Android Malware: Apps In Google Play Store Discovered Stealing Texts

Security researchers have discovered variety of humanoid apps within the Google Play Store that have the flexibility to put in plugins which will intercept SMS messages sent and received on the device.

Security firm SophosLabs rumored finding 2 apps in Google’s official marketplace for apps which will steal text messages. The apps, from a developer named New.App, are obtainable for many months associate degreed are downloaded an upwards of a [*fr1] 1,000,000 downloads.

Read: humanoid Malware: Apps In Google Play Store unfold 'Judy' Adware Attack to just about forty Million Phones

The threat, that has been tagged as Andr/SpyAgnt-X by Sophos, was found in one app that beaked itself as a cutoff to the highest downloads on the Google Play Store. Another app bestowed itself as associate degree info app referred to as “Skin Care Magazine.”

According to Sophos, once one among the apps has been put in on a users’s device, it'll launch a method to transfer a plugin referred to as each apps arrange to retrieve the add-on from constant domain.

Once the malicious payload is downloaded from the remote website, it'll check the version of humanoid running on the device. If it's between four.2 to 4.4—more than 1 / 4 of humanoid users still run one among these versions of the in operation system—then the app can request permission to access SMS messages.

If the plugin is granted the permission it requests, it will browse all messages within the user’s SMS inbox. It conjointly has the flexibility to send messages from the account and communicate with the remote web site operated by the malicious actor.

Read: riding horse Malware: Google Discovers, Blocks Malware that would Spy On humanoid Users

Both apps—Skin Care Magazine and App Play Store—from the developer New.App still be obtainable within the Google Play Store. Sophos aforementioned it rumored the apps to Google however they need nevertheless to be removed.

Skin Care Magazine, that has 3 reviews and a three.7 star rating, has simply 100-500 downloads in keeping with the Play Store. App Play Store has associate degree upwards of five hundred,000 installations and has received nearly three,000 reviews with a four.3 star rating.

The apps discovered by Sophos area unit off from the primary apps discovered within the Google Play Store that hide a additional malicious intention. Earlier in the week, Google declared it discovered and blocked a brand new family of malware in apps at intervals the Google Play Store.

The malware, dubbed riding horse, may hijack a user’s email, SMS messages, location info, voice calls and native media, still as conjointly snap screenshots of the user’s device and hijack the camera to require photos or record video.

Earlier this year, associate degree adware attack referred to as Judy managed to infect forty million phones through Google’s official marketplace and was wont to generate financial gain through malicious advertisements displayed on the device of victims.

In response discovery of malware assaultive humanoid, Google has counseled users build use of Google Play defend, a security suite for humanoid devices that scans apps and ensures their legitimacy.

Google has suggested users to transfer apps completely from the Google Play Store instead of from third-party app stores—where malware is even additional common—and to disable installations from unknown sources. the corporate conjointly suggests keeping devices up thus far with the foremost recent security fixes.

Share this

Related Posts

Next Post »