorer that is how cyber criminals can inject malicious code into different websites and pass the usual security procedure. The virus can steal cookies, login credentials and other personal information. Android won’t do any patches for this vulnerability, so with this particular malware, the best recommendation is to update Android to the newer version.
» Malware that is hidden in usual apps
Flashlight, puzzle, quizzes sound safe, aren’t they? Recently nearly a 1 million phones were attacked by these apps. Do not think anything bad about Android security checking. Godless, that is how the virus was called, installing with the first launching of the app and adding itself to the system applications. So, technically, Flashlight and other apps on Google Play were safe. They become dangerous only on your phone with launching the program. This malware installing other apps and can steal all your data. Google Play removed all apps with this virus, but where is a guarantee that it won’t appear again? The best protection – is to update Android to version later 5.1 and checking the history of developers and reviews on their apps.