Are These Dangerous Apps Already Hacking Your Smartphone?
There's a dangerous game of hide and seek taking place on your phone. The tradecraft behind the malicious app industry is fast becoming as much about hiding as attacking. If you can't be seen, then you can't be deleted. And more damage will be done.
That's the crux of the new warning from Zimperium, whose zLabs team followed up on Human's report into Konfety evil twin attacks that I covered a year ago. 'At its peak,' Human said, 'Konfety-related programmatic bids reached 10 billion requests per day.' Forbes Microsoft Confirms New Upgrade Deadlines—'Move To Windows 11' By Zak Doffman
'Bids per day' because this is an adware (advertising fraud) attack. The ruse is simple. The bad actors create two versions of an app with the same name. One is benign and is uploaded to Google's Play Store, with some basic, barely useful features. The second 'evil twin' version of the app is dangerous, and is distributed via other channels.
The evil twin overloads its host phone with unwanted ads, often taking up the entire screen, making it difficult to actually operate the phone. This generates revenue for the bad actors, tricking legitimate advertisers into paying for fraudulently delivered ads.
Now, 'as part of our ongoing mission to identify emerging threats to mobile security,' Zimperium says it has been 'actively tracking a new, sophisticated variant' of the threat.
The zLabs team says the threat actors behind Konfety 'consistently alter their targeted ad networks and update their methods to evade detection.' In the latest variants of the malware, this includes 'specifically tampering with the APK's ZIP structure… to bypass security checks and significantly complicate reverse engineering efforts, making detection and analysis more challenging for security professionals.'
The scale of this adware industry is out of control. Not all attacks operate in this scale way, but they are mostly (but not always) driven by apps sideloaded from outside the official app stores. That's the easiest way to stay safe — stop sideloading. Forbes Google Warns All Chrome Users—Update Now As Attacks Underway By Zak Doffman
That's why Google's new Advanced Protection Mode that comes with Android 16 restricts sideloading with no option to disable or workaround that protection. Apps installed in this way carry significantly more risks to users, phones and data.
'Konfety's operations depict the latest in a series of adaptations from ad fraudsters to cloak their activities using novel tactics that enable them to evade detection,' Human said last year. The new report from Zimperium shows nothing at all has changed.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Verge
4 hours ago
- The Verge
1Password on Android got updated to fix Chrome autofill problems.
Posted Aug 5, 2025 at 11:30 PM UTC Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates. Richard Lawler Posts from this author will be added to your daily email digest and your homepage feed. See All by Richard Lawler Posts from this topic will be added to your daily email digest and your homepage feed. See All Android Posts from this topic will be added to your daily email digest and your homepage feed. See All Apps Posts from this topic will be added to your daily email digest and your homepage feed. See All Chrome Posts from this topic will be added to your daily email digest and your homepage feed. See All Google Posts from this topic will be added to your daily email digest and your homepage feed. See All Security Posts from this topic will be added to your daily email digest and your homepage feed. See All Tech
Digital Trends
11 hours ago
- Digital Trends
This Dell laptop for students is down to $300 in back-to-school deal
With the new academic year about to start, it's about time to equip the student in your home with a purchase from laptop deals. For an affordable device that's still dependable, check out the Dell 15 Laptop, which is available with an $80 discount from Dell itself that further drops its price from $380 to only $300. While there's still some time before the back-to-school sale ends, there's a possibility that stocks are already running low, so we highly recommend pushing through with the transaction as soon as you can. Why you should buy the Dell 15 Laptop For a device that will be able to help students with their productivity, you can't go wrong with the Dell 15 Laptop. With the AMD Ryzen 3 7320U processor, AMD Radeon 610M integrated graphics card, and 8GB of RAM, it can handle daily activities such as typing documents, doing online research, and building presentations. It's not going to challenge the best laptops in terms of performance, especially if you'll be handling massive multimedia files, but the Dell 15 Laptop will be more than enough for typical schoolwork. The 15.6-inch screen of the Dell 15 Laptop offers Full HD resolution for sharp details and vivid colors, and its built-in HD webcam will make you look clear whenever you join online classes. The laptop also comes with a 512GB SSD for ample storage space for all of your files and the apps that you'll need, and with Windows 11 Home pre-installed, you'll have an operating system that will probably be very familiar to most people so there's no need for adjustments. Dell is an excellent source of student laptop deals, whether you're looking for a basic device or a high-powered machine. If you're leaning towards the former, then you may want to get the Dell 15 Laptop while it's $80 off from Dell. From $380 originally, it's now down to just $300, which is a fantastic price for a computer with these specifications. There's probably a lot of interest on this particular offer though, so if you want to buy the Dell 15 Laptop with these savings, you need to finalize your purchase immediately.
Business Upturn
15 hours ago
- Business Upturn
Axis Bank Introduces Industry-First ‘Lock FD' Feature to Safeguard Term Deposits Against Digital Frauds
By Business Wire India Published on August 5, 2025, 17:43 IST Axis Bank, one of the largest private sector banks in India, today announced the launch of an industry-first feature – 'Lock FD', designed to protect customers' term deposits from rising digital frauds. Business Wire India Axis Bank, one of the largest private sector banks in India, today announced the launch of an industry-first feature – 'Lock FD', designed to protect customers' term deposits from rising digital frauds. This innovative feature, available on the Bank's mobile app 'open' and across all its branches, enables customers to prevent premature closure of fixed deposits (FDs) through digital channels, such as Mobile and Internet Banking, offering an additional layer of protection against cyber threats. The 'Lock FD' is a new security feature for safeguarding the customers Term Deposits from Digital Frauds by allowing customers to restrict FD closures through digital means. Customers who opt for this feature will have to visit the branch for the premature closure of their FD. The option for premature closure from digital channels will not be available once the deposit is locked. This in-branch verification with stringent identity checks reduces the risk of unauthorized access. This functionality is especially beneficial for customers who may be less familiar with digital platforms and are more susceptible to digital frauds. Sameer Shetty, Group Executive – Digital Business, Transformation & Strategic Programs, Axis Bank , said, "At Axis Bank, we have been continuously investing in digital-first proposition that focusses on secure and seamless banking experiences. In this endeavour, we are excited to introduce 'Lock FD' that reflects our proactive response to the rising tide of digital frauds. This feature empowers customers to safeguard their term deposits from unauthorized digital access and enables us to provide a security to the customer's money by blocking alternative means of siphoning off funds by fraudsters.' The 'Lock FD' feature is available to all Axis Bank customers and can be activated through the Axis Bank mobile app or any branch. Axis Bank has also recently launched 'In-App Mobile OTP' feature on its mobile app to enhance authentication security and protect customers from rising OTP-related frauds and scams. These initiatives align with the Bank's strategy to enhance customers' digital experience while combating digital frauds, positioning it as a leader in banking security. To know more about the feature: Click here . Disclaimer: The above press release comes to you under an arrangement with Business Wire India. Business Upturn take no editorial responsibility for the same. Ahmedabad Plane Crash Business Wire India, established in 2002, India's premier media distribution company ensures guaranteed media coverage through its network of 30+ cities and top news agencies.
