Malware Posing as Legitimate Apps on Google Play, Security Firm Warns
PhishLabs says it has discovered 11 malicious apps posing as popular payment apps on Google's official Android application store.The people most at risk of downloading Android malware on their mobile devices are those who install apps from unofficial third-party mobile application stores. But that doesn't mean that those who download apps from Google's official Google Play store are completely immune to malicious software. PhishLabs, a company that provides anti-phishing services, this week said it has discovered 11 malicious applications disguised as mobile apps for popular online payment services on Google Play since the beginning of this year. The applications purport to give users access to their online payment accounts from their mobile devices, PhishLabs security analyst Joshua Shilko said in a blog post this week. But in reality, the only functionality the apps have is to collect the user's logon credentials and personal data and to send that to a remote command and control server belonging to the malware authors, Shilko said. PhishLabs did not identify the 11 payment brands whose apps were spoofed and uploaded to Google Play. According to Shilko, 10 of the companies whose customers are being targeted by the malicious apps provide links in their Websites directly to their mobile applications. One of the companies being targeted explicitly notes on its Website that it has no mobile application, he added. All of the apps appear to have been developed by the same malware author or authors.
Android owners who mistakenly download and use the fake apps are presented with a Web page designed to look and act like the real brand's Web page. Any logon credentials a user supplies to the fake app are immediately sent to the attacker.