Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Mobile Tech / Google Play Malware Affects Millions
Malware in Google Play Apps Affects Millions
Malware in Google Play Apps Affects Millions
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Researchers have found that several Android apps on Google Play quietly sneak malicious adware onto devices in ways that make it difficult for users to identify the sources of the problems. The apps had apparently been downloaded by millions of users before the malware was reported, according to a Tuesday blog post by Avast Mobile Malware Analyst Filip Chytry.

The suspicious apps included a card game, an IQ test and a history app. Chytry noted that Avast was alerted to the malware by a January 23 post on its mobile security forum.

Google has now removed the questionable apps from its play store, according to a Wednesday report on ZDNet. The apps appeared to have targeted both English-speaking and Russian-speaking users, ZDNet noted.

Millions of Downloads

While the initial forum report about the apps didn't seem like anything spectacular at first, "once I took a closer look it turned out that this malware was a bit bigger than I initially thought," Chytry said.

Because the apps appeared on Google Play, they potentially had a huge target audience, he noted. For instance, the card game app called Durak (which can be translated as "fool" in Russian) had been downloaded and installed between 5 million and 10 million times, according to Google Play.

The malware was insidious because the apps appeared to behave normally for several days, Chytry noted. Over time, however, users began to see pop-ups warning that their devices had been infected or they needed to be updated. Those warnings directed users to dubious apps and sites promoting questionable solutions to the devices' problem.

"After a week, you might start to feel there is something wrong with your device," Chytry said. "Some of the apps wait up to 30 days until they show their true colors."

Social Engineering Tricks

We reached out to a spokesperson at Avast who told us that researchers are continuing to investigate the malware. "Our analysts are currently checking if other apps could have been affected by this," the spokesperson said.

To protect against such malware, users should only download apps from official stores, she said. "We also always recommend users carefully check apps' permissions before downloading them. App permissions should be directly related to the app's functions and any access permissions made by apps that do not seem to support the app would also indicate that the app may be collecting unnecessary personal data," the spokesperson added.

Such malicious adware often succeeds because of the social engineering tricks used, such as persuading people that the advertised solutions to their devices' problems are legitimate, Chytry noted in his blog post.

"Social engineering tactics are favored by malware developers because they require little to no effort on their part, as the user 'willingly' allows the malware to enter their system," the spokesperson explained. "These are growing more sophisticated, especially as malware authors are forced to circumvent Google Play's policies."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.