Android Malware Apps Reportedly Returning to the Play Store Under a New Name

Android Malware - MediaTek chipsets affected

Security researchers at Symantec claims to have discovered dozens of new malware apps on the Google Play Store, rekindling questions about safety in the Android ecosystem. The report published by the cyber-security company mentioned at least 45 such apps, seven of which are being described by the researchers as ‘persistent’, because they apparently reappeared on the Play Store under a different name and publisher even after they were removed by Google.

Android Malware Apps Reportedly Returning to the Play Store Under a New Name

According to the report these apps advertise seemingly innocent functionality such as emoji keyboard additions, storage cleaners, calculators, app lockers and call recorders. But they hide the ‘Android.Reputation.1’ malware which Symantec says uses the phone’s resources to perform background tasks. “Once the app is installed, it takes various measures to stay on the device, disappear, and erase its track”.

The company also mentions 38 more apps that apparently look to divert traffic to various dodgy websites instead of functioning as advertised. According to the report, the apps consume a lot of data while loading various URLs in the background without intimating the user.

“The URLs lead to various blogs and it is likely the app is being used to increase Web traffic to these sites. So far, the majority of users downloading these apps seem to be located in the US, US, South Africa, India, Japan, Egypt, Germany, Netherlands, and Sweden”

The researchers say that these malicious apps also have legitimate-sounding names, such as Multiplication Table Game, Swing Games, General Cultures, Piano Game, Game Billiards, Subway, etc., which tricked many unsuspecting users into installing them on their devices.

The researchers suspect that these apps were downloaded by ‘at least 10,000 devices’ during their stay on the Play Store, but has since been removed by Google after being contacted by Symantec.

comment Comments 0
Leave a Reply