Google bans 151 Android apps linked to an SMS scam campaign from the Play Store

jsilva

Posts: 269   +1
Staff
In context: Avast has been making a thorough investigation into a premium scam campaign named UltimaSMS. This campaign consisted of apps that were available to download from Google Play Store. Once installed, these apps would ask for your information to subscribe to a premium service that could cost you $40 a month.

Avast's investigation uncovered 151 apps linked to the UltimaSMS campaign. The first was Ultima Keyboard 3D Pro, for which the campaign was named. You can check the complete list of apps on Avast's GitHub.

In total, users downloaded the scammy apps over 10.5 million times in over 80 countries, including the US (170,000 downloads). Google has already banned all 151 flagged from the Play Store but doesn't have the power to uninstall them from a user's device. Users with any of the listed apps should install them immediately.

Disguised as custom keyboards, QR code scanners, video and photo editors, spam call blockers, camera filters, and games, these apps would check the phone's location, IMEI, and phone number to "determine which country area code and language to use for the scam."

After opening the app, users would then be presented with a prompt to fill in with their phone number, and sometimes, the email address so users could supposedly access the app's advertising features. After giving their details, users would instead subscribe to premium SMS services that charge up to $40 a month. If users tried to access the apps' advertised features, they would be presented with more SMS subscriptions, or the app would just stop working.

Google has already done multiple cleanups on Play Store in the past, removing apps infested with Windows Malware and adware, and even stalking apps.

As Android malware becomes more common, Google has to be more restrictive about the apps entering its platform. Unlike Apple, which is known for meticulously reviewing all apps before uploading them to the App Store, Google's app reviewing process is faster, easier to pass, and less complex. In comparison, Apple may take up to a week before deeming an app safe to use, while Google usually takes less than two days.

Maybe it's time for Google to change its process, betting on a more robust and secure approach to ensure its users are safe from these nefarious apps.

Image credit: Android by Denny Müller, Smartphone by Andrew M

Permalink to story.

 

kiwigraeme

Posts: 728   +534
2 things of interest

It's a diverse range of apps - so if they actually work - have they built up stock apps to add sms attack to ?
Or do they just rip IP from other apps?

Secondly - Google can not automatically delete these apps.

Do they send notifications?

Plus would people accept a tick button - remove app if deem malicious ?
 

Irata

Posts: 1,872   +3,166
2 things of interest

It's a diverse range of apps - so if they actually work - have they built up stock apps to add sms attack to ?
Or do they just rip IP from other apps?

Secondly - Google can not automatically delete these apps.

Do they send notifications?

Plus would people accept a tick button - remove app if deem malicious ?

This - I was wondering about this myself. Why doesn‘t Google show a ‚We have determined the following apps pose a security risk - do you want to remove them‘ dialog ?
 

mountains

Posts: 48   +61
And side loading with no review is a good thing, right?
I would argue that side loading to avoid this Play Store issue is definitely a good thing. I trust F-Droid's open source repository to have a user's best interests in mind way more than the default. I see the issue this article brings up as a counter argument to some people's conventional wisdom that we should trust the massive tech companies, and only the massive tech companies, to protect us.

Of course, nothing is perfect, and one should have some understanding of what they install.