A single threat actor has aggressively bombarded Android users with more than 4,000 spyware apps since February, and in at least three cases the actor snuck the apps into Google's official Play Market, security researchers said Thursday.
Soniac was one of the three apps that made its way into Google Play, according to a blog post published Thursday by a researcher from mobile security firm Lookout. The app, which had from 1,000 to 5,000 downloads before Google removed it, provided messaging functions through a customized version of the Telegram communications program.Read more
A form of Android ransomware which threatens to send the victim's private information and web history to all of their contacts has been discovered in the official Google Play app store.
LeakerLocker doesn't actually encrypt the victims' files, but instead claims to have made a backup of data stored on the device and threatens to share it with all of the user's phone and email contacts. Those behind the malware demand $50 in exchange for not leaking personal data including photos, Facebook messages, web history, emails, location history and more, playing on fears of potential embarrassment rather than any form of cryptography.Read more
Android malware capable of accessing smartphone users' location and sending it to cyberattackers remained undetected in the Google Play store for three years, according to a security company.
Discovered by IT security researchers, the SMSVova Android spyware poses as a system update in the Play Store and was downloaded between one million and five million times since it first appeared in 2014. The app claims to give users access to the latest Android system updates, but it's actually malware designed to compromise the victims' smartphone and provide the users' exact location in real time.Read more
In January, security researchers warned that Android users may soon face a spike in malware attacks after the source code of a banking Trojan leaked online. Now, confirming the fears, Google is taking action after sneaky malware crept onto its official app store.
On 17 April the strain, dubbed "BankBot", was discovered in an application called "HappyTimes Videos" on Google's Play Store. In addition, experts from Securify, a Dutch cybersecurity firm, recently found another infected app there, titled "Funny Videos 2017". The Trojan is able to pose as legitimate services, mostly banks and financial institutions.Read more
Security doom-monger ESET has let off a warning about a threat that it once warned about and has now come to its dreadful fruition. ESET says that some Android banking malware that it recently found on Google Play is back in the wild and is back targeting banks.
It explains that the source code for the malware was released a couple of months ago - we are surprised that it has taken this long to come out, to be honest - and says that it was worth the wait, in a way. The malware was distributed via Google Play as a trojanized version of a legitimate weather forecast application Good Weather. It could lock and unlock infected devices remotely, as well as intercept text messages.Read more
Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to.
One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections.Read more
Less than three months after Pokémon Go launched, criminals sneaked malware into Google Play to target Pokémon trainers. Experts discovered the Trojan several days ago and immediately reported it to Google.
Unfortunately, by that time, the malicious app called Guide for Pokémon Go had already been downloaded more than 500,000 times. In the past few months almost 6 million people gave Pokémon Go a try. It’s no wonder that the massively popular game quickly caught the attention of cybercriminals: The first malware for Pokémon Go was traced in July, soon after the launch of the game. At that time, the situation was not so dangerous.Read more
Sometimes Android users have to download murky apps from Google Play. By “murky” we mean unfamiliar apps, apps from small publishers, and so forth — not the likes of Evernote, Dropbox, banking apps, or other popular programs. It might be a specialized engineering calculator, for example, or an alternative music player.
Many such apps exist in the Google Play store — thousands of them, in fact. And choosing isn’t easy. Seasoned Android users recommend going with the apps that have been downloaded the most times, the highest-rated apps, or the apps reviewed by the most people. It seems to make perfect sense.Read more
The Check Point mobile threat prevention research team discovered a new Android malware on Google Play, called “DressCode,” which was embedded into more than 40 apps, and found in more than 400 additional apps on third party app stores.
Check Point notified Google about the malicious apps, and some have already been removed from Google Play. The oldest apps were uploaded to Google Play on April 2016, where they remained undetected until recently. Some of the apps reached between 100,000 and 500,000 downloads each. Between 500,000 and 2,000,000 users downloaded the malicious apps from Google Play.Read more
Prisma, the app that became a global sensation with its ability to turn your photos into works of art, has become a honeypot for cybercriminals, with fake versions appearing in app stores vying to steal your personal information.
Capitalising on the popularity of the transformation app several, fake versions loaded with sly tricks such as fake surveys to capture users' data, as well as dangerous Trojan downloaders, snuck onto the Google Play Store. According to a blog by ESET, who discovered these fake apps among the five Trojan downloaders on Google Play, two have phishing functionality implemented that could probably be executed via the downloaded module.Read more