Despite back-to-back reports of malicious apps, Google’s Play Store still harbors lots of such applications. Once again, researchers have discovered a bunch of such applications, including gaming and photo apps, that delivered malware to users’ devices.
Malicious Gaming and Photo Apps Reportedly, Dr.Web team has discovered another batch of malicious applications flooding the Google Play Store. In their study, they found some utilities, gaming and photo apps to be loaded with malware. Elaborating on their findings in a blog post, the researchers stated that they found these apps delivering spyware to Android users. While the apps seemed legit, they actually delivered malware on the users’ devices. Some of these apps carried banking trojans from the Android.Banker family with them. For instance, the researchers highlighted the apps ‘YoBit Trading’, that posed itself as the official app for YoBit crypto exchange, to bear Android.Banker.352.origin banking Trojan. Upon installation on a device, the app displayed fake login pages to steal users’ credentials. Likewise, another app ‘Encontre Mais’, that posed itself as a tool to locate family members, infected users’ device with Android.Banker.347.origin Trojan. The malware, in turn, pilfered sensitive data from the users’ device via text messages. Alongside the Android.Banker family trojans, Dr.Web also caught apps delivering trojans from Android.HiddenAds, Android.DownLoader, Android.Click, and Android.Joker families.
Stay Wary Of Malicious Apps Although, Google is seemingly adopting strict policies for apps and app developers for publishing on Google Play Store, the growing number of reports highlighting malicious Android apps certainly raises questions on Google’s policies. While, as an average user, you may not prevent such apps from appearing on the Play Store. Nor you can stop anyone from using those apps (possible only when you detect the maliciousness of the apps yourself). However, you can certainly control what apps succeed in reaching your device.
Key security checks to avoid getting infected
- Make sure you download apps powered by legit developers only.
- Make sure to have a look at the developer’s name and contact address (that should be official). You can counter-check the validity of the developers via a simple Google Search as well.
- Always take a look at the app ratings. Go through the reviews and see what the users have commented about the app, especially the bad things. These reviews will certainly give you an idea about how good or bad an app is. And, if an app appears to have less to no ratings, or looks new, better refrain from downloading it.
Tip for IT Administrators is ensure you isolate these BYOD in a seperate network to ensure they can not infect company devices or have access to private informaiton. To find out more click here.