Greater than half 1,000,000 customers have put in Android malware posing as driving video games — from Google’s personal app retailer.
Lukas Stefanko, a safety researcher at ESET, tweeted details of 13 gaming apps — made by the identical developer — which had been on the time of his tweet downloadable from Google Play. Two of the apps had been trending on the shop, he stated, giving the apps higher visibility.
Mixed, the apps surpassed 580,000 installs earlier than Google pulled the plug.
Anybody downloading the apps had been anticipating a truck or automotive driving sport. As a substitute, they acquired what gave the impression to be a buggy app that crashed each time it opened.
In actuality, the app was downloading a payload from one other area — registered to an app developer in Istanbul — and put in malware behind the scenes, deleting the app’s icon within the course of. It’s not clear precisely what the malicious apps do; not one of the malware scanners appeared to agree on what the malware does, based mostly on an uploaded pattern to VirusTotal. What is clear is that the malware has persistence — launching each time the Android cellphone or pill is began up, and has “full entry” to its community visitors, which the malware creator can use to steal secrets and techniques.
We reached out to the Istanbul-based area proprietor, Mert Ozek, however he didn’t reply to our e-mail. (If that adjustments, we’ll replace).
Google spokesperson Scott Westover confirmed that the apps “violated our insurance policies and have been faraway from the Play Retailer.”
It’s one other embarrassing safety lapse by Google, which has lengthy confronted criticism for its backseat method to app and cell safety in comparison with Apple, which some say is way too restrictive and selective about which apps make it into its walled backyard.
Google has spent years attempting to double down on Android safety by together with higher security measures and extra granular app permission controls. However the firm continues to battle rogue and malicious apps within the Google Play app retailer, which have taken over as one of many biggest threats to Android consumer safety. Google pulled greater than 700,000 malicious apps from its app retailer final yr alone, and has tried to enhance its back-end to forestall malicious apps from moving into the shop within the first place.
And but — clearly — that isn’t sufficient.