The Google Play Store is seeing a wave of malware-infested apps like never before. Four separate security companies have reported — or are preparing to release reports — on malware campaigns currently underway via Android apps available on the Play Store.
Reports published today by Dr.Web, Malwarebytes, and McAfee reveal the presence of three new Android malware families hidden in games and apps uploaded on the Play Store. An ESET spokesperson told Bleeping Computer the company also found a new multi-stage malware strain they're going to detail in a report later today.Read more
Google is offering security experts a bounty to identify Android app flaws as the Alphabet Inc unit seeks to wipe out bugs from its Google Play store.
Each flaw will score at least $1,000 under the program announced on Thursday to back up automated checks that have failed to block malware and other problems that security experts say infect the 8-year-old app store far more than Apple Inc’s rival App Store. Google will partner with HackerOne, a bug bounty program management website, to target a list of apps and flaws such as those that allow a hacker to redirect a user to a phishing website or infect a gadget with a virus.Read more
Google has booted eight Android apps from its Play marketplace, even though the apps have been downloaded as many as 2.6 million times. The industry giant took action after researchers found that the apps add devices to a botnet and can perform denial-of-service attacks or other malicious actions.
The stated purpose of the apps is to provide a skin that can modify the look of characters in the popular Minecraft: Pocket Edition game. Under the hood, the apps contain highly camouflaged malware known as Android.Sockbot, which connects infected devices to developer-controlled servers.Read more
A single threat actor has aggressively bombarded Android users with more than 4,000 spyware apps since February, and in at least three cases the actor snuck the apps into Google's official Play Market, security researchers said Thursday.
Soniac was one of the three apps that made its way into Google Play, according to a blog post published Thursday by a researcher from mobile security firm Lookout. The app, which had from 1,000 to 5,000 downloads before Google removed it, provided messaging functions through a customized version of the Telegram communications program.Read more
A form of Android ransomware which threatens to send the victim's private information and web history to all of their contacts has been discovered in the official Google Play app store.
LeakerLocker doesn't actually encrypt the victims' files, but instead claims to have made a backup of data stored on the device and threatens to share it with all of the user's phone and email contacts. Those behind the malware demand $50 in exchange for not leaking personal data including photos, Facebook messages, web history, emails, location history and more, playing on fears of potential embarrassment rather than any form of cryptography.Read more
Android malware capable of accessing smartphone users' location and sending it to cyberattackers remained undetected in the Google Play store for three years, according to a security company.
Discovered by IT security researchers, the SMSVova Android spyware poses as a system update in the Play Store and was downloaded between one million and five million times since it first appeared in 2014. The app claims to give users access to the latest Android system updates, but it's actually malware designed to compromise the victims' smartphone and provide the users' exact location in real time.Read more
In January, security researchers warned that Android users may soon face a spike in malware attacks after the source code of a banking Trojan leaked online. Now, confirming the fears, Google is taking action after sneaky malware crept onto its official app store.
On 17 April the strain, dubbed "BankBot", was discovered in an application called "HappyTimes Videos" on Google's Play Store. In addition, experts from Securify, a Dutch cybersecurity firm, recently found another infected app there, titled "Funny Videos 2017". The Trojan is able to pose as legitimate services, mostly banks and financial institutions.Read more
Security doom-monger ESET has let off a warning about a threat that it once warned about and has now come to its dreadful fruition. ESET says that some Android banking malware that it recently found on Google Play is back in the wild and is back targeting banks.
It explains that the source code for the malware was released a couple of months ago - we are surprised that it has taken this long to come out, to be honest - and says that it was worth the wait, in a way. The malware was distributed via Google Play as a trojanized version of a legitimate weather forecast application Good Weather. It could lock and unlock infected devices remotely, as well as intercept text messages.Read more
Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to.
One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections.Read more
Less than three months after Pokémon Go launched, criminals sneaked malware into Google Play to target Pokémon trainers. Experts discovered the Trojan several days ago and immediately reported it to Google.
Unfortunately, by that time, the malicious app called Guide for Pokémon Go had already been downloaded more than 500,000 times. In the past few months almost 6 million people gave Pokémon Go a try. It’s no wonder that the massively popular game quickly caught the attention of cybercriminals: The first malware for Pokémon Go was traced in July, soon after the launch of the game. At that time, the situation was not so dangerous.Read more