Android apps posing problems, here’s what to avoid

Just because something exists on the app store doesn’t mean you should download it, and two apps are evident of that, with vulnerabilities popping up that might do you some harm.

This week, there’s news from at least one security group that a couple of apps may have the potential to cause a headache or two, as alternative web browsers Dolphin and Mercury have been hit with a a vulnerability that users of the apps should know about.

According to security group ESET which let us know about the flaws, both of the affected apps are alternatives to Chrome and the stock internet browser on Android, and the vulnerability in question inside them could allow an attacker to inject a hack when someone downloads a theme for the said browser to change how it looks. Called a “man in the middle” attack, it essentially lets someone in from the outside via an un-patched security hole.

We’re told it can technically happen to other apps, but right now, this one is pretty specific to two internet browsers.

If you are using either Dolphin or Mercury over something like Chrome and you prefer it, it might be time to install a form of internet security, as this will at least ward off any potential attacks if they might come in, as ESET’s Sieng Chye Oh explains.

“[Although] Google’s own policing of its Play Store has improved hugely,” he said, “there are Android solutions to cyber security issues that you can, and should, use to stay safe.”

“It’s vital to download a mobile security app to keep malware off your device. Set the app to scan your phone regularly and automatically. There are many great apps available, and free ones if you don’t have the budget.”

We’ve pointed out a few of these in the past, and so if you’re wondering what’s out there for you to choose from, we have a neat little list. Other than that, ESET recommends checking app permissions before installing an app, because if it does something you don’t approve of, you at least have the option of saying no, you won’t be installing it.