June 24, 2024

Malware disguised as apps in the Google Play Store

Malware disguised as apps in the Google Play Store

Bitdefender Labs has detected malware disguised as apps in the official Google Play Store using a new technology. As part of a new campaign, hackers are currently distributing many apps in the Google Play Store with only fake functionality. Bitdefender has identified 35 such apps so far.

For several years, cybercriminals have increased their efforts to steal malware through Google Play Store bring to the user. At the same time, Google has improved its security checks. However, new Bitdefender results show that hackers have some ways to bypass Google’s checks.

35 fake apps have been discovered that, once installed, hide their presence on the smartphone by changing their names and showing a new icon. After that, they started aggressively targeting smartphone owners with online ads. Hackers make a profit, but they disrupt performance and ease of use. Besides, apps can also associate with malware.

Although the malware is clearly malicious, the developers have been able to upload it to the official Google Play Store, show it to users, and even distribute updates to help the malware become more stealthy. Deleting the app is also more difficult, as the apps create a new name and a new icon. Also, apps have the ability to support their stay on the phone.

Example “GPS location maps”

GPS location maps app, for example, has also impressed researchers with over 100,000 downloads without getting a single rating. After installation, the app renames “Settings” and immediately displays an ad in web views. WebViews are part of the Android operating system and allow apps to display content such as websites or advertisements.

Picture 1: An app that promises a lot of benefits, but above all sends a lot of ads over the internet: a supposed GPS location finder. Image source: Bitdefender.

Other apps can override the battery settings. Others initiate notifications about the services offered so that the operating system does not delete them. To better camouflage themselves, some malware samples disguise their code.

Bitdefender’s new detection technology

Bitdefender identifies malicious applications using a new real-time behavioral technology developed to detect these and many other dangerous practices. Bitdefender will soon roll out this new technology gradually to its users.

NL code 1

Safe handling of applications

Just because a user downloads an app from an official store doesn’t mean it’s safe. Smartphone users should also be careful when downloading malware from the official Google Play Store. Basic behaviors that increase the security of the mobile user:

  • Users should not install apps they don’t really need.
  • Users should not forget to delete apps they no longer use.
  • Don’t trust apps that have a large number of downloads and little or no ratings.
  • Suspicious applications that require special permissions, eg b. Show the application above another application.
  • Be careful with apps that request access to permissions not related to the advertised function
  • A mobile security solution must be installed on the smartphone so that it can run in the background and detect malicious behavior.

More information:

Find the full Bitdefender report here over here.