Home / Android Malware / Malware Posing As Innocent Games Downloaded By Millions Of Android Users

Malware Posing As Innocent Games Downloaded By Millions Of Android Users

It seems like Google’s crackdown on developers and refining the Play Store was only a drop in the bucket; the problem seems much bigger than anticipated.

Today, a security researcher at ESET, Lukas Stefanko, called out thirteen Google Play Store apps which were originally malware disguising themselves under the name of the driving game for Android.

The Android apps which ranked on the Google Play Store with installs more than 580,000 were removed by Google as soon as the news the broke out.

Google Play Store Driving games

Scott Westover, a Google spokesperson, confirmed to TechCrunch that the apps violated Google Play Store policies, which is why they have been removed from the Android app store.

Meanwhile, Luckas also posted one of the app functionality videos on Twitter. For example, once the driving game app is opened on an Android device, it automatically shuts down after showcasing two-three animations for a few seconds. Following which, the app icon immediately vanishes from the device.

Following the launch, the app trigger ads when the device is unclocked, Lucas mentions in his tweets. While no one seems to be exactly sure of the intent of the malware, as indicated by the uploaded sample to VirusTotal.

One thing for sure is that the app was downloading a payload from a domain, registered to an app developer in Istanbul. Also, it had permissions like  “full network access” and “run at startup”.

All the thirteen malicious apps were displayed under the tag of “Google Play Protect,” which raises questions weather Play Protect service is actually protecting anything or not.

Also Read: A Samsung Galaxy S10 Variant Will Pack 6 Cameras And 5G Network Support

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.


Check Also

USN-4279-2: PHP regression

php7.0 regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 ...