Android smartphone users are being warned about over a dozen apps found on Google Play Store that are filled with malware.
Android fans have been put on alert a number of apps on Google Play Store are loaded with malicious software.
Android is one of the most used piece of software in the world. The hugely popular OS has also been subject to a number of high profile security scare the biggest of which being the Judy malware campaign.
That saw up to 36.5million Android smartphone users infected by over 41 apps on Google Play Store.
Android fans are being warned about Google Play Store security scare. Experts have warned that 13 malware filled apps found on Google Play Store have been installed on more than half a million Android devices.
Lukas Stefanko, an IT security researcher with ESET, discovered the malware was found on a number of Android diving game apps.
He tweeted: "Don't install these apps from Google Play - it's malware
"Details: 14 apps, all together 560,000+ installs, after launch hide itself icon, download additional APK and make user install it (unavailable now), 2 apps are #Trending no legitimate functionality, reported."
Stefanko also published a video showing one affending app being installed on android device. When Stefanko tries to open it the app shows a logo for game graphics engine but then after that display a blank screen. And after existing the app the icon for it no longer appears.
"These app os downloaded in the background and requestes user to install it.
Once lanched it hide itself & display ads when device is unlocked."
Responding to the findings, Will LaSaka director of security solutions at OneSpan, said,"Application repackaging has been on the rise for a while now.
"Earlier this year it was reported that applications were being hijacked to install cryptocurrency miners.
"We saw a decline in these attacks when govt started to address the cryptocurrency conversion process and made it harder for anonymous people to cash out.
"However these repackage attacks did not stop instead they got sophisticated and refocused on other valuable data that can be converted to money just as quickly.
"Now repackaging attacks make common or simple apps into nefarious playload delievery applcations.
This allows hackers to get other malware onto victims phones without their knowledge and often by combining screen overlay attacks to help trick users into installing these newly downloaded malware playloads. These malware apps focus on harveting credentials and injecting libraries that can cause applications to deliever sensitive information directly into the hands of the hakers."
This allows hackers to get other malware onto victims phones without their knowledge and often by combining screen overlay attacks to help trick users into installing these newly downloaded malware playloads. These malware apps focus on harveting credentials and injecting libraries that can cause applications to deliever sensitive information directly into the hands of the hakers."
No comments:
Post a Comment