A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. The Hacker News reports: Dubbed "Vultur" due to its use of Virtual Network Computing (VNC)'s remote screen-sharing technology to gain full visibility on targeted users, the mobile malware was distributed via the official Google Play Store and masqueraded as an app named "Protection Guard," attracting over 5,000 installations. Banking and crypto-wallet apps from entities located in Italy, Australia, and Spain were the primary targets. "For the first time we are seeing an Android banking trojan that has screen recording and keylogging as the main strategy to harvest login credentials in an automated and scalable way," researchers from ThreatFabric said in a write-up shared with The Hacker News. "The actors chose to steer away from the common HTML overlay development we usually see in other Android banking Trojans: this approach usually requires a larger time and effort investment from the actors to create multiple overlays capable of tricking the user. Instead, they chose to simply record what is shown on the screen, effectively obtaining the same end result." Vultur [...] takes advantage of accessibility permissions to capture keystrokes and leverages VNC's screen recording feature to stealthily log all activities on the phone, thus obviating the need to register a new device and making it difficult for banks to detect fraud. What's more, the malware employs ngrok, a cross-platform utility used to expose local servers behind NATs and firewalls to the public internet over secure tunnels, to provide remote access to the VNC server running locally on the phone. Additionally, it also establishes connections with a command-and-control (C2) server to receive commands over Firebase Cloud Messaging (FCM), the results of which, including extracted data and screen captures, are then transmitted back to the server. ThreatFabric's investigation also connected Vultur with another well-known piece of malicious software named Brunhilda, a dropper that utilizes the Play Store to distribute different kinds of malware in what's called a "dropper-as-a-service" (DaaS) operation, citing overlaps in the source code and C2 infrastructure used to facilitate attacks. These ties, the Amsterdam-based cybersecurity services company said, indicate Brunhilda to be a privately operating threat actor that has its own dropper and proprietary RAT Vultur.

Read more of this story at Slashdot.

Google's updated its inappropriate content policy to ban "compensated sexual relationships" -- i.e., sugar daddy or sugar dating apps. Ryne Hager writes via Android Police: If somehow you aren't familiar with the term, a "sugar daddy" is more than a caramel candy on a stick. In the more common vernacular, a sugar daddy is a person -- usually an older man, but you could have a "sugar mommy" or maybe a gender-neutral "sugar parent?" -- that spends or gives money in what is typically a transactional relationship, often for sexual favors. I don't judge, different people enjoy different things, and if all parties are consenting with full knowledge, I don't see how an arrangement like that really harms anyone. But, it seems Google does care, though the company is clear it's not objecting to the nature of the relationship, merely the fact that they're often sexual relationships with a perceived compensation basis, and the company has a blanket ban on sexual content -- at least partly ignoring the primary impulse for many customers behind more generalized dating apps like Tinder and Hinge, as well as many of the messages that even mainstream dating app users swap.

Read more of this story at Slashdot.

Security researchers have discovered a novel piece of Android malware that uses the VNC technology to record and broadcast a victim's smartphone activity, allowing threat actors to collect keyboard presses and app passwords. From a report: First spotted in March 2021 by Dutch security firm ThreatFabric, this new piece of malware, named Vultur, is a departure from other Android malware strains that usually rely on fake login screens floating on top of legitimate apps to collect a victim's credentials. Instead, Vultur opens a VNC server on the infected phone, and broadcasts screen captures to an attacker command and control server, where the Vultur operator extracts passwords for desired apps.

Read more of this story at Slashdot.

In a post titled "What Wear OS 3 means for you," Google provides a few more details about its upcoming Wear OS update plans, which will be the first major Wear OS update since Wear OS 2 in 2018. Unfortunately, as Ars Technica points out, the list of devices receiving the new update are limited to some of Mobvoi's TicWatch devices and Fossil Group's new generation of devices launching later this year. Older Wear OS devices featuring the Wear 3100 SoC, which makes up almost all the current Wear OS devices, will not support the new update. From the report: We still have next to no information about Wear OS 3, but there are a few tidbits in the upgrade announcement indicating that things will be very different. One line in the announcement lays out the requirement for a mandatory factory reset for any Wear 4100 devices upgrading from Wear OS 2 to version 3. Wear OS 3 is apparently so different that user data can't be ported over, and all local data will need to be wiped. We've certainly heard Google and Samsung talk about how Wear OS 3 will combine the "best of Wear OS and Tizen," indicating that even the base OS might be rebuilt. Google also vaguely tells 4100 upgraders that "in some limited cases, the user experience will also be impacted." Is this a reference to the 4100 performance or the app selection and features compared to Wear OS 2? It's hard to say. Because Wear OS 3 will be so different, Google says it won't force the upgrade on 4100 users: "We expect that for these reasons, some of you will prefer to keep your current Wear OS experience. Therefore, we will offer the system upgrade on an opt-in basis for eligible devices. We will provide more details in advance of the update so you can make an informed decision. We expect our partners to be able to roll out the system update starting in mid to second half of 2022." The Samsung Watch with Wear OS 3 is expected to ship sometime in August 2021, so the partner time of "2H 2022" -- potentially a year after Samsung's release -- is surprisingly late. Android has typically been very good at letting partners get early access to code, so (at least the ones that care) can be ready for launch, but this suggests Samsung is getting a huge head start. Google's message that upcoming Fossil watches, launching later this year, will be "eligible for upgrade" to Wear OS 3 also suggests that we might see Wear OS 2 devices launch from other companies after Samsung launches Wear OS 3 next month.

Read more of this story at Slashdot.

Nvidia's Shield TVs are some of the best streaming video boxes on the market, but following a recent update to Android TV, Shield TV users are starting to see ads on their home screen and they aren't happy about it. From a report: The latest update to Android TV on Shield TV devices began rolling out earlier this month and featured a small UI redesign that added large banner images to Android TV's home screen, similar to what you get when using Google TV devices like the Chromecast with Google TV. Now technically, Google calls these banner images "recommendations," as they are regularly updated and rotated to help users find new streaming content Google thinks they might enjoy. However, a number of Shield TV users consider these images to be advertisements (especially when they recommend shows on services users aren't even subscribed to), and as such, have taken to showing their displeasure with the recent update by review bombing the listing for the Android TV Home app, which now has a one-star rating across more than 800 reviews.

Read more of this story at Slashdot.

ASUS and Qualcomm have teamed up to make a smartphone that shows off some of the latter's mobile tech. Although the phone is ostensibly for the 1.6 million members of the Snapdragon Insiders program (which is a bit like Microsoft's Windows Insider early-access scheme), it'll be more broadly available by August. From a report: The snappily named Smartphone for Snapdragon Insiders harnesses Qualcomm's Snapdragon 888 5G chipset with a 2.84 GHz octa-core processor and the Adreno 660 GPU. It has what Qualcomm describes as "the most comprehensive support for all key 5G sub-6 and mmWave bands" of any device, along with WiFi 6 and WiFi 6E support with speeds of up to 3.6 Gbps. You'll get 16GB of LPDDR5 memory and 512GB of storage. The 6.78-inch AMOLED display from Samsung has a 144 Hz refresh rate, which could help make it a solid gaming phone. The screen has up to 1,200 nits of brightness and it's HDR10 and HDR10+ certified. The phone has three rear cameras: a 64MP main lens, 12MP ultrawide camera and 8MP telephoto. The array can capture video in up to 8K. The device also has a 24MP front camera and AI auto-zoom. You'll be able to buy the $1,499 device at ASUSTeK's eShop and other retailers.

Read more of this story at Slashdot.

If you use an iPhone or Android phone, chances are the majority of your most-used apps were made by Apple and Google. From a report: That's the takeaway from a new Comscore study that ranks the popularity of preinstalled iOS and Android apps, such as Apple's Messages, alongside apps made by other developers. The results show that the majority of apps people use on their phones in the US come preinstalled by either Apple or Google. The first-of-its-kind report was commissioned by Facebook, one of Apple's loudest critics, and shared exclusively with The Verge. Preinstalled services dominate when it comes to basics like weather, photos, and clocks, according to the report, suggesting these categories will be difficult for other apps to compete in. Defaults don't win out exclusively, though: Apple Maps and Music don't appear on the iOS list at all, and Gmail makes the iOS list several entries below Apple Mail. The timing, as Facebook likely intentioned, is apt: Apple and Google are increasingly under scrutiny for how they favor their own services over competitors like Spotify. US lawmakers are currently reviewing a new set of bills designed to curb the power of Big Tech, including legislation that could potentially bar Apple and Google from giving their services the upper hand against rivals. The pushback stems from how Apple and Google bundle their apps and services with their mobile operating systems in ways that some of their competitors think is unfair. The criticism is harsher against Apple, given that it more tightly controls the apps that come preinstalled on the iPhone and doesn't allow developers to circumvent its App Store.

Read more of this story at Slashdot.

Last month, it was revealed that OnePlus will become an Oppo sub-brand. Now, the company announced that it's also merging OxygenOS with Oppo's ColorOS operating system. 9to5Google reports: In a forum post today, OnePlus explains that the sub-brand of Oppo is "working on integrating the codebase of OxygenOS and ColorOS." Apparently, the change will go unnoticed because it is happening behind the scenes: "This is a change that you will likely not even notice since it's happening behind the scenes. We now have a larger and even more capable team of developers, more advanced R&D resources, and a more streamlined development process all coming together to improve the OxygenOS experience." OnePlus also further reiterates that OxygenOS will remain the "global" operating system for OnePlus-branded devices rather than ColorOS, which runs on Oppo devices and OnePlus devices in China, too. It's not mentioned if OxygenOS will change visually, but it's fairly clear that will happen based on early looks at the Android 12 Beta which is available for OnePlus 9 devices. The bright side of this change, however, is that OnePlus will be committing to a stronger Android update schedule that delivers at least three years of support to the company's entire portfolio.

Read more of this story at Slashdot.

Famed software engineer Miguel de Icaza confirmed on Twitter that you will be able to sideload Android APKs in Windows 11. Android Authority reports: Yesterday, Microsoft surprised us all by announcing that Windows 11 will support native Android app installation. Using the Microsoft Store, you'll be able to search for, install, and use Android apps right on your PC. This is possible through an integration of the Amazon App Store. However, a big question loomed over the announcement: would you be able to sideload Android APKs on Windows 11? Sideloading apps would allow you to install Android programs from outside the Microsoft Store, which would give you a much larger potential library. It seems the answer to that question is "yes," at least according to famed engineer Miguel de Icaza. Miguel is responsible for numerous software projects, including GNOME, and currently works at Microsoft. However, his Twitter bio explicitly says "Working at Microsoft, not speaking for them," so we need to take this news with some skepticism. Of course, it's not quite clear how sideloading Android APKs on Windows 11 will work. Will you be able to simply download an APK as you would an EXE, double-click it, and install it? Or will there be some sort of workaround protocol? We'll need to wait to see how this develops.

Read more of this story at Slashdot.

Android and Windows users will finally be able to join FaceTime calls. From a report: During its WWDC keynote, Apple announced that FaceTime is going to be available on the web so users can call in from Android devices and Windows PCs. The video calling service was previously only available on iOS and Mac devices. Apple is turning FaceTime into a bit more of a Zoom-like video calling service with this update. FaceTime is also going to allow you to grab a link to a scheduled call, so that you can share it with people in advance and join in at the right time.

Read more of this story at Slashdot.

It's going to get harder for Android apps to track users who've opted out of receiving personalized ads, the Financial Times reports, after Google announced changes to how it'll handle the unique device identifiers that allow marketers to track them between apps. From a report: Starting later this year, Google is cutting off access to these "Advertising IDs" after a user opts out, and will show developers a "string of zeros" in its place. The news was announced in an email to Play Store developers, and Google has also updated its support page for Advertising IDs with the announcement. Google told developers the changes will "provide users with more control over their data, and help bolster security and privacy," the Financial Times reports. The change comes a few short months after Apple overhauled how advertising IDs work on iOS in an apparent attempt to compete with the new policy.

Read more of this story at Slashdot.

At Google I/O 2021 today, Google confirmed that Android 12 is getting a huge new design. Ars Technica reports: Google calls the new design "Material You," and just like in the leaks, it's a UI that changes colors like a chameleon. For now, this design will only show up in Google Pixels, but Google says it will roll out across the ecosystem to the web, Chrome OS, smart displays, cars, watches, tablets, and every other Google form factor. The new interface is powered by a "color extraction" API that can pull the colors out of your wallpaper and apply them to the UI. This sounds exactly like the Palette API that was introduced in Android 5.0 (along with the original introduction of Material Design), but it's apparently a second swing at the color extraction idea, and Google is heavily using it in the UI now. The demo interfaces featured customized highlight colors, clock faces, widget backgrounds, and more, all matching the color of your wallpaper. Besides new colors, there are also tons of layout changes to the quick settings and notification panel. The first public beta of Android is now available. Google Pixel smartphones as far back as the Pixel 3 are eligible, as well as several devices from device-maker partners, including ASUS and OnePlus.

Read more of this story at Slashdot.

There are over 3 billion active Android devices in the wild now. Sameer Samat, VP of product management at Google, announced the news at Google I/O 2021 today. From a report: Google added over 500 million active Android devices since its last developer's conference in 2019 and 1 billion devices since 2017. (That was when it hit the 2 billion mark.) The number is taken from the Google Play Store, which doesn't take into account devices based on Android but that use alternative stores, including Amazon Fire devices and the myriad of Chinese Android-based devices that avoid using Google's apps altogether. That means the number of active Android devices is likely much higher than what Samat announced on the live stream.

Read more of this story at Slashdot.

Clubhouse finally has an Android app that you can download from the Play Store -- provided you live in the U.S. From a report: The voice-based social network launched its beta Android app on Play Store for users in the U.S. on Sunday, and said it will gradually make the new app available in other English-speaking countries and then the rest of the world. The social network, valued at about $4 billion in its most recent fundraise, launched as an iPhone-only app last year. The app quickly gained popularity last year, attracting several high-profile celebrities, politicians, investors, and entrepreneurs. Clubhouse began developing the Android app early this year and started to test the beta version externally this month. In a town hall earlier Sunday, the startup said availability on Android has been the most requested product feature. "Our plan over the next few weeks is to collect feedback from the community, fix any issues we see and work to add a few final features like payments and club creation before rolling it out more broadly," the team wrote. As Clubhouse struggles to maintain its growth -- data from mobile insight firms including AppMagic suggests that Clubhouse installs have drastically dropped in recent months -- the Android app could prove pivotal in boosting the startup's reach across the globe.

Read more of this story at Slashdot.

According to The Verge, citing a new deposition made public as part of the Epic case, Apple's senior VP of software and services, Eddy Cue, pushed to bring iMessage to Android as early as 2013. "[...] Cue wanted to devote a full team to iMessage support on Android, only to be overruled by other executives," adds The Verge. From the report: The latest deposition cites a specific email exchange between Cue and Craig Federighi, currently Apple's SVP of software engineering, beginning on April 7th and 8th, 2013. The exchange came after news circulated that Google had attempted to purchase WhatsApp for $1 billion. According to the exchange, Cue took the rumors as a sign that iMessage should expand to Android to cement Apple's hold on messaging apps: Cue: We really need to bring iMessage to Android. I have had a couple of people investigating this but we should go full speed and make this an official project.... Do we want to lose one of the most important apps in a mobile environment to Google? They have search, mail, free video, and growing quickly in browsers. We have the best messaging app and we should make it the industry standard. I don't know what ways we can monetize it but it doesn't cost us a lot to run. Federighi: Do you have any thoughts on how we would make switching to iMessage (from WhatsApp) compelling to masses of Android users who don't have a bunch of iOS friends? iMessage is a nice app/service, but to get users to switch social networks we'd need more than a marginally better app. (This is why Google is willing to pay $1 billion -- for the network, not for the app.)...In the absence of a strategy to become the primary messaging service for [the] bulk of cell phone users, I am concerned [that] iMessage on Android would simply serve to remove an obstacle to iPhone families giving their kids Android phones. Elsewhere in the deposition, Cue says, "I remember the time of wanting to do an iMessage app on Android ourselves." "Would there have been cross-compatibility with the iOS platform so that users of both platforms would have been able to exchange messages?" the questioner responds. "That was certainly the discussion and the view that I had," Cue says. [...] The line of questioning is likely to play a significant role in Epic's antitrust lawsuit, which argues that iOS app store exclusivity represents an illegal use of market power. Epic has made clear in previous filings that it plans to make iMessage exclusivity part of that argument, citing a 2016 email from Phil Schiller that argues iMessage expansion "will hurt us more than help us."

Read more of this story at Slashdot.

According to a new report from Light Reading, the three major U.S. carriers (four at the time) have reportedly abandoned their joint venture to launch a new Cross Carrier Messaging Initiative (CCMI), that promised interoperability for an RCS Universal Profile-based messaging standard. It was originally set to be launched in 2020. [For a detailed explanation of RCS Messaging, we recommend this article.] Android Police reports: Although the company handling the logistics behind the cross-carrier effort claims that it's still "continuing to move forward with preparations," a Verizon spokesperson told Light Reading that "the owners of the Cross Carrier Messaging Initiative decided to end the joint venture effort." [...] This may seem like bad news, but things have changed since 2019. In the time since the CCMI was announced, Google leapfrogged the carrier's selfish dithering and rolled out its own RCS messaging solution via the Messages app, all connected to its Jibe network (though it will use your carrier network if it's Universal Profile-compatible). It's a move that means customers don't have to wait on their carriers to start the work they should have done five years ago. More recently, T-Mobile has essentially handed the reins for its whole network messaging solution to Google by adopting Messages as the default SMS app for all T-Mobile phones, connecting all its customers to Google's RCS network. Given what has and hasn't succeeded when it comes to RCS messaging, what we'd like to see is for Verizon and AT&T to follow T-Mobile, give up on their own stupid standards, and simply adopt Google's RCS Messaging -- either by connecting their chat apps to Google's Jibe network somehow or by adopting the Messages app as sanctioned solutions, as T-Mobile did. But in the meantime, there's nothing to prevent customers on either network from just installing the Messages app themselves and bypassing the carrier mess altogether -- especially since it sounds like the carriers have given up on fixing it.

Read more of this story at Slashdot.

Security researchers say APKPure, a widely popular app for installing older or discontinued Android apps from outside of Google's app store, contained malicious adware that flooded the victim's device with unwanted ads. From a report: Kaspersky Lab said that it alerted APKPure on Thursday that its most recent app version, 3.17.18, contained malicious code that siphoned off data from a victim's device without their knowledge, and pushed ads to the device's lock screen and in the background to generate fraudulent revenue for the adware operators. But the researchers said that the malicious code had the capacity to download other malware, potentially putting affected victims at further risk.

Read more of this story at Slashdot.

Apple knows that iMessage's blue bubbles are a big barrier to people switching to Android, which is why the service has never appeared on Google's mobile operating system. From a report: That's according to depositions and emails from Apple employees, including some high-ranking executives, revealed in a court filing from Epic Games as part of its legal dispute with the iPhone manufacturer. Epic argues that Apple consciously tries to lock customers into its ecosystem of devices, and that iMessage is one of the key services helping it to do so. It cites comments made by Apple's senior vice president of Internet Software and Services Eddie Cue, senior vice president of software engineering Craig Federighi, and Apple Fellow Phil Schiller to support its argument. "The #1 most difficult [reason] to leave the Apple universe app is iMessage ... iMessage amounts to serious lock-in," was how one unnamed former Apple employee put it in an email in 2016, prompting Schiller to respond that, "moving iMessage to Android will hurt us more than help us, this email illustrates why." "iMessage on Android would simply serve to remove [an] obstacle to iPhone families giving their kids Android phones," was Federighi's concern according to the Epic filing. Although workarounds to using iMessage on Android have emerged over the years, none have been particularly convenient or reliable.

Read more of this story at Slashdot.

schwit1 shares a report from Ars Technica: Austrian privacy activist Max Schrems has filed a complaint against Google in France alleging that the US tech giant is illegally tracking users on Android phones without their consent. Android phones generate unique advertising codes, similar to Apple's Identifier for Advertisers (IDFA), that allow Google and third parties to track users' browsing behavior in order to better target them with advertising. In a complaint filed on Wednesday, Schrems' campaign group Noyb argued that in creating and storing these codes without first obtaining explicit permission from users, Google was engaging in "illegal operations" that violate EU privacy laws. Noyb urged France's data privacy regulator to launch a probe into Google's tracking practices and to force the company to comply with privacy rules. It argued that fines should be imposed on the tech giant if the watchdog finds evidence of wrongdoing. "Through these hidden identifiers on your phone, Google and third parties can track users without their consent," said Stefano Rossetti, privacy lawyer at Noyb. "It is like having powder on your hands and feet, leaving a trace of everything you do on your phone -- from whether you swiped right or left to the song you downloaded." Last year, Schrems won a landmark case at Europe's highest court that ruled a transatlantic agreement on transferring data between the bloc and the US used by thousands of corporations did not protect EU citizens' privacy.

Read more of this story at Slashdot.

The developers behind Niagara Launcher, a popular third-party home screen replacement app, have found new evidence in the Android 12 preview documentation, which suggests that Google is adding a new device search API in Android 12 that will let third-party launchers offer a similar universal search feature. XDA Developers reports: [T]he feature will give third-party launchers "access to the centralized AppSearch index maintained by the system." It further highlights that the AppSearch index is a search library for managing structured data featuring: A fully offline on-device solution; A set of APIs for applications to index documents and retrieve them via full-text search; APIs for applications to allow the System to display their content on the system UI surfaces; and Similarly, APIs for applications to allow the System to share their content with other specified applications. This feature will essentially provide a native alternative to universal search apps like Sesame, giving users the option to search for almost anything on their device in an instant.

Read more of this story at Slashdot.