More than one hundred apps posing as legitimate software on Google Play found to be infected, according to Russian researchers
Millions of Android users could have infected their devices with damaging malware after more than a hundred apps posing as legitimate software on Google Play were found to be affected by a Trojan.
Researchers at Russian antivirus software firm Dr Web found 104 apps carrying the malware, accumulating a total of 3.2 million downloads.
These apps masqueraded as popular versions of existing games, image-editing apps, video players, photo sticker apps, weight loss calorie counters, interactive smartphone wallpaper apps and even instant messaging services.
Once installed, the malware, called, Android.Spy.277, begins gathering large amounts of data related to the device’s owner, including their user’s geographic location, Gmail address and Google Cloud Messaging ID, as well as the phone number registered to the smartphone and the device’s IMEI code.
Once the infected app is opened, this information is then sent to a central server, which the hackers can then use to give the app instructions such as displaying fake notifications or pop-up ads that appear on the notification bar, or downloading shortcuts to links onto the user’s smartphone home screen.
The open links to malicious websites on either the smartphone web browser, the Facebook app or even the Google Play Store app itself, where further malware can be downloaded.
The ads also attempt to deceive the user into thinking something is wrong with their device, such as the battery being damaged or overheating, that can only be fixed by downloading yet another app or service infected with malware (pictured above)
Even if the user attempt to uninstall the affected apps, Android.Spy.277 is able to covertly install other apps onto the device that are able to continue monitoring for information.
Dr Web is urging users to be vigilant about the apps they download, and report any further issues to Google.
Are you a security pro? Try our quiz!