Every tech expert will tell you the App Store is safer than Google Play Store. Some might even claim it is impossible to download a malicious app from the App Store, but they are wrong.Β
While I admit the App Store is a secure and tightly controlled ecosystem, it cannot completely shield you. Security researchers have found that hackers are targeting several apps on the App Store to spread malware that steals information from screenshots saved on a device.Β
The issue also affects those downloading apps from the Google Play Store.
According toΒ researchers at Kaspersky, this malware campaign is more advanced than typical info stealers, both in how it works and how it spreads. Instead of relying on social engineering tricks to get users to grant permissions like most banking trojans or spyware, this malware hides inside seemingly legitimate apps and slips past Apple and Googleβs security checks.
One of its standout features is Optical Character Recognition. Instead of stealing stored files, it scans screenshots saved on the device, extracts text and sends the information to remote servers.
Once installed, the malware operates stealthily, often activating only after a period of dormancy to avoid raising suspicion. It employs encrypted communication channels to send stolen data back to its operators, making it difficult to trace. Plus, it spreads through deceptive updates or hidden code within app dependencies, an approach that helps it evade initial security screenings by app store review teams.
The infection vectors vary between Apple and Googleβs ecosystems. On iOS, the malware is often embedded within apps that initially pass Appleβs rigorous review process but later introduce harmful functionality through updates. On Android, the malware can exploit sideloading options, but even official Google Play apps have been found to carry these malicious payloads, sometimes hidden within SDKs (software development kits) supplied by third-party developers.
THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION
The scope of stolen information is alarming. This malware primarily targets crypto wallet recovery phrases but is also capable of exfiltrating login credentials, payment details, personal messages, location data and even biometric identifiers. Some versions are designed to harvest authentication tokens, allowing attackers to access accounts even if users change their passwords.
The apps serving as malware carriers include ComeCome, ChatAi, WeTink, AnyGPT and more. These range from productivity tools to entertainment and utility apps. In some cases, malicious developers create these apps with full knowledge of the malwareβs purpose. In others, the issue appears to be a supply chain vulnerability, where legitimate developers unknowingly integrate compromised SDKs or third-party services that introduce malicious code into their applications.
We reached out to Apple for a comment but did not hear back before our deadline.Β
Apple has removed the 11 iOS apps mentioned in Kaspersky's report from the App Store. Furthermore, they discovered that these 11 apps shared code signatures with 89 other iOS apps, all of which had been previously rejected or removed for violating Apple's policies, resulting in the termination of their developer accounts.
Apps requesting access to user data such as Photos, Camera or Location must provide relevant functionality or face rejection. They must also clearly explain their data usage when prompting users for permission. iOS privacy features ensure users always control whether their location information is shared with an app. Also, starting in iOS 14, the PhotoKit API β which allows apps to request access to a userβs Photos library β added additional controls to let users select only specific photos or videos to share with an app instead of providing access to their entire library.Β
The App Store Review Guidelines mandate that developers are responsible for ensuring their entire app, including ad networks, analytics services and third-party SDKs, complies with the guidelines. Developers must carefully review and choose these components. Apps must also accurately represent their privacy practices, including those of the SDKs they use, in their privacy labels.
In 2023, the App Store rejected over 1.7 million app submissions for failing to meet its stringent privacy, security and content standards. It also rejected 248,000 app submissions found to be spam, copycats or misleading and prevented 84,000 potentially fraudulent apps from reaching users.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
A Google spokesperson tells CyberGuy:Β
"All of the identified apps have been removed from Google Play and the developers have been banned. Android users are automatically protected from known versions of this malware byΒ Google Play Protect, which is on by default on Android devices with Google Play Services."
However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices. Hereβs why:
HOW SCAMMERS USE YOUR PERSONAL DATA FOR FINANCIAL SCAMS AND HOW TO STOP THEM
1. Use strong antivirus software:Β Installing strong antivirus software can add an extra layer of protection by scanning apps for malware, blocking suspicious activity and alerting you to potential threats. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Β Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2. Stick to trusted developers and well-known apps:Β Even though malware has been found in official app stores, users can still minimize their risk by downloading apps from reputable developers with a long track record. Before installing an app, check its developer history, read multiple reviews and look at the permissions it requests. If an app from an unknown developer suddenly gains popularity but lacks a strong review history, approach it with caution.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
3. Review app permissions carefully:Β Many malicious apps disguise themselves as legitimate tools but request excessive permissions that go beyond their stated purpose. For example, a simple calculator app should not need access to your contacts, messages or location. If an app asks for permissions that seem unnecessary, consider it a red flag and either deny those permissions or avoid installing the app altogether. Go to your phone settings and check app permissions on yourΒ iPhone andΒ Android.Β
4. Keep your device and apps updated:Β Cybercriminals exploit vulnerabilities in outdated software to distribute malware. AlwaysΒ keep your operating system and apps updated to the latest versions, as these updates often contain critical security patches. Enabling automatic updates ensures that you stay protected without having to manually check for new versions.
5. Be wary of apps that promise too much:Β Many malware-infected apps lure users by offering features that seem too good to be true β such as free premium services, extreme battery optimizations or AI-powered functionality that appears unrealistic. If an appβs claims sound exaggerated or its download numbers skyrocket overnight with questionable reviews, itβs best to avoid it. Stick to apps with a transparent development team and verifiable functionalities.Β
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNETΒ
The new malware campaign highlights the need for stricter vetting processes, continuous monitoring of app behavior post-approval and greater transparency from app stores regarding security risks. While Apple and Google have removed the malicious apps upon detection, the fact that they made it onto the platform in the first place exposes a gap in the existing security framework. As cybercriminals refine their methods, app stores must evolve just as quickly or risk losing the trust of the very users they claim to protect.
Do you think app stores should take more responsibility for malware slipping through? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading toΒ Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com.Β All rights reserved.
Rezvani Motors, an innovative American automotive manufacturer, has redefined the luxury SUV market with its extraordinary Vengeance.Β
This vehicle represents a groundbreaking fusion of military-inspired design and high-end luxury transportation.Β
Designed by digital artist Milen Ivanov, known for his work in video game vehicle design, the Vengeance breaks conventional automotive boundaries with its aggressive styling and comprehensive security features.
The Vengeance represents a unique fusion of a luxury SUV and military-grade transportation. This remarkable machine is built on GM's T1 platform, sharing fundamental architecture with the Cadillac Escalade. It measures an imposing 18 feet long and weighs approximately 6,200 pounds. Potential owners can choose between two powerful engine configurations.Β
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
The gasoline variant delivers 420 horsepower from a 6.2L V8 engine. The diesel option provides a robust 277 horsepower through a Duramax 3.0L Turbo-Diesel engine. Standard amenities include a sophisticated 19-speaker audio system. The vehicle offers tri-zone climate control for maximum passenger comfort. NFC phone pairing comes standard in the base model. Magnetic ride control ensures a smooth driving experience across various terrains.
TESLA'S CYBERTRUCK GETS A MILITARY MAKEOVER WITH A TACTICAL TWIST
The Vengeance offers an unprecedented level of personal security through its comprehensive Military Package. Bulletproof glass and B6-rated armor provide significant protection against potential threats. Two military-grade gas masks are included to protect against chemical warfare, tear gas and other potential airborne threats.Β
The package also provides two bulletproof vests designed to meet professional security standards. A matching bulletproof helmet accompanies the protective gear, ensuring complete personal safety. Rezvani further enhances the package with a professional-grade first aid kit and a specialized hypothermia prevention kit. Optional features include smoke screens, thermal night-vision and electromagnetic pulse protection. Buyers can even add pepper spray dispensers and electrified door handles.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
360Β° THROWABLE TACTICAL CAMERAS ARE CHANGING THE GAME FOR THE MILITARY AND LAW ENFORCEMENT
The Vengeance targets ultra-high-net-worth individuals and those requiring exceptional personal security. Diplomats in volatile regions might find particular value in its defensive capabilities. Celebrities seeking maximum protection will appreciate its comprehensive security features.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
EXPLORING HYDROGEN-POWERED VEHICLES FOR THE FUTURE OF TRANSPORTATION
The base model starts at $285,000, with fully equipped versions approaching $750,000. This pricing positions the Vengeance as an exclusive statement of luxury and preparedness. The vehicle represents more than transportation; it's a comprehensive personal security solution.
SUBSCRIBE TO KURTβS YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES
The Rezvani Vengeance transcends traditional automotive boundaries. It combines luxury, performance and unparalleled security in a single extraordinary package. While most buyers may never utilize its full defensive capabilities, the Vengeance remains an impressive technological vehicle that will definitely have you ready for just about anything.
If money were no object, would you spend $750,000 on a vehicle like this to be prepared for the worst? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com.Β All rights reserved.
The latest stats say 80% of stalking victims are tracked using tech. One of the most popular ways to do it? GPS trackers, like an AirTag. Theyβre small enough to slip into a bag, pocket or your car undetected.
"Kim, this doesnβt impact me." I wish that was true. Maybe you have an ex or friend who wonβt buzz off, or maybe you met a stranger at a bar or store who was acting creepy. Youβre at risk. Did you drive across the U.S. border? Yep, crooks are targeting tourists, too.
Win an iPhone 16 Pro with Apple Intelligence ($999 value).Β
No purchase necessary.Β Enter to win now!
The good news is your phone can alert you when an unknown tracker is with you. If all else fails, good old-fashioned sleuthing works, too. Iβll show you how.
THE BIGGEST WI-FI MISTAKE YOU DIDNβT KNOW YOU WERE MAKING
The clock is ticking
An AirTag starts beeping only after 24 hours away from its owner. That gives the stalker plenty of time to reach you, especially if theyβre local. If a carjacker tags your ride, they could learn your routine and follow you home before you even know whatβs going on.
The rumor mill says Appleβs AirTags 2, coming later this year, will have antistalking tech. With the most current AirTags, tech-savvy stalkers can rip out the built-in speaker so you wonβt get alert, but the new ones should make it harder.
For now, you need to do everything you can to stay safe.
RELATED: AirTags arenβt just for creeps.Β I always toss one in my luggage.
On your iPhone, make sure a few settings are enabled:
5-MINUTE CLEANUP FOR YOUR PHONE AND COMPUTER
On Android, the process is similar as long as your phone is running Android 6.0 or newer. If itβs not, you really need a new phone!
The alerts arenβt foolproof
Itβs not just ripping out the speakers. Older tracking devices might not set off an alert, and savvy creeps can reconfigure new trackers to follow you undetected for months.Β
Thatβs why itβs important to check your car now and then, even if you donβt hear that telltale beep. First, grab a flashlight and a mirror.
If you donβt find anything but still feel uneasy, try a bug detector.Β This well-rated option ($37) works for cars, homes, bags or whatever.
Small hidden cameras are popular with creeps now, too.Β Hereβs my guide on spotting cameras in a rental, dressing room, private space at the gym or anywhere else you expect privacy.
IβM A TECH EXPERT: 10 AI PROMPTS YOUβLL USE ALL THE TIME
βI found a tracker. What now?β
Donβt smash it or disable it. You want to give the police all the info they need to catch whoever planted it.Β
First, hold your iPhone or NFC device to the white side of the AirTag. Tap that notification that pops up to see info about its owner. Jot down the serial number and phone number so you can share them with the cops.
Now, make an aluminum foil envelope. Wrap the tracker inside, making sure there are no gaps or holes. This will block any signals, so the person who installed it will just think itβs out of range. Take the foil-wrapped tracker to a police station. Theyβll know how to pin down who put it there.
Are you being stalked or just paranoid? Itβs a fine line.Β Read this if you canβt shake that "someoneβs watching" feeling.
Iβve heard too many stories from stalking victims. I donβt want you or a loved one to be another. Share this with folks in your life.
Get tech-smarter on your schedule
Award-winning host Kim Komando is your secret weapon for navigating tech.
Copyright 2025, WestStar Multimedia Entertainment. All rights reserved.
Are you overwhelmed by the sheer volume of text messages cluttering your Mac or iPad? You're not alone.Β
Many users find themselves endlessly scrolling through conversations, searching for important information or simply trying to declutter their digital space.Β
Fortunately, Apple has provided ways to manage your messages more efficiently. Let's dive into how you can delete multiple messages on both your Mac and iPad, helping you regain control of your messaging app.Β Here are steps to bulk delete text messages on anΒ iPhone or anΒ Android.
GET SECURITY ALERTS + EXPERT TECH TIPS - SIGN UP FOR KURTβS NEWSLETTER - THE CYBERGUY REPORT HERE
If you're using a Mac, follow these steps to delete multiple messages at once:
BEST ANTIVIRUS SOFTWARE FOR YOUR MAC & IPAD
If you're using a Mac, follow these steps to delete multiple messages within a conversation at once:
This method is particularly useful when you need to remove several messages from a lengthy conversation without deleting the entire thread.
HOW TO KNOW WHEN IT'S TIME TO REPLACE YOUR MAC
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
HOW TO FILTER AND SORT EMAILS ON YOUR IPHONE AND IPAD
To prevent future clutter, consider setting up automatic message deletion:
GET FOX BUSINESS ON THE GO BY CLICKING HERE
This setting will automatically remove older messages, keeping your conversations manageable.
Note: Deleting messages from your Mac does not delete them from other Apple devices unless you have Messages in iCloud enabled. To check if Messages in iCloud is enabled on your Mac:
SUBSCRIBE TO KURTβS YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES
Managing message clutter can feel like a never-ending battle. While these tips won't magically solve all your digital chaos, they'll definitely help you take back control of your Messages app. A little effort now means less scrolling and more breathing room later. And hey, who doesn't love a clean, organized digital space that doesn't make you want to pull your hair out? Just remember, your messages are meant to connect you, not stress you out.
Tell us the most frustrating digital communication challenge you have and how we might be able to help. Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com.Β All rights reserved.
"Love is blind" takes on a more sinister meaning when so-called artificial intelligence (AI) becomes a tool for exploiting our deepest human emotions.Β
Convincing AI technologies are increasingly targeting mature online daters, turning fantasies into lucrative and dangerous criminal enterprises.
Romance scams have become the most common type of fraud in 2025 and have swindled would-be lovers out of over $1.3 billion in the United States alone. Just last year, the world heard the cautionary tale of a 53-year-old French woman who lost $850,000 to a convincing AI deepfake of Brad Pitt.
GET SECURITY ALERTS + EXPERT TECH TIPS - SIGN UP FOR KURTβS NEWSLETTER - THE CYBERGUY REPORT HERE
The scammers had wooed her for over 8 months with realistic (yet fake) images, voice calls, videos and even multiple social media accounts. Similarly, a 67-year-old from San Diego was tricked out of her life savings when an AI impostor gang posed as Keanu Reeves, also raising awareness about romance scams impacting the elderly. The worst side of both stories is that the fraudsters havenβt been caught, and the victimsβ financial institutions did little to help them recover their funds.
BEST ANTIVIRUS FOR MAC, PC, IPHONES AND ANDROIDS - CYBERGUY PICKS
AI-powered romance scams have become far more sophisticated than "traditional" scams. Criminals use a variety of AI tools together with advanced tactics to create deeply personalized and remarkably realistic digital identities. Unlike traditional scams relying on generic scripts, these AI-powered approaches can generate nuanced, contextually appropriate conversations that adapt in real time to victims' emotional state and personal background. In short, romance scams have become so dangerous because they use multiple advanced methods.
AI-driven romance conversations are increasingly challenging for both victims and traditional anti-fraud mechanisms to detect. Spotting and preventing these scams can be tricky, but privacy experts recommend some tried-and-true ways.
BEST VALENTINEβS DAY GIFTS 2025
Spotting and preventing these sophisticated AI-driven scams can be tricky, but staying informed can help you avoid becoming a victim. By being vigilant, verifying identities and recognizing red flags, you can navigate online dating safely while protecting your finances and personal information. Here are some things to look out for:
STOP THESE V-DAY SCAMS BEFORE THEY BREAK YOUR HEART AND YOUR BANK ACCOUNT
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Your personal information is a scammerβs best tool. This includes your phone number, email and other contact details that allow them to reach you, as well as information like the celebrities you follow, your family members and even the type of content you engage with online to tailor the perfect attack. As scams become more sophisticated and reliant on loads of data, itβs more important than ever to take proactive measures to safeguard your personal information.
1. Vigilance in online dating: In the digital world, not everyone is who they claim to be. Be wary of potential romantic interests who ask for money or gifts or those who want to move the relationship along too quickly. Keep your personal and financial information private and never share it with someone you haven't met in person.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
2. Verify the identity: Request additional information or proof to verify their identity, such as video chatting or meeting in person if possible. Exercise caution before getting emotionally invested in someone you haven't met in real life.
3. Research and verify: Conduct an online search using the person's name, email address or phone number to see if any suspicious or fraudulent activities are associated with them.Β Reverse image search their profile pictures to check if they are stolen from elsewhere on the internet. You can also reverse-search their phone number for free by following the instructions foundΒ here.
4. Privacy settings: Keep your social media profiles private so only those you trust can see whatβs going on in your life.
5. Limit sharing: Adjust the privacy settings on all of your online accounts and apps to limit data collection and sharing.
6. Use reputable dating platforms: Stick to well-known and reputable dating websites or apps with security measures to help protect their users from scams. These platforms often have guidelines for safe online dating and report suspicious users.
7. Invest in personal information removal services:Β I highly recommend you remove your personal information that can be found on various people search sites across the web. If you give someone your email address or phone number, they could potentially reverse-search your information and get your home address.Β Check out my top picks for data removal services here.
AI-powered romance scams have become a serious threat, exploiting our deepest emotions for financial gain. As you navigate the digital dating landscape, it's crucial to stay vigilant and protect yourself from these sophisticated schemes. Remember, if something seems too good to be true, it probably is. Trust your instincts, take things slow and always prioritize your safety and financial well-being.
How has the rise of AI-powered romance scams changed your approach to online dating or your views on digital relationships?Β Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com.Β All rights reserved.
Login