Google removes 29 malicious photo apps from Android's Play Store

[midian182]

In brief: We’re always advised to avoid downloading applications from outside the app stores, but that doesn’t mean malicious programs don’t occasionally sneak their way onto official services. Not for the first time, Google has removed dozens of apps after they were found to contain nefarious code.

A report from security firm Trend Micro last week revealed that 29 camera and photo apps in the Google Play Store performed unwanted activities, such as pushing full-screen ads containing fraudulent content and pornography when users unlocked their devices.

Other apps redirected users to phishing websites that attempted to steal personal information, often by falsely claiming they had won a prize. Another batch that purported to be beauty apps were designed to let the developers steal users’ uploaded photos. Instead of receiving an edited image after uploading a selfie to the servers, victims would get a message claiming they needed to perform an update. Clicking on this led to another phishing site.

The apps used different methods to prevent people discovering their malicious activities, including compression archives (packers) that made them difficult to analyze, and remote servers that were “encoded with BASE64 twice in the code.” Additionally, there was nothing indicating to the user that the ads were linked to the apps. Even uninstalling them was difficult, as they were hidden from the standard application list. The apps' reviews did suggest something was amiss, however.

While these sort of malicious apps usually aren’t very popular, the 29 programs in this instance were downloaded 4 million times, with many of the users originating from India. Three apps had over one million downloads, while eleven had at least 100,000. Google has now kicked them from its store, though it seems most of the damage had already been done.

Last Summer, Google removed 100 apps infected with Windows malware from its store - just one of several instances in which malicious programs had sneaked past its safeguards.

Permalink to story.

https://www.techspot.com/news/78563-google-removes-29-malicious-photo-apps-store.html

 

[gusticles41]

I feel like it should be common practice for Google to audit any app with a sub-3 star rating. There are way more of these apps in the dumpster fire that is the Play Store than just the 29 photo apps.

 

[trparky]

Google really needs to get a handle on this crap and start really auditing app submissions. This shouldn't at all be happening in a mainstream ecosystem where people expect to be safe when compared to the dumpster fire that is Windows.

 

[alansmith]

Is it practicable for google to install, run, close, and then repeat the start, run, close a number of times on each app before releasing it to users? How many new apps are released weekly? And how often are each of your apps updated?
I think it may be impractical for google because of the number- I expect it would be a huge number so they may only do testing on an audit basis and response to complaints which is understandable. How about a user support program for testing -but who would risk compromising their machine? What about running on virtual machines, safer but again who could/would do it so frequently because of those updates - seemingly excessively for some apps.
...then there's the apps already in the store to test.
...the malware then gets modded so it doesn't appear until 2 weeks has passed...

I do have sympathy for android users , and -sorry- I do have sympathy for google too.

There should be a substantial penalty (jail, bans from owning or using computers, ...) for anyone involved in creating or knowingly distributing malware but that would take international support so would be hard to instigate, but lets start with US, UK, EU, Russia etc. and try to get others to join.

I doubt much of this will happen for a very long time, if at all - utopia is a long way off.