this post was submitted on 27 Apr 2024
53 points (94.9% liked)

Android

17682 readers
34 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: [email protected]


💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.


Support, technical, or app related questions belong in: [email protected]

For fresh communities, lemmy apps, and instance updates: [email protected]

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below


Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to [email protected].

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to [email protected].

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More


founded 1 year ago
MODERATORS
 

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 6 months ago (2 children)

Doesn't it require jumping through a ton of hoops to install apks from unknown sources on modern Android? How many people are A) capable of doing this, and B) naive enough to actually do it?

That said, I don't use Chrome so I've never seen that incredibly shady-looking real update notification they showed in the article. If Google has indeed trained users to expect and accept something like that, then shame on Google. I can't blame users for thinking the fake one is legit. It looks very similar (and it seems like it would be trivial to make it look 100% identical). But still, how does the apk actually get installed?

[–] [email protected] 6 points 6 months ago

When I installed fdroid from their website a month or two back it was like 2 or 3 clicks. Then whenever I want to install anything from there it's an extra click or two over what it would be from Play.

I've seen people click through way more complicated processes than this without even knowing they did it. Modern computing has taught people to just keep hitting whatever the approval text is (yes windows, I really do want to copy all of these god damn files. Yes, really, I still do! Yep, again, ALL of them!)

[–] [email protected] 6 points 6 months ago (1 children)

The only hoops are

  1. Try to install APK, popup appears
  2. Press "go to settings" or whatever
  3. Enable toggle
  4. Possibly try to install APK again if the installation prompt doesn't automatically appear
[–] [email protected] 3 points 6 months ago

Most of the people I know that aren't tech savvy are at least smart enough to be aware of that fact, so they would already hesitate at 2. The real dangerous people are the confident ignoramuses.