Apps

Beware: Lots of fake Pokémon Go and Minecraft apps are still on the loose

Published

on

Despite constant warnings not to download apps outside of Google Play and Apple’s App Store, people are doing it anyway, and it’s getting increasingly worse. Security experts at Trend Micro noticed a rise in the number of adware installed on smartphones, and repackaged Pokémon Go and Minecraft software are at the heart of the problem.

While adware-infected apps have been around for ages, dubious third-party sources have been getting better at tricking people into downloading them. According to Trend Micro, a Vietnamese group named HiStore has already achieved over 10 million downloads for its counterfeit Pokémon Go app on iOS alone. That’s a crazy number when you think about it, considering how tight Apple’s ecosystem is. They also have fake versions of Facebook, Twitter, and other social media platforms.

China-based Haima adds to the staggering amount by achieving over 68 million downloads for its fake Minecraft mobile app. How do they manage to trick so many people? You’d be surprised; social media is their main front, and clickbait titles distract users from downloading from the official App Store instead.

Luckily for those who got scammed, the damage shouldn’t be too critical. Trend Micro explains that the adware’s primary purpose is to dig into your smartphone and push targeted ads onto it. The scammers get paid by the advertisers for each appearance, and you have to suffer with pop-ups while playing what you thought was a legitimate copy of the game. Pokémon Go became a major success for Haima and HiStore, since lots of people wanted to get a head start over the competition during the slow global rollout.

What’s the lesson here? Don’t get too excited about downloading the newest game until it hits the official servers. As long as you download from Apple or Google’s certified stores, you’re in the clear. Trend Micro is also advising developers to fortify their software in order to prevent more fraudulent apps from being distributed.

[irp posts=”4643″ name=”Pokémon Go Plus wearable is out, doesn’t really do much”]

Source: Trend Micro, via Wired

Apps

TikTok can detect what you type on screen

Through its in-app browser

Published

on

No one ever really thinks about in-app browsers. Though it’s one of the most unseen features of an app, the in-app browser allows for a moment of convenience when you need to open a link. However, a new cautionary tale is sharing the risks of using the feature. Particularly, TikTok and its in-app browser are reportedly capable of logging your keystrokes.

TikTok just can’t get out of its privacy-infused hole of controversy. For years, the platform has faced an unending barrage of controversies linked to whether the app leaks information to China. As a change, the latest issue isn’t exactly geopolitically charged. However, it won’t do the company any favors, either.

Recently, security researcher Felix Krause created a tool to analyze whether an app’s browser can potentially scrape data and change information for the user. The researcher also tested the tool with the world’s top apps. And, unfortunately for the platform, TikTok found itself on the top of the risky list.

According to the tool, TikTok can inject JavaScript, modify a page, and fetch metadata. It’s essentially a keylogger. To its credit, Instagram, Messenger, and Facebook all have the same capabilities.

However, the video-sharing platform has one key element that puts it above the rest: It doesn’t allow users to open links using the device’s default browser. You’re forced to use TikTok’s own browser when you open a link on the app.

Of course, there are a few caveats. For one, apps can bypass the tool, blocking users from seeing what in-app browsers are capable of. Secondly, the tool’s findings don’t necessarily mean that the app itself is malicious; it only indicates what it’s capable of. To reflect that, TikTok has said that it has not used the data for any malicious purposes.

SEE ALSO: TikTok might launch TikTok Music, its own music service

Continue Reading

Apps

Spotify will soon sell you tickets to concerts

It’s experimental for now

Published

on

Decades into the information era, buying tickets is still a harrowing experience for the modern-day fan. If you’re not lucky enough to nab great tickets through the usual ticketing sites, you’ll have to try your luck with the ferocious gray market of scalpers. In an experimental feature, Spotify has a new way for fans to see their favorite artists live: by selling tickets directly.

Over the years, Spotify has grown beyond the scope of music streaming. The platform now has sections dedicated to podcasts and talk shows. Now, if you know where to look, there’s also a section for selling tickets.

Notably, this isn’t Spotify’s first incursion into the world of live events. If you go through the list of categories, a Live Events section will take you to a page of concerts happening near you. However, clicking an event will only take you to the normal ways to get tickets, such as through Ticketmaster.

In contrast, the new Tickets page, spotted by Chris Messina (via TechCrunch), will sell you tickets directly through Spotify. Currently, the experiment is limited to a handful of artists like Crows, TOKiMONSTA, and Annie DiRusso. Additionally, each entry will only host pre-sale tickets. After that, sales will take place in the usual sources.

Spotify’s price will also incorporate booking fees going into the company’s revenue. However, unlike other sources, Spotify’s tickets promise to be transparent about pricing.

As the page indicates, the final Tickets page will merge with the current Live Events page. However, it’s still an experiment, even if you can already buy tickets now. Spotify has yet to announce when the feature will come to the general public (and to more artists).

SEE ALSO: Spotify launches new recommendation feature, Enhance

Continue Reading

Apps

WhatsApp will finally block screenshots for View Once photos

Update coming soon

Published

on

WhatsApp’s View Once feature was a massive step towards user privacy. The feature allows users to thaw out the fiery risk of the other person leaking sensitive information and media elsewhere. Well, sort of. Despite the feature’s disappearing nature, users can easily take a snapshot without fear of repercussions. Finally, WhatsApp is doing something about this critical flaw in an upcoming update.

WhatsApp is a constantly evolving product. Throughout the past few months, the app’s developers have experimented and shipped various updates to make everyone’s life easier. Now, compared to the previous accessibility-oriented updates, the upcoming one focuses more on privacy.

It’s not a set of brand new updates, though. At least one of the three updates — the ability to control who sees you online — was reported way back in June. Another one is relatively new: the ability to leave groups silently so as not to alert everyone that a user is leaving. Both of these are rolling out sometime this month.

Given what it fixes, the final update is more crucial. It will block users from taking screenshots of View Once messages. Once the update rolls out, WhatsApp will natively alert View Once viewers that screenshots are blocked for added privacy. Unfortunately, there is no timeline for the update. The announcement only has a “soon” placeholder for a release.

With social media the way that it is, privacy is an ever-growing concern that all users should prioritize. While platforms are still imperfect, small updates like these can surely help people protect their data.

SEE ALSO: WhatsApp officially launches emoji reactions, 2GB file sharing

Continue Reading

Trending