New strain of malware found hidden in Google Play store

[Cal Jeffrey]

Security firm SophosLabs has just discovered a new malware infecting Android devices. Researchers found a file buried deep within the libraries of several seemingly legitimate apps on the Google Play store. Sophos informed Google of the rogue apps, and it has since removed them. However, the security group estimates that more than 500,000 people had already downloaded affected apps before they were pulled.

The questionable file (Andr/HiddnAd-AJ) has a name that seems obvious, but was able to slip past Google’s “Play Protect” vetting system disguised as utility apps — six different QR code readers and one “smart compass.” While malware disguised as legit apps is nothing new, this malware went a step further by remaining dormant for several hours after being downloaded. Once active, the malware inundates the phone with ads.

“For all its apparent innocence, however, this malware not only pops up advertising web pages but can also send Android notifications, including clickable links, to lure you into generating ad revenue for the criminals,” said the researchers.

(Image via SophosLabs)

The developers of the malware also used a novel trick to hide the malicious algorithms further.

“The adware part of each app was embedded in what looks at first sight like a standard Android programming library that was itself embedded in the app. By adding an innocent-looking “graphics” subcomponent to a collection of programming routines that you’d expect to find in a regular Android program, the adware engine inside the app is effectively hiding in plain sight.”

If you were one of those unfortunate enough to have downloaded one of the applications before Google removed them from the store, you should remove the suspicious app. SophosLabs also has a security app that can detect and remove this and other malware for you.

Despite malicious programs sometimes getting through Google’s checks, the researchers say that Google Play is still the safest place to get your apps. Many third-party stores have no security measures in place at all, so the risk is much higher outside of the Google ecosystem.

Permalink to story.

https://www.techspot.com/news/73884-new-strain-malware-found-hidden-google-play-store.html

 

[trparky]

Google's so-called "vetting process" fails yet again. No surprise there.

 

[bolski]

Apple has had their share of this as well. No system is perfect. People will always find a way around it one way or another. That is why you always need to be vigilant about what you install on your devices.

 

[tipstir]

Well that's the issue with Android and ads in place of the program being crippled. So sneaky developer can add anything he wants into the coded free app. Once upon a time they never bother with ads in the app code. I avoid such apps. To much redirection going on lately in apps. Being Android Developer since 2010 I care not for such games. I usually removed these apps. Ad Guard not found on play store can detect and block these pest. But again to get Ad Guard you take some risk too. If you don't know or unsure of the app don't download them.

 

[Kenrick]

Well that's the issue with Android and ads in place of the program being crippled. So sneaky developer can add anything he wants into the coded free app. Once upon a time they never bother with ads in the app code. I avoid such apps. To much redirection going on lately in apps. Being Android Developer since 2010 I care not for such games. I usually removed these apps. Ad Guard not found on play store can detect and block these pest. But again to get Ad Guard you take some risk too. If you don't know or unsure of the app don't download them.

This is the best comment to describe the android ecosystem. The only way to prevent this is to have people manually checking submitted apps yet we see these news over and over again with android.

 

[trparky]

Apple has had their share of this as well. No system is perfect. People will always find a way around it one way or another. That is why you always need to be vigilant about what you install on your devices.

Yes, I understand this but it seems that Google is always in the news about this issue meanwhile you really don't hear anything about it happening in the iOS App Store (or at least very rarely do you hear about it).

Considering that this site is very pro-Android and very VERY anti-Apple I would have thought that if this were happening in the iOS App Store this site would be all over it the moment that it happened like flies on a cow flop. Yet we so rarely hear about it from the Apple camp but all the stinkin' time in the Android camp. Something must be rotten in the Android camp for this to be happening all the time.

 

[Berty Boy]

Hold on ! google harvesting data and spamming us with ads !! kettle, pot , black no ??????