Google offers Play app store bounty program

Google offers Play app store bounty program”

Cybersecurity firm Symantec first discovered the scheme, which includes a total of eight trojan horse-like Minecraft apps infected with malware. In a parallel to Apple's App Store reforms, Google will reduce its cut of subscription apps from 30 percent to 15 percent if a user remains with the service for more than a year.

While Google may have done a lot to improve user security offering solutions that are being used by the entire industry (for example, its Safe Browsing protections), its Android operating system is widely considered as the most insecure popular operating system.

For the past several years, Google has hosted a developer event called Playtime centered around the Play Store and apps to share best practices and new tools. "In addition to enabling arbitrary network attacks, the large footprint of this infection could also be leveraged to mount a distributed denial of service (DDoS) attack". The launcher is not an ordinary clone of the original Pixel Launcher as it offers quite a many functionalities that cannot be found in others.

For the moment, the program is limited to a select number of developers to get initial feedback.

As Symantec explains on its blog, the Sockbot malware connects to a command and control (C&C) server, opens a socket using the SOCKS proxy mechanism and connects to a specified IP address. To further boost those efforts, the Games section is seeing a redesign that adds nested tabs. The process involves researchers contacting the app maker directly with the latter party then informing Google to issue a reward after the problem has been resolved. Users can try this now by heading to this initial collection of apps that should feature the new button.

The malware has since been modified to do even more damage than just serve annoying ads-it can also completely enslave a victim's device and allow a threat actor to use the smartphone in a botnet attack.

Сomo este

Más reciente