Hackers are using a fake Android app named ‘SafeChat’ to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones.
The Android spyware is suspected to be a variant of “Coverlm,” which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.
As much as I love the decision to be able to sideload apps on iOS I fear that we’ll start seeing headlines like these.
What do you mean? Similar vulnerabilities/apps/phishing has been available on iOS since at least 2020.
deleted by creator
That’s why you never just download and install random shit from the Internet. You gotta know and trust your source. I sidelaod all the time. Never had an issue, I just don’t grab random shit from random sites.
A user has to click a lot of buttons to make this work, android security is doing its job. If there’s any failing on android security’s part, it’s consolidating permissions into accessibility services instead of breaking them out into something a user might get scared to click.
Then again, they did click accessibility services on a “secure messaging” app. They need to learn somehow. I just refuse to accept that the appropriate solution is not owning things you buy. There has to be a better way.
I always chuckled at my Android friends having to run AV software on their phones, but then we got Pegasus and it got harder to be smug… then the shenanigans from “legitimate” devs like Über and Tencent. It doesn’t seem like blindly trusting Apple was a great idea anymore.
It never was. Read Apple’s true privacy agreement on their website. It’s the one you agree to but don’t read when you boot up your shiny new mac or iphone for the first time. They are no different from Microsoft or Google, they are just the best at cultivating an image.
Prepare yourself for the downvote train approaching at near lightspeed. People cannot fathom how a for profit corporation might do anything they have to to increase profit.
It’s OK. Downvotes don’t matter too badly here.
I’d say Apple being a lifestyle brand means the users aren’t going to have privacy as a primary concern is the real reason behind this. And it’s hard to get out of the walled garden once you’re in.
Fear not we aren’t at the apple subreddit.
which does nothing, because even IF the “antivirus” detects malware, it has no privileges necessary to remove it.
Still a good first step… I always figured Android AV was more for people who already had a rooted phone?
Anti virus software on a smartphone makes as much sense as on a PC. Eg none at all. You just increase the attack surface for some warm fuzzy feelings.
I won’t be sideloading anything onto my device that I can’t build myself from opensource and understand what it’s doing.
The risk is too damn high otherwise.
This is just good practice. You don’t have to trust anyone’s word that what you’re installing is what they say it is when you can trust your own eyes.
They are way less than Android and Apple revokes the app certificate so even the downloaded ones stop to work.
Also the rare cases this happened in iOS the number of affected users were way small
This is a bad whatabotism since the scale is completely different and I really fear side loading. Specially because some developers will force users to get stuff outside the App Store putting everyone in risk.