Google Play Store can Still have Malware-Tainted Apps

Taking down mobile applications from unauthorized websites is likely to cause danger since such websites don't scrutinize applications the way Google does. The Internet giant examines every application on its store for making sure there's never any malicious one in the store collection. However, instances have occurred when malevolent applications quite effectively dodged Google's defenses. An e.g. is of SMSVova, a spyware that stalked end-users' locations while infected System Update, an app Google's Play Store hosted. Security firm ZScaler was the discoverer of SMSVova. Although Google removed that app but it was already acquired earlier over 1m times.

SMSVova captures end-users' sensitive data and publishes the same on the Web. The stolen information comprises end-users' e-mail ids and login names. It may as well take down other APKs and plant the same devoid of getting detected provided the victim user's Android smart-phone is routed.

Trend Micro the security company was the discoverer of another malware Xavier. The company identified 800-and-more applications on Google Store that had the harmful software on them. Those applications impacted with Xavier were wallpaper changers and photo manipulators. Trend Micro posted an entire assortment of the applications on which Xavier was implanted. Express.co.uk posted this, June 27, 2017.

One more malicious program, Judy that contaminated more than 41 applications on Google Play Store first came to the notice of Check Point Software Technologies, a security firm. 'Kiniwini,' one Korean company that in the name of Enistudio Corp on Google Play was the developer of the mentioned apps. An adware, Judy is automatically clicked as it functions by producing fake clicks out of end-users' smart-phones. The malware silently opens particular web-pages showing advertisements in background devoid of end-users' consent as well as subsequently views the ads by clicking on them for getting remunerated from the online site constructor.

During the attacks by Judy, many false advertising clicks were produced, says Check Point, a security company.

The kind of apps discussed dodges identification by utilizing techniques namely 'emulator detection,' 'online data encryption' and 'string encryption.' Web-surfers require going through reviews before taking down applications solely from verified websites.

» SPAMfighter News - 6/29/2017