Mark GardnerDec 12, 2022
#AndroidIsGoingJustGreat
https://arstechnica.com/information-technology/2022/11/google-boots-play-app-that-surreptitiously-sent-texts-to-developers-server/
#security #InfoSec #privacy #mobile #smartphone #Google #Android
Play app with 100K downloads booted for forwarding texts to developer server

Texts were used to provide verification codes for fraudulent accounts.

Ars Technica
Mark GardnerDec 12, 2022
#AndroidIsGoingJustGreat
https://arstechnica.com/gadgets/2022/12/samsungs-android-app-signing-key-has-leaked-is-being-used-to-sign-malware/
#security #InfoSec #privacy #mobile #smartphone #Google #Android
Samsung’s Android app-signing key has leaked, is being used to sign malware

The cryptographic key proves an update is legit, assuming your OEM doesn't lose it.

Ars Technica