Security

6848 readers

17 users here now

Confidentiality Integrity Availability

founded 6 years ago

MODERATORS

Malicious app developers offering to buy old apps from developers who are no longer active, so they can push malware onto those users (support.google.com)

submitted 3 months ago by NaNin@lemmy.dbzer0.com to c/security@lemmy.ml

5 comments fedilink hide all child comments

I just got offered by these people to sell my account for my old google play app. Googled the people offering, and I found this thread. Someone in the thread called this out as a malware vector, and I think thats the only way my app would be worth $350. Could this really be an attack vector?Crazy.

you are viewing a single comment's thread
view the rest of the comments

[–] Sphks@jlai.lu 11 points 3 months ago (2 children)

I had this once with a Google Chrome extension. Strange advertisements started to appear on my search results in Google. These advertisements were uncanny. After looking for this behaviour it leads me to infected Chrome extensions.

It was an extension to show favourites in a menu, nothing fancy, I had this one installed for years. It was sell by the author to a company injecting advertisements.

Now, I only install UBlock origins and nothing more.

[–] benagain@lemmy.ml 7 points 3 months ago (1 children)

Oh dang, you just awakened a memory but I can't remember which extension it was... same thing, started seeing ads injected into search and the YouTube sidebar.

Really scary given extensions auto-update, who thought that would be a good idea?

[–] FriendBesto@lemmy.ml 1 points 3 months ago

That is why I disable auto-update.

[–] Tenderizer78@lemmy.ml 1 points 3 months ago* (last edited 3 months ago)

I use TamperMonkey, which allows me to read and modify the code. I should probably replace a few of my extensions with TamperMonkey scripts but they don't carry between synced devices so I'd need to transfer them.