- Feb 4, 2016
- 2,520
Security researchers are reporting that malicious Android apps they have detected and reported to Google the first time, have slipped back into the Play Store after changing their name.
Seven of these apps have been "rediscovered," said Symantec in a report published yesterday. The company's experts say the author of the original malicious apps didn't do anything special, but only changed the app's names, without making modifications to the code, and re-uploaded the apps on the Play Store from a new developer account under a new name.
Symantec says it detected seven of these re-uploaded apps on the Play Store, which it re-reported to Google's security team and had them taken down again.
The apps were promoted as emoji keyboard additions, space cleaners, calculators, app lockers, and call recorders. A list of these seven malicious apps is available in the image below, or in this text file.
Second set of malicious apps discovered
But besides the seven apps re-uploaded to the Play Store, the same Symantec team also discovered another 38 malicious apps, different from the first, which also made it on Google's official app store.
Experts say these malicious apps were focused on loading a blog's URL in the phone's background.
"The URLs lead to various blogs and it is likely the app is being used to increase web traffic to these sites," Symantec researchers explained the existence of these 38 weird apps.
"So far, the majority of users downloading these apps seem to be located in the U.S., U.K., South Africa, India, Japan, Egypt, Germany, Netherlands, and Sweden," the company added. "The presence of the apps on the Google Play Store and the seemingly legitimate app names and descriptions allowed the apps to be downloaded onto at least 10,000 devices."