It’s the Digital Security Training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone has shared this newsletter with you, please subscribe here.

In the news

The cybersecurity firm Kaspersky disclosed that at least five Google Play applications contained Mandrake, a sophisticated cyberespionage tool. From 2022 to 2024, the malicious apps had more than 32,000 downloads before being delisted by Google. The Record reports, “Mandrake collects information about the device in several stages. First, it gathers data about the device, including a list of installed applications, mobile network data, IP address and a unique device identifier.” After identifying a potential victim, an attacker can remotely connect their device to Wi-Fi, view their screen, and steal login credentials. It is unknown how this stolen information was used by the attackers. Read more here.

What you can do

We have previously covered the risks behind installing apps, whether they are from third-party sources or official app stores. Mistakes can happen; there is no 100% chance that an app on the Google Play store or the Apple App Store is safe. Regardless, we recommend these general precautions:

• Avoid installing third-party apps unless you trust its source. Android users: Keep a look out for files ending in .apk; clicking on them might install malware.
• Enable Google Play Protect if you have not yet already. This feature allows Google to scan your installed apps for malware. Learn more here.
• Think twice before granting apps certain device permissions. Apps from well-known developers are less likely to contain malware; be cautious of granting permissions to relatively unknown authors or organizations.
• Running unnecessary code on any device adds risk. Consider removing unnecessary apps when possible. To learn more, check out our guide to smartphone security.

Updates from our team

• We are pleased to announce the fourth installment of our free digital security clinic for documentary filmmaking professionals! Co-hosted with Field of Vision, this four-session course will feature practical training on how to keep your footage, subjects, and crew safe from pre-production to post-premiere. Participants will also have the option to sign up for free individual consultations with our digital security trainers. The clinic, which entails one 90-minute session each week, runs Aug. 13 through Sept. 3. Complete the intake form to participate and tell your friends! Reach out to [email protected] with questions.
• We are hiring a Monitoring, Evaluation, Research, and Learning (MERL) consultant to help us develop a monitoring and evaluation framework for our digital security training courses. Check out the job description and please share it widely.

Our team is always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.

Best,

Kevin

–

Kevin Pham

Digital Security Training Intern

Freedom of the Press Foundation