- cross-posted to:
- cybersecurity@sh.itjust.works
- cross-posted to:
- cybersecurity@sh.itjust.works
Many articles but never a list of apps. What shit reporting.
It’s probably shitware that a list of which would make the issue seem less scary. “FartCameraXxX” “SkibidiKeyboard - Says skibidi every button press! V1.2”
What sort of idiot would skibidi install something like that?
Wow! That’s the skibidi combination I have on my luggage!
And probably downloaded from random sketchy website ad.
I wouldn’t hazard that. The average Joe is not going around installing random apps from third party sites until they are actively looking for it, like modded games or stuff and get a virus in the process. Many such reported apps have very low download counts on Play Store and in fact, just fly under Google’s radar. Google tries to present Play store as a safe walled garden but often fails.
Because usually those are masquerading as legitimate apps.
Real example: Google allows “Muhammad mahmood ali” from Pakistan to run fake ads pretending to be a more famous corporation (flagged, google replied that this individual isn’t breaking the TOS somehow, flagged again, the bot replied that yes, that phishing page doesn’t break AdWords TOS - probably the scammers are serving different content according to the IP address)
When someone searches for “dji app”, they get an ad that looks legitimate and goes to a fake landing page where they say to download and install this apk, showing a fake “100% safe and trusted” logo.
So, they can’t say the list of the infected apps, because the real apps aren’t affected. Someone could have been tricked by a fake ad to install an infected version of “bank of America” but the real app is clean
Fun