Malicious apps hosted in Google store turn Android phones into zombies

Google Play logoGoogle has been caught hosting more than a dozen malicious titles in its official Android app market. Some had been downloaded tens of thousands of times and turn smartphones into zombies that await commands from their attacker overlords, security researchers said.

A stash of 17 malicious apps remained freely available in the Google Play store, according to a blog post published Thursday by researchers from antivirus provider Trend Micro. Six of those titles contained a highly stealthy code dubbed Plankton, which causes Android-based phones to connect to command and control servers and wait for commands. At least 10 Plankton-based apps found last year in the Android market collected users' browsing history, bookmarks, and device information and sent them to servers under the control of the attackers.

"In total, we have discovered 17 malicious mobile apps still freely downloadable from Google Play: 10 apps using AirPush to potentially deliver annoying and obtrusive ads to users and 6 apps that contain Plankton malware code," the Trend Micro advisory warned. Malicious apps included NBA Squadre Puzzle Game, NFL Puzzle Game, Cricket World Cup and Teams, and a variety of names written in simplified Chinese characters.

Spy Phone Pro+ is one of 17 malicious titles Trend Micro researchers

It remained unclear if the malicious titles had been removed in the hours following the publication of the post. Searches for some of the titles named by Trend Micro returned no results. But searches for at least one of the developers shown as submitting the abusive apps to Google Play turned up suspicious-looking English language programs not mentioned in Trend Micro's blog post.

"Never ever download this app as it hijacks your browser," a user calling himself Jai wrote in comments accompanying an app called Make Your Home, which has been downloaded as many as 500,000 times . "I am still exploring the ways how to get it back to normal state. Big zero."

Comments accompanying other apps submitted by Antonio Tonev, the same developer listed as uploading Make Your Home—including those for Art of Tattoo and Thermo (Thermometer)—also claimed they triggered antivirus warnings or displayed unwanted messages.

In February, Google introduced a cloud-based scanner called Bouncer that scoured Android apps hosted on Google servers for malicious titles. The move followed a string of embarrassing disclosures by outside researchers who over the past year reported dozens of abusive apps in the market. The apps reported Thursday by Trend Micro are at least the second time malicious apps have been reported in Google Play since the introduction of Bouncer. That doesn't include malicious browser extensions found hosted in Google's Chrome Store.

One app found by Trend Micro was called Spy Phone Pro and explicitly described itself as a program to "track every text message, every call, every location." In all the apps have been downloaded more than 700,000 times.

A Google spokeswoman issued a statement that read: "We have removed the apps from Google Play that violate our policies." She didn't say how many apps were affected or when they were removed. Meanwhile, Make Your Home, Art of Tattoo, and Thermo (Thermometer) remain available for download despite user feedback claiming they're malicious. Google's statement made no reference to these apps.

Source: Ars Technica

Tags: Android, Google

Add comment

Your name:
Sign in with:
Your comment:

Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party

Last news

A mobile hotspot in Australia will be capable of hitting gigabit speeds on the go
Nokia CEO Rajeev Suri will speak at MWC 2017
Preliminary data for October shows another Windows 10 boom
The Helio P15 packs an octa-core Cortex-A53 processor clocked at 2.2GHz
Microsoft’s event has been scheduled for October 26th so hopefully we’ll hear more about Redstone 2 then
Samsung claims up to 27-percent higher performance or 40-percent lower power
A smartwatch prototype developed by researchers at the Dartmouth college
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
HP Slate 7 is a 7-inch Android 4 Tablet PC with good sound
A cost-effective, 7-inch tablet PC from a renowned manufacturer
October 25, 2013 / 4

News Archive



Do you use microSD card with your phone?
or leave your own version in comments