TL;DR
- A brand new report reveals that SmartTube, the favored YouTube app faraway from Android TV and Hearth TV gadgets final week, contained malware after the developer’s construct machine was compromised.
- Some official app variations launched earlier this month have been unintentionally distributed with that malware.
- A clear, newly signed model of SmartTube is now accessible for obtain.
- Customers who might have put in the malware-infected variations of the app are advisable to reset their gadgets and take extra steps to assessment their YouTube and Google account info.
Google Play Shield disabled SmartTube final week after the app’s digital signature was uncovered. On the time, it was believed that the signature leak was the first purpose Google and Amazon forcibly eliminated the app from customers’ gadgets.
Nevertheless, in keeping with a brand new report by AFTVnews, it appears to be like just like the scenario was extra severe than initially understood.
Don’t need to miss one of the best from Android Authority?
Builders of SmartTube, the favored YouTube shopper for Android TV and Hearth TV gadgets, have now confirmed that the pc used to construct official APKs for the app was contaminated with malware. In consequence, some official SmartTube releases have been unknowingly distributed with that malware embedded in them.
The developer informed AFTVnews that they’re nonetheless not sure which variations of the app have been contaminated first, however the safety compromise is believed to have occurred in early November. Variations 30.43 and 30.47 of the app uploaded to APKMirror have been flagged as malicious by malware scanners. That is in all probability why Google Play Shield and Amazon disabled the app within the first place.
In accordance with SmartTube, the compromised pc has since been wiped. The builders say the construct surroundings is now clear, and a brand new app signature can also be in place. An up to date model of SmartTube with construct quantity 30.56 is now accessible as the primary launch created utilizing an uncompromised pc.
Customers can obtain the brand new malware-free launch utilizing the next codes by way of AFTVnews‘ Downloader app:
- Secure model: 28544
- Beta model: 79015
This model of the app isn’t but listed on SmartTube’s GitHub due to some remaining bugs that the builders hope to repair earlier than pushing out a public launch. All earlier variations of the app have been faraway from GitHub out of warning.
Must you be anxious?
It’s nonetheless unclear what SmartTube’s embedded malware is able to doing. Fortunately, the app doesn’t request too many permissions and doesn’t require customers to sign up straight with their YouTube or Google credentials. Even when customers granted backup entry to Google Drive, the malware mustn’t have entry to Google account information.
Nevertheless, permissions associated to controls of a YouTube account may very well be impacted, which is why AFTVnews rightly recommends manufacturing unit resetting any gadget the place the app was put in, reviewing your Google account permissions and YouTube exercise historical past for any suspicious exercise, and reinstalling SmartTube utilizing the brand new, verified model.
Thanks for being a part of our group. Learn our Remark Coverage earlier than posting.
