Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Mobile

    Malware Alerts Prompt Google to Purge Android Apps From Play Store

    By
    JAIKUMAR VIJAYAN
    -
    September 15, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Mobile Malware

      Google’s efforts to keep its mobile app store free of malware-laden applications appears to be very much a work in progress considering the recent success cyber-criminals have had uploading rogue software to it.

      This week two security vendors issued separate advisories warning about finding malware-infested applications on Google Play.

      Check Point Software said it had discovered at least 50 Android applications on the mobile app store tainted with malware designed to surreptitiously send fraudulent premium SMS messages and charge users for fake services.

      Check Point said that applications containing the Android malware, dubbed ExpensiveWall, had been downloaded between 1.2 million and 4 million times.  ExpensiveWall, according to Check Point, is a variant of a malware strain that was discovered infecting a popular Android photo app on Google Play only earlier this year.

      Between the two incidents, the malware family has been downloaded between 6 million and 21 million times, Check Point said citing Google Play data.

      Google removed the most-recent batch of infected applications promptly from Play after Check Point informed the company about the issue on Aug. However, a mere few days later, another application containing the malware again became available on Google Play and infected more than 5,000 Android devices before Google removed that one as well, Check Point said.

      According to the security vendor, users who downloaded the applications are still at risk and need to uninstall the software. The Check Point blog contains a comprehensive list of all Android applications on Play that the company found infected with ExpensiveWall. The names of the apps suggest that a majority of the infected software was wallpaper applications.

      Google did not respond immediately to a request seeking comment on whether the company had notified Play customers who had downloaded the malware to urge them to uninstall the malware.

      The second advisory was from Trend Micro, which said it had found four applications on Google Play that were infected with new versions of BankBot, a malware for stealing user credentials to online bank accounts.

      The newest versions were designed to steal credentials of customers of 10 banks in the United Arab Emirates, Trend Micro said in an advisory this week. The malware has since been removed but not before one of the applications was downloaded between 5,000 and 10,000 the security vendor reported.

      Check Point described ExpensiveWall as malware that sends premium SMS messages and registers victims to premium services without their knowledge or consent. If a user downloads the malware, it requests permissions commonly associated with other applications such as permission for Internet access and SMS permissions.

      “Most users grant these permissions without thinking, especially when installing an app from a trustworthy source such as Google Play,” Check Point researchers Elena Root, Andrey Polkovnichenko and Bohdan Melnykov wrote.

      Unlike previous versions of the malware, ExpensiveWall uses an advanced obfuscation technique to evade the anti-malware protections that Google has built into Play, the researchers said. The malware can easily be tweaked to carry out more dangerous tasks such as stealing data from the victim’s phone or to spy on them.

      This is by far not the first time that security researchers have found malware-laden applications on Google Play, which is widely regarded as the safest source for Android applications.

      In April, two security vendors separately warned about discovering malware on Play. One of the alerts was from Zscaler about a spyware tool masquerading as a system update that had been downloaded between 1 million and 5 million times. The other was from Securify and warned of banking malware posing as a legitimate application on Google Play.

      The same month PhishLabs discovered 11 Android apps masquerading as payment applications on Play. In May, Google was forced to purge dozens of applications from its app store after Check Point found they were designed to trick users into clicking on ads on a massive scale.

      Google has added new controls to try and address the problem. The most notable among them is Google Play Protect, an always-on antivirus service that scans for malware on Android applications uploaded to Play and running on user devices.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×