Hackers are using a fake Android app named ‘SafeChat’ to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.
The Android spyware is suspected to be a variant of “Coverlm,” which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.
deleted by creator
And give it accessibility permission, which comes with a big fat warning. Basically you need to tell Android “yes, install and run this random app I don’t really need, and give it access to all my info”.
As much as I love the decision to be able to sideload apps on iOS I fear that we’ll start seeing headlines like these.
A user has to click a lot of buttons to make this work, android security is doing its job. If there’s any failing on android security’s part, it’s consolidating permissions into accessibility services instead of breaking them out into something a user might get scared to click.
Then again, they did click accessibility services on a “secure messaging” app. They need to learn somehow. I just refuse to accept that the appropriate solution is not owning things you buy. There has to be a better way.
I always chuckled at my Android friends having to run AV software on their phones, but then we got Pegasus and it got harder to be smug… then the shenanigans from “legitimate” devs like Über and Tencent. It doesn’t seem like blindly trusting Apple was a great idea anymore.
They are way less than Android and Apple revokes the app certificate so even the downloaded ones stop to work.
Also the rare cases this happened in iOS the number of affected users were way small
This is a bad whatabotism since the scale is completely different and I really fear side loading. Specially because some developers will force users to get stuff outside the App Store putting everyone in risk.
“Hackers”.
deleted by creator
Yeah but that wouldn’t solve this issue? The malware stole data from the app on the users device, not from a server.
Thats technically possible?
Oh my goodness.
