Google Play threatening apps hijacks your Android

A couple of days ago we told you about the NotCompatible Android Trojan that was targeting mobile devices in what is known as a drive by download, but the Google Play store has threatening apps that can hijack your Android device.

Google has been found to have over a dozen malicious apps in its official Android app store, and some of these have been downloaded thousands of times according to ars technica. These then turn smartphones into zombies that wait for commands to come from their attackers according to researchers.

A collection of seventeen malicious applications remained available in the Google Play store according to researchers from antivirus provider Trend Micro. Six of the affected applications had a highly stealthy code called Plankton, which causes devices to connect to command and control servers and wait for commands.

There were at least ten Plankton based applications discovered last year in the Android market that gathered users browsing history, bookmarks, and hardware information before sending them to servers that were controlled by the hackers.

Trend Micro advisory warned that they discovered seventeen rogue applications that were freely available from Google Play, with ten of them using AirPush to potentially deliver annoying and obtrusive ads, and six apps that contained the Plankton malware code. These included Cricket World Cup and Teams, NFL Puzzle Game, NBA Squadre Puzzle Game, and a variety of names written in simplified Chinese characters.

At first after the Trend Micro publication it remained unclear if the offending apps had been removed, but Google later revealed they had been removed. Searches for at least one of the developers shown as putting up the abusive apps to Google Play did return suspicious looking English language programs not previously mention by Trend Micro.

An app called Make Your Home received a comment from a user going by the name Jai, who warned “Never ever download this app as it hijacks your browser”, and this app had been downloaded at least 500,000 times. There were also comments for other apps put up by the same developer going under the name of Art of Tattoo and Thermo, which warned that they triggered antivirus warnings or displayed unwanted messages.

Back in February Google launched a cloud based scanner titled Bouncer, which scoured Android apps hosted on the company’s servers for malicious titles, but the move followed a number of embarrassing disclosures by outside researchers that had discovered dozens of abusive apps available in the market, but this latest revelation is the second time malicious apps have been found in Google Play since the introduction of Bouncer.

Are you concerned about malicious apps in Google Play?

Live Comment

Your email address will not be published.