Malware News Malicious Apps Get Back on the Play Store Just by Changing Their Name

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Content source
https://www.bleepingcomputer.com/news/security/malicious-apps-get-back-on-the-play-store-just-by-changing-their-name/
Security researchers are reporting that malicious Android apps they have detected and reported to Google the first time, have slipped back into the Play Store after changing their name.

Seven of these apps have been "rediscovered," said Symantec in a report published yesterday. The company's experts say the author of the original malicious apps didn't do anything special, but only changed the app's names, without making modifications to the code, and re-uploaded the apps on the Play Store from a new developer account under a new name.

Symantec says it detected seven of these re-uploaded apps on the Play Store, which it re-reported to Google's security team and had them taken down again.

The apps were promoted as emoji keyboard additions, space cleaners, calculators, app lockers, and call recorders. A list of these seven malicious apps is available in the image below, or in this text file.
Click to expand...
Second set of malicious apps discovered

But besides the seven apps re-uploaded to the Play Store, the same Symantec team also discovered another 38 malicious apps, different from the first, which also made it on Google's official app store.
Experts say these malicious apps were focused on loading a blog's URL in the phone's background.
"The URLs lead to various blogs and it is likely the app is being used to increase web traffic to these sites," Symantec researchers explained the existence of these 38 weird apps.
"So far, the majority of users downloading these apps seem to be located in the U.S., U.K., South Africa, India, Japan, Egypt, Germany, Netherlands, and Sweden," the company added. "The presence of the apps on the Google Play Store and the seemingly legitimate app names and descriptions allowed the apps to be downloaded onto at least 10,000 devices."
Click to expand...
 
  • Like
Reactions: tim one, upnorth, frogboy and 2 others
T

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
Let's say that a lot of people make an indiscriminate downloading of apps, often unnecessary.
However, how many people read the permissions that an app requires?
Each authorisation will have to be carefully evaluated, to avoid providing to the new app, full access to your digital life.
I remember a flashlight app (it was a malware) that was asking for the full control of the internet network, the possibility to send sms, access to the photos and the content stored in the memory, the reading and the use of the contacts in the address book, the GPS geolocation, etc.... a flashlight that needs all these permissions, uhm... something is not good.
 
  • Like
Reactions: frogboy, harlan4096 and upnorth
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,414
Despite Google struggling to make the Play Store a safe home for Android apps, malware keeps sliding in, exposing users and their data as soon as compromised items are installed.

A report from security vendor Symantec reveals that seven different apps that were originally banned from the Store for being infected with Android.Reputation.1 are now available for download once again, only that using a different name and icons that make them look legitimate.

The apps feature the same code as the original ones that got banned but somehow sneaked into the store with the different name and publisher.

Symantec says the apps are mostly cleaners, calculators, app lockers, and call recorders, and use the same tactic to compromise Android devices.


Read more: Infected Android Apps Return to Play Store with Different Names, Google Icons
 
Last edited by a moderator:
  • Like
Reactions: given, harlan4096, upnorth and 2 others
D

Deleted member 65228

SumTingWong said:
If Apple can make their App Store secure, then how come Google can't do it?
Click to expand...
They know they don't have to, because regardless of how toxic 'Google Play' or the 'Chrome Web Store' becomes, they know that people will still continue to use their services and generate them income. The usage numbers will increase after a decrease.

In the real world, people see Google as a highly-respectable, wealthy and powerful company. The average Joe will not see Google as privacy intrusive or sloppy when it comes to security on their market-places. Due to the hidden truths, Google continues to stay on-top in the eyes of the general public. This is likely not going to change any-time soon.

[This post is 100% opinionated - there are no "facts" in this post, only personally expressed views which are my own].
 
  • Like
Reactions: vtqhtr413, harlan4096, frogboy and 4 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
With vendors/companies like Samsung, Huawei etc people don't get to choose any other OS then Android so even if Google keep screwing it up there's not much common people can do. The issue with this behavior from Google is IMO that the extrem amount of people that gets infected is that many will sooner or later start look elsewhere and someone else will for sure gain on that.
CuZ5hUb2_o.gif
 
  • Like
Reactions: Deleted member 65228, given, vtqhtr413 and 1 other person
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
'Evil Telegram' Android apps on Google Play infected 60K with spyware
Replies
5
Views
1,979
News Archive
TairikuOkami
TairikuOkami
Gandalf_The_Grey
    • Like
    • +Reputation
    • Wow
Trojanized Signal and Telegram apps on Google Play and Samsung Galaxy Store delivered spyware
Replies
7
Views
1,297
News Archive
cartaphilus
cartaphilus
Ink
    • Like
    • +Reputation
Malware News 12 Malicious Messaging Apps found on Google Play Store; VajraSpy RAT
Replies
0
Views
870
Security News
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top