Symantec discovers 45 malicious apps on Google Play Store
What's the story
Security research firm Symantec has discovered two new sets of malicious apps on the Google Play Store. The first set is of seven apps and the second set is of 38 apps. However, now the research firm has gotten the malicious apps removed after contacting Google. The apps had over 10,000 downloads. Here is more on them.
First set
The apps wait for 4 hours before undertaking the scam
The first app set features the "Android.Reputation.1" malware and loads scam websites on smartphone browsers. They come in the garb of calculators, app lockers, and call recorders. These apps have been re-uploaded on the Play Store with different names (and without any change in code) after they were pulled down earlier. This is surprising as Google performs adequate security checks before allowing any app.
Second set
The apps claim to be related to games or education
The second set of 38 apps loads various blog URLs in the background without the knowledge or permission of the user to drive traffic to those websites. It also features the "Android.Reputation.1" malware. "So far, the majority of users downloading these apps seem to be located in the US, UK, South Africa, India, Japan, Egypt, Germany, Netherlands, and Sweden," Symantec said.
Twitter Post
Third malicious app set found by security researcher Lukas Stefanko
Uninstall these apps!
— Lukas Stefanko (@LukasStefanko) May 10, 2018
15 apps with more than 400k+ installs in total found on Google Play.
These apps can download additional payload and display + click on "invisible" ads. Everything is hidden from user's view. pic.twitter.com/Zb5wdnJY6G