A powerful money-siphoning malware known as MobOk has been found hiding in seemingly legitimate photo editing apps available on the Google Play store.
The Pink Camera and Pink Camera 2 apps, now removed, had been installed around 10,000 times, according to researchers at Kaspersky
. They included genuine (though limited) photo-editing functionality, but also came with a highly dangerous backdoor that could offer the attacker almost complete control over an infected device.
“The apps were designed to steal personal data from victims and use that information to sign them up to paid subscription services,” explained Kaspersky researcher Igor Golovin,
in a posting on Thursday. “As soon as users began editing their pictures using the Pink Camera apps, the apps requested access to notifications, which initiated the malicious activity in the background. Once a victim was infected, the MobOk malware collected device information, such as the associated phone number, in order to exploit this information in later stages of the attack.”
