TL;DR
- A brand new report reveals that SmartTube, the favored YouTube app faraway from Android TV and Fireplace TV units final week, contained malware after the developer’s construct machine was compromised.
- Some official app variations launched earlier this month had been unintentionally distributed with that malware.
- A clear, newly signed model of SmartTube is now accessible for obtain.
- Customers who could have put in the malware-infected variations of the app are really helpful to reset their units and take extra steps to evaluate their YouTube and Google account data.
Google Play Defend disabled SmartTube final week after the app’s digital signature was uncovered. On the time, it was believed that the signature leak was the first cause Google and Amazon forcibly eliminated the app from customers’ units.
Nevertheless, in response to a brand new report by AFTVnews, it appears just like the scenario was extra critical than initially understood.
Don’t need to miss the most effective from Android Authority?
Builders of SmartTube, the favored YouTube shopper for Android TV and Fireplace TV units, have now confirmed that the pc used to construct official APKs for the app was contaminated with malware. Consequently, some official SmartTube releases had been unknowingly distributed with that malware embedded in them.
The developer instructed AFTVnews that they’re nonetheless uncertain which variations of the app had been contaminated first, however the safety compromise is believed to have occurred in early November. Variations 30.43 and 30.47 of the app uploaded to APKMirror have been flagged as malicious by malware scanners. That is in all probability why Google Play Defend and Amazon disabled the app within the first place.
In accordance with SmartTube, the compromised pc has since been wiped. The builders say the construct setting is now clear, and a brand new app signature can also be in place. An up to date model of SmartTube with construct quantity 30.56 is now accessible as the primary launch created utilizing an uncompromised pc.
Customers can obtain the brand new malware-free launch utilizing the next codes through AFTVnews‘ Downloader app:
- Steady model: 28544
- Beta model: 79015
This model of the app isn’t but listed on SmartTube’s GitHub due to some remaining bugs that the builders hope to repair earlier than pushing out a public launch. All earlier variations of the app have been faraway from GitHub out of warning.
Must you be apprehensive?
It’s nonetheless unclear what SmartTube’s embedded malware is able to doing. Fortunately, the app doesn’t request too many permissions and doesn’t require customers to register immediately with their YouTube or Google credentials. Even when customers granted backup entry to Google Drive, the malware mustn’t have entry to Google account information.
Nevertheless, permissions associated to controls of a YouTube account could possibly be impacted, which is why AFTVnews rightly recommends manufacturing unit resetting any gadget the place the app was put in, reviewing your Google account permissions and YouTube exercise historical past for any suspicious exercise, and reinstalling SmartTube utilizing the brand new, verified model.
Thanks for being a part of our group. Learn our Remark Coverage earlier than posting.
