Hello, welcome to the Thursday, July 29th, 2021 edition of the Sandtonet Storm Center's

Stormcast. My name is Johannes Ulrich. And then I'm recording from Jacksonville, Florida.

Interesting sextortion email today from Jan and it actually arrived at our handler's email address. The twist here is that the person

trying to extort you is claiming to work for an IT support company that your company has

hired. I think what's going on a little bit here is that actually a lot of employees don't

really like or trust those no-name third-party IT support companies that are being hired

to maintain networks, and that may actually make a threat like this a little bit more credible.

Luckily so far, no Bitcoin transactions to the address in this

particular email. Of course, we don't really know if they use unique addresses for each email

or if all of them use the same address, which of course would make it easier to track the money

being transmitted.

And avatest.org took various antivirus software packages for Android and compare them against each other.

And at first, actually, it looks like there is no real big difference.

All of these packages were able to detect 99 plus percent of malicious samples and achieved

scores in the range from 16 for the lowest and 18 for the highest.

So a fairly close range, but there was one outlier, and that's Google Play Protect.

Google Play Protect is part of Android by default and supposed to continuously scan any application

on your device.

Well, it does so really poorly. Remember, the other applications were 99 plus percent.

Google Play Protect only achieved about a detection rate of around 2 thirds, so 66%. So while the other

applications ranged in their score from 16 to 18, Google only got a score of 6, and that's

really only based on performance. It got a score of zero for protection and usability.

...