Google can't hold back this malware running riot in its Play store

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Ad fraud, scareware slinger Android.Spy.277.origin found in more than 100 apps

Security researchers have discovered a strain of Android malware that keeps finding its way onto Google Play – despite the store supposedly being scrubbed clean of infiltrated apps.

The software nasty – Android.Spy.277.origin – is hidden in more than 100 applications on Google Play. Sketchy programs harboring the malware masquerade as legitimate popular games and the like, but they come with a secret backdoor.

Once the infected app is installed, the attacker can remotely download a malicious APK called "polacin.io" to the device. After the victim is tricked into allowing the code to be installed, the Android device sends a wide array of information about the hardware to command and control servers, plus the user's email address and location.

Hackers make money from the malicious app through ad click fraud and by pushing mobile scareware. Users are induced into installing fraudulent apps by saying the device has battery issues that can be solved by downloading utilities which, in reality, have little or no use.

Even after Google removed samples of the dodgy software from Google Play, Check Point's Mobile Threat Prevention research team found an additional app, called Street Stick Battle, containing the same malicious payload. The rogue app has notched up between one million and five million downloads.

The incident provides further evidence that users can't strictly trust official app stores to stay protected. Malware can infiltrate these stores on multiple instances even after initial detection. El Reg asked Google to comment on the incident but we've yet to hear back.

More details about the return of the Google Play scam – complete with screenshots and more technical information – can be found in a blog post by Check Point's Oren Koriat here.
 
Last edited by a moderator:
H

hjlbx

Until Google adopts a policy of manually inspecting the code for any and all apps before including them in the Play Store, unfortunately, this sort of thing will never end...

Just imagine a malicious App from either the Windows or Play store that costs consumers billions of dollars. After everyone tries to sue Microsoft and Google, then that's when they'll start to clean up their act...
 
  • Like
Reactions: Noxx
N

Noxx

It doesn't help that people don't read anymore. They just click crap without thinking.
 
H

hjlbx

As more and more apps and programs become available, users need to discriminate more and more.

Eventually it could get so crazy that something truly drastic will have to be done.
 
  • Like
Reactions: Noxx

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
It doesn't help that people don't read anymore. They just click crap without thinking.
An app with 1 million + users, how can you determine it's unsafe.
 
  • Like
Reactions: Noxx

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Logic: Make Android as a worse OS and a least of viruses may occur on the production.

The reason here is where even though its free but audience factor affect its possibility to create more threats. However security mechanism can considered as weak and rely more on the automated processes which behavior are based on calculated analysis only.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top