Malware Posing As Innocent Games Downloaded By Millions Of Android Users


It seems like Google’s crackdown on developers and refining the Play Store was only a drop in the bucket; the problem seems much bigger than anticipated.

Today, a security researcher at ESET, Lukas Stefanko, called out thirteen Google Play Store apps which were originally malware disguising themselves under the name of the driving game for Android.

The Android apps which ranked on the Google Play Store with installs more than 580,000 were removed by Google as soon as the news the broke out.

Google Play Store Driving games

Scott Westover, a Google spokesperson, confirmed to TechCrunch that the apps violated Google Play Store policies, which is why they have been removed from the Android app store.

Meanwhile, Luckas also posted one of the app functionality videos on Twitter. For example, once the driving game app is opened on an Android device, it automatically shuts down after showcasing two-three animations for a few seconds. Following which, the app icon immediately vanishes from the device.

Following the launch, the app trigger ads when the device is unclocked, Lucas mentions in his tweets. While no one seems to be exactly sure of the intent of the malware, as indicated by the uploaded sample to VirusTotal.

One thing for sure is that the app was downloading a payload from a domain, registered to an app developer in Istanbul. Also, it had permissions like  “full network access” and “run at startup”.

All the thirteen malicious apps were displayed under the tag of “Google Play Protect,” which raises questions weather Play Protect service is actually protecting anything or not.

Also Read: A Samsung Galaxy S10 Variant Will Pack 6 Cameras And 5G Network Support
Charanjeet Singh

Charanjeet Singh

Charanjeet owns an iPhone but his love for Android customization lives on. If you ever ask him to choose between an iPhone, Pixel or Xiaomi; better if you don't.
More From Fossbytes

Latest On Fossbytes

Find your dream job