If the last few days are any indication, downloading apps from the Google Play Store should be avoided at all costs. This is due to a recent wave of spyware that infiltrated legitimate-looking apps hosted on the Google Play Store. These apps were able to go beyond Google’s security measures by using various obfuscation techniques, such as hiding links to malware in apps rather than loading them with harmful code.
And the second major purge of malware-laden apps saw Google ban a group of apps that were present on 60 million devices and sent detailed data to a company with ties to US security agencies. The apps did this plunder via an inbuilt software development kit (SDK) which was capable of collecting data about a device’s location, personal details, clipboard and some files, as well as devices on the same Wi-Fi network.
Example: Google recently removed from the Play Store six antivirus apps loaded with Sharkbot, a type of Trojan-like malware used to trick users into entering their account and bank details, which were then sucked in and returned to an order . and control server for hackers to use at a later date. Since these apps pose as fairly legit Android antivirus tools, it’s easy to see how they’ve been downloaded and installed some 15,000 times.
The SDK that collects this data comes from a Panama-based company called Measurement Systems. He reportedly paid developers between $100 and $10,000 a month to include the code in their apps, telling one of the developers he was collecting data for ISPs, financial and energy companies, with a focus on users in the Middle East, Asia, Central and Eastern Europe.
Should we be worried? The good news is that Google finds and removes apps loaded with malware or spyware very quickly. And security researchers are dedicated to tracking down these apps. But at the same time it is worth being careful. First of all, always make sure that you only install apps from trusted and verified publishers. If an unknown developer suddenly offers, say, a game that looks like Call of Duty Mobile or a Netflix-like free streaming service, it could be a dubious developer trying to trick you into downloading an app that contains software. malicious or that will bombard you with advertisements; these were pretty common in early Android.
Somewhat worryingly, after researching Measurement Systems, Serge Egelman and Joel Reardon, two AppCensus security researchers, discovered that the SKD was tied to Vostrom Holdings, a Virginia defense company that works for the US government via another subsidiary, Packet Forensics.mSo it’s quite worrying that apps loaded with such spy tools have made their way onto the Play Store. How to protect yourself from Android malware. android robot standing next to a phone on a white desk.
If an app catches your eye, do a sense check by seeing what else is out there from the same publisher. And be sure to check app reviews, star ratings, and the number of times an app has been downloaded, as they offer a reasonable idea of the legitimacy of apps. Apps with tens of thousands of downloads, like Instagram, along with strong reviews would suggest an app is safe and legit.
Roland Moore-Colyer, editor of Tom’s Guide, focuses on news, features and opinion pieces. He often writes about games, phones, laptops, and other hardware; he is also interested in cars. When not at his desk, Roland walks around London, often with a look of curiosity on his face.
Summary of news:
- What does Google’s massive Android app cleanup mean to you?
- Check out all the news and articles from the latest security news updates.