Two new
batches of malicious apps have been found on the Google Play store with one group
possibly having been downloaded hundreds of millions of times and the other
having the ability to dodge Google vetting system.Sophos and
Bitdefender have each reported the apps they discovered used well-worn tricks,
including actually working, in order to trick people into downloading and using
the software. This can lead to monetary losses and privacy disclosure.Bitdefender
found 17 malicious apps that deliver adware using several methods to fool
Google’s app vetting process to gain a foothold in the Play store. The primary
method is that once installed the app hides its icon and goes silent for 48
hours. Its code is also split into two des files, which Bitdefender said makes
it hard for security researchers to “grasp the logic of the app.” Another
technique is to manipulate the broadcast receiver for
android.intent.action.USER_PRESENT to display ads only after 4 hours following
installation.Another bit
of camouflage is the app comes with game related .so files, used to speed up
graphics on a mobile device, and Bitdefender believes these are included to
make the app look like a regular mobile game whereas the .so file actually
delivers ads.Sophos
found 25 apps it describes as “fleeceware” that if their public download
numbers are correct, and that is an arguable point says Sophos, may be
installed on about 600 million devices. While there is potentially some malware
at play with these apps, the real issue is they use deceptive advertising and
reviews to entice people.The basic
danger with the fleeceware apps in question is they offer a free trial period
but then start charging the required credit card an exorbitant fee and it is very
difficult to stop making payments.In another
case a keyboard app is allegedly a keylogger and transmits each keystroke to a
server in China, Sophos wrote. Sophos found similar apps on Google Play last
fall and worked with the search giant to have them removed.
Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security
Bitdefender, Sophos uncover more dangerous apps in Google Play
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds