Short Bytes: Third party app stores cannot always guarantee the user safety with each app they hand out to a user. On the other hand, app giant like Google Play is famous for providing security against the malicious apps. According to the latest research by Trend Micro, a new malware has been spotted in the wild. Detected as ANDROIDOS_LIBSKIN.A, this malware comes with the capability to root your phone without your permission.
- There are no region locks for apps in some third-party app stores
- Users get considerable discount over an app in third-party app
- Third-party app stores are often more popular than App giant like Google play in a specific area.
When an Android user downloads the app from a third-party app store, the user is required to select the option in their mobile phones which says ‘allow the installation from “unknown sources”’. Once allowed, Android has hardly any control over the authenticity of the App.
Once installed, malicious apps have a history of popping up from these third party websites. This could be another reason users are always asked to stick to Google Play. Because of Google’s security measures, we believe it is the safest platform for downloading apps.
Some of the malicious apps which were often seen in some third-party app stores spoof popular apps. Spoofing a popular app increases their chances of getting selected and downloaded. These include popular mobile games, mobile security apps, camera apps, music streaming apps, and so on. They even share the exact same package and certification with their Google Play counterpart.
The most notable trait of this malware in the malicious apps, detected as ANDROIDOS_LIBSKIN.A, is their capability to root. Once rooted to the device, these apps becomes a gateway to the bigger threats. They are capable of:
- Downloading and installing other apps without the user’s knowledge.
- Presenting a user with a luring ad to download other apps.
- Collecting user data and forwarding them to the attacker.
Based on the data, these malicious apps have infected as many as 169 countries and most of them are the Asian countries. So, it is recommended that next time if you download something, make sure you download from the certified store.
Know more about this malware here on Trend Micro’s blog.