Infected Android Apps From Google Play Affect Millions




Millions of Android users have been hit by malware posing as games on Google Play, according to Avast security researcher Flip Chytry.

The malware harbors fake ads that pop up when users unlock their devices, to warn them about nonexistent infections, or that their devices are out of date or have porn. Victims are then asked to take action. If they agree, they are redirected to poisoned Web pages that contain dubious app stores, or apps that try to send premium SMS messages -- which are expensive -- without their knowledge, or apps that collect scads of personal information on the sly.

they rely mostly on static code analysis and the app in question may have used a 'time bomb' method -- waiting a period of time before downloading and executing the malware - Patrick Murray, vice president of products at Zimperium

Google spokesperson Elizabeth Markman did not confirm how many devices had been hit.

Our techniques for protecting Google Play users continue to improve, and are reflected in the low numbers of users who install potential malware from the Google Play Store - Markman

The Durak card game app was the most widely downloaded of the malicious apps, Chytry said, adding that Google Play's statistics showed it had been installed between 5 million and 10 million times.

All the apps mentioned by Avast had been suspended - Markman 

We scan apps as they are uploaded to Google Play, running each app to detect and remove malware, spyware and Trojans from Google Play - Markman 

Our goal is to provide people with an extra layer of protection while still maintaining Android's openness and developers' workflow - Markman

In April 2014, Google enhanced its "Verify" apps to continually check devices to make sure all apps are behaving in a safe manner even after they're installed.

However, this service "only works after an app is identified as bad," Blaich told TechNewsWorld.

Google's "Bouncer" service "works more along the lines of risk management," Blaich remarked. "If enough red flags show up, then an app becomes a candidate for takedown."


VIA | Tags:

3 years ago