I just took a look at Apptoide, why does everything have some sort of coin associated with it.
Does anybody else just close the tab as soon as they see any mention of Bitcoin etc?
I have auto-update turned on, yet I just discovered CamScanner was apparently stuck on an unsafe version from July. Now CamScanner seems to be removed from the play store, yet I had to remove the app manually. Play Protect still thought everything was fine. I have a Google Pixel running stock firmware. I guess it's time for a factory reset.
I had paid version installed with auto update and I didn't receive any warning via PlayProtect.
Kaspersky blog mentioned that the malware was part of the advertising module; so I assumed it gets activated only on the free version, so I manually scanned using PlayProtect in a mobile with free CamScanner installed.
Since both of the instances I've mentioned has auto update, it's likely they were >July 30. But Kaspersky did mention that the latest version was indeed affected.
I certainly flags PhoneGap Build apps without a signing certificate. So at least you know that the malicious parties have paid some money to get a cert!
> Has anyone ever got any app flagged by PlayProtect?
Yes, it started flagging all the apps my company distributes internally for testing purposes. Getting it to stop seemed impractical, so my company's guidance is now to disable Play Protect on any test device.
I've tested it via manual scan on PlayProtect as well, no dice. Isn't that what it is supposed to do?
Has anyone ever got any app flagged by PlayProtect? If it's useless, then rather I would disable it than to give it access to all my installed apps.
Google Engineers here, please ping your Google Play team reg PlayProtect.
Edit: More detail.