Whats up with these droppers that app developers hide in their apps. Anybody that trust Google is a moron
-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
Droppers
- Thread starter OneDeep80
- Start date
"Malicious app developers have been using a surprisingly successful trick to sneak malware into the Google Play Store, and ultimately onto your phone. The method is performed using something called "droppers," which is a type of code hidden deep within an app that attacks a device with malware in multiple stages.
Droppers can be hard to detect, because they're basically coded into an app. It’s an infection. The dropper itself usually isn’t coded to cause any harm outright. Droppers get its foot in the door and over time downloads the malicious harmful malware to your device.
The reason why dropper deployment is growing is because they’re successful in quietly gaining access to your Android phone. The reason why they’re so successful is because they’re winding up regularly on apps in the Google Play Store.
Droppers essentially act as a trojan horse. When a dropper is coded into an app, it’s fairly benign. With nothing threatening or malicious in the original code, it makes it very difficult to detect. Its purpose at this stage is not to launch an attack on the Android device the app is downloaded to. It’s to gain access. When the app is submitted to the Play Store, Google runs security tests on the device and because the tests find nothing that would cause alarm on the app as-is, the application is usually approved and placed in the Play Store for Android users’ consumption.
Some Malware coders have been so savvy, they've added an additional layer of trickery when coding them. Timers are often added to space out the execution of the malware. Sometimes malware is deployed based on a person’s usage of or permission given to an app.
The existence of droppers dates back well before Android and Android-targeting malware. However, unlike a desktop computer, most smartphones don’t use antivirus software. Cybersecurity companies and research firms have been warning about the growth in use of droppers in the mobile market for some time now. For example, a report by Avast Threat Labs discovered that some Android devices, which are not certified by Google, manufactured by companies like ZTE and Archos, come pre-installed with malware deploying droppers."
Upvote
0
Source? And what stake, if any, do they have in software sales for addressing such threats?
Upvote
0
Upvote
0
Didn't install these type of apps in phone it's harmful for it. whenever phone show notification about security of phone like this app or apk may harmful for your device. Then don't download it.
Upvote
0
The first link would have sufficed, since the other two are just copying it. And the answer is that it comes from a company called "threatfabric", since almost everything in the first article was quoted from them.
Upvote
0
Ok... I read the first article... And its one of those that uses a lot of words to say very little... Maybe they hope that people will just notice the headline and not notice the lack of content.
Basically all it says is its possible to sneak malicious code into the app store... Its hard to spot... Google looks for those apps.. and removes them.
Its incredibly vague on number.. and based on other reporting is likely to be incredibly small.
Personally im more worried about annoying the norse gods... And being smited by a mjolnir...
Techinally theres nothing to stop me being hit by lightning... But at least google are actively working to stop vulnerabilities like this one
Basically all it says is its possible to sneak malicious code into the app store... Its hard to spot... Google looks for those apps.. and removes them.
Its incredibly vague on number.. and based on other reporting is likely to be incredibly small.
Personally im more worried about annoying the norse gods... And being smited by a mjolnir...
Techinally theres nothing to stop me being hit by lightning... But at least google are actively working to stop vulnerabilities like this one
Upvote
0
BEST TECH IN 2023
We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.
Smartphones
Best Android Phones
See All- Google Pixel 8 Pro Check Price
- Samsung Galaxy S23 Ultra Check Price
- Samsung Galaxy Z Fold5 Check Price
- Google Pixel 8 Check Price
- Samsung Galaxy S23 Check Price
Upcoming
See All
Best iPhones
See All- Apple iPhone 15 Pro Max Check Price
- Apple iPhone 15 Pro Check Price
- Apple iPhone 15 Plus Check Price
- Apple iPhone 15 Check Price
- Apple iPhone SE (2022) Check Price
Upcoming
See AllTablets
Best Tablets
See All- Samsung Galaxy Tab S9 Ultra Check Price
- Apple iPad Pro (2022) Check Price
- Apple iPad Air (2022) Check Price
- Apple iPad Mini (2021) Check Price
- Microsoft Surface Pro 9 Check Price
Upcoming
See AllLaptops
Best Laptops
See All- Apple Macbook Pro Check Price
- Apple Macbook Air (2023) Check Price
- Dell XPS 13 Check Price
- Acer Chromebook Spin 714 Check Price
- Dell Alienware m18 (2022) Check Price
Upcoming
See AllTelevisions
Best TVs
See All- Samsung The Frame TV Check Price
- Samsung Neo QLED 4K QN90C Check Price
- LG G3 OLED Check Price
- LG A2 OLED Check Price
- ROKU Plus Series Check Price
- Samsung S90C OLED Check Price
- SunBriteTV Veranda 3 Check Price
Upcoming
See AllGame Consoles
Best Game Consoles
See All- Nintendo Switch OLED Check Price
- Microsoft XBOX Series X Check Price
- Sony Playstation 5 Check Price
- Microsoft XBOX Series S Check Price
- Nintendo Switch Lite Check Price
Upcoming
See AllWearables
Best Wearables
See All- Oura Ring 3 Check Price
- Apple Watch Series 9 Check Price
- Google Pixel Watch 2 Check Price
- Samsung Galaxy Watch 6 Classic Check Price
- Fitbit Inspire 3 Check Price
- Amazfit Amazfit Band 7 Check Price
- Apple Watch SE Check Price
- Apple Watch Ultra 2 Check Price
