For Android users, bug alerts are coming out one after another in recent days.
Google in October rolled out a patch on an Android bug that lets hackers install malware to a smartphone nearby through a little-known Android OS feature called NFC Beaming.
How does it work
NFC beaming works through an internal Android OS service known as Android Beam which allows an Android device to send data such as images, files, videos, or even apps, to another nearby device using NFC radio waves.
Usually, APK files sent through NFC beaming are saved on the internal disk, and the user gets a notification on the screen whenever a transfer is made. The notification asks the user if he will allow the NFC service to install the app from an unknown sender.
However, in January this year security researcher Y. Shafranovich discovered that apps sent through NFC Beaming on Android 8 or Oreo or later version does not support this kind of notification, according to ZDNet.
Instead, the notification would allow the user to install the app with one tap, without any security warning.
The lack of prompt sound is nothing significant, but it is a massive issue in the security model of Android.
Devices running on Android OS are not allowed to install apps from unknown sources since anything downloaded or installed outside the Google Play Store is unverified and untrusted.
Until Android 8, the "Install from unknown sources" option was a system-wide setting, the same for all apps. But, starting with Android 8, Google redesigned this mechanism into an app-based setting.
In newer Android versions, users can visit the "Install unknown apps" section in Android's security settings, and allow specific apps to install other apps.
Google said this wasn't meant to happen, as the Android Beam service was never meant as a way to install applications, but merely as a way to transfer data from device to device.
The October 2019 Android patches removed the Android Beam service from the OS whitelist of trusted sources.
However, many millions of users remain at risk. If users have the NFC service and the Android Beam service enabled, a nearby attacker could plant malware (malicious apps) on their phones.
Users made uneasy by malwares
On November 1 cnTechPost reported that Ai.type, a typing app once found in the Google Play Store and was installed over 40 million times, is found to have been making purchases of premium digital content without permission from the phone's owner.
Besides making unauthorized purchases, Ai.type also runs ads in the background and produces fake clicks to help bad actors generate revenue. It also sends to ad networks data containing real views, real clicks and real purchases.
Despite the fact that the app was removed from Google Play in June 2019, it remains on millions of Android devices and is still available from other Android marketplaces.
Two days before the Ai.type issue was reported, another malware was just exposed.
over the past six months, a new kind of Android malware named xHelper has reportedly infected more than 45,000 Android devices on which the malware can reinstall itself even after being manually removed.
The malware was first spotted in March but slowly expanded to infect more than 32,000 devices by August, and eventually it made its way to a total of 45,000 devices, according to Symantec.
