Date:22/11/18
Creating fake apps as a means to spread malware is nothing new but a security researcher has discovered that more than half a million users have installed malicious apps posing as driving games directly from the Google Play Store.
The malicious apps were discovered by security researcher Lukas Stefanko from ESET who tweeted that 13 gaming apps created by the same developer were being used to spread malware to Android users. When he first made the news public, two of the apps were trending on the store which gave them even greater visibility.
The apps themselves were created by developer Luiz O Pinto and before Google removed them from the Play Store, they had a combined 580,000 installs.
Users who downloaded the apps from Google's store thought they were getting a simple driving game when in reality they received apps that were filled with bugs and crashed every time they were opened.
Once someone opened one of the games in question, the app would download a payload from a domain registered to an app developer in Istanbul that would install malware in the background and delete its icon.
As of now, it is still unclear what the malicious apps do as none of the malware scanners tested were able to reach a consensus on what the malware does. However, the malware is persistent and launches every time the Android device its installed on starts up.
The malware also has “full access” to the device's network traffic which its author could use to steal sensitive data such as a user's credentials.
Half a billion Android users downloaded malware from Play Store
Creating fake apps as a means to spread malware is nothing new but a security researcher has discovered that more than half a million users have installed malicious apps posing as driving games directly from the Google Play Store.The malicious apps were discovered by security researcher Lukas Stefanko from ESET who tweeted that 13 gaming apps created by the same developer were being used to spread malware to Android users. When he first made the news public, two of the apps were trending on the store which gave them even greater visibility.
The apps themselves were created by developer Luiz O Pinto and before Google removed them from the Play Store, they had a combined 580,000 installs.
Users who downloaded the apps from Google's store thought they were getting a simple driving game when in reality they received apps that were filled with bugs and crashed every time they were opened.
Once someone opened one of the games in question, the app would download a payload from a domain registered to an app developer in Istanbul that would install malware in the background and delete its icon.
As of now, it is still unclear what the malicious apps do as none of the malware scanners tested were able to reach a consensus on what the malware does. However, the malware is persistent and launches every time the Android device its installed on starts up.
The malware also has “full access” to the device's network traffic which its author could use to steal sensitive data such as a user's credentials.
Views: 345
©ictnews.az. All rights reserved.
Similar news
- Azerbaijani project to monitor disease via mobile phones
- Innovative educational system to be improved under presidential decree
- NTRC prolongs license of two TV and radio organizations for 6 years
- Azerbaijan establishes e-registry for medicines
- Azerbaijani museum introduces e-guide
- Nar Mobile opens “Nar Dunyasi” sales and service center in Siyazan city
- International conference on custom electronic services held in Baku
- OIC secretary general to attend COMSTECH meeting in Baku
- Azerbaijan develops earthquake warning system
- New law to regulate transition to digital broadcasting in Azerbaijan
- Azerbaijani State Social Protection Fund introduces electronic digital signature
- Intellectual traffic management system in Baku to be commissioned in December
- Tax Ministry of Azerbaijan started receiving video-addresses
- World Bank recommends Azerbaijan to speed up e-service introduction in real estate
- Azerbaijan to shift to electronic registration of real estate
