Google Play: We’ve cracked down on bad apps (CNET)

CNET: Google Play: We’ve cracked down on bad apps. “The Play Store rejected at least 55 percent more app submissions in 2018 than in 2017, according to the blog. Google didn’t immediately respond to a request for how many apps were rejected in 2018. But for reference, the company removed over 700,000 apps in 2017.”

Krebs on Security: Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

Krebs on Security: Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions. “A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week. The missives are raising eyebrows because they were sent only to specific anti-money laundering contacts at credit unions, and many credit union sources say they suspect the non-public data may have been somehow obtained from the National Credit Union Administration (NCUA), an independent federal agency that insures deposits at federally insured credit unions.”

Ars Technica: Google Play apps with >4.3 million downloads stole pics and pushed porn ads

Ars Technica: Google Play apps with >4.3 million downloads stole pics and pushed porn ads. “Google has banned dozens of Android apps downloaded millions of times from the official Play Store after researchers discovered they were being used to display phishing and scam ads or perform other malicious acts.”

TechCrunch: Researchers find a new malware-friendly hosting site after a spike in attacks

TechCrunch: Researchers find a new malware-friendly hosting site after a spike in attacks . “Security researchers have traced a recent spike in FormBook infections to a new file-hosting service that’s been billed as a place for hackers to host their malware. Deep Instinct analysts say in new findings out Tuesday that the resurgence in FormBook malware, used as part of password and information stealing campaigns currently targeting the retail and hospitality sectors, can be traced back to the newly discovered malware-friendly site that hosts the second-stage dropper used to infect a computer with malicious code after the user opens a booby-trapped document.”

ZDNet: Google Chrome extension that steals card numbers still available on Web Store

ZDNet: Google Chrome extension that steals card numbers still available on Web Store. “A malicious Google Chrome extension that can recognize and steal payment card details entered in web forms is still available on the Chrome Web Store. The extension is the work of a cyber-criminal group and has been at the heart of a malware distribution effort in the past.”

ZDNet: Google removes 85 adware apps that were installed by millions of users

ZDNet: Google removes 85 adware apps that were installed by millions of users. “Google has removed 85 Android apps from the official Play Store that security researchers from Trend Micro deemed to contain a common strain of adware. The 85 apps had been downloaded over nine million times, and one app, in particular, named ‘Easy Universal TV Remote,’ was downloaded over five million times, according to researchers.”