Alexandra Burlacu
Security researchers found a new piece of Android malware on Google Play: a downloader that downloads a spyware app to monitor texts, call logs and location.
The authors behind the malicious code apparently disguised their hoax under the guise of font-installing apps. Offering an application that claims to legitimately download more content can bypass Google Play's security systems and spread malicious code.
Security firm Webroot identified the threat as "Android.TechnoReaper" and points out that it's quite cleverly disguised. The app doesn't seem too popular, but the risk exists.
"Once you install the app, it looks like a nice app used to install new fonts on your phone," notes the security firm. "Everything looks legitimate, but if you look in the code you'll see you could get more than you bargained for."
The issue proves yet again how important it is to have human approval for apps before making them available in an app store. Each feature must be thoroughly tested, as cleverly disguised malware is on the rise.
The two apps Webroot identified as malicious are still available on Google Play. The first one had less than 100 downloads, while the second has between 10,000 and 50,000 downloads. By Android's standards, that's hardly popular.
It remains unclear at this point whether more similar apps are available. One could easily modify such apps claiming to add fonts or other content. While fonts may not be so popular, the potential install base for malicious apps claiming to push music, videos or games would be considerably larger. Code authors could also modify what these apps download by simply plugging in a different URL.
The malicious apps found on Google Play download spyware called iKno Android Spy. The app claims to allow users to view incoming, outgoing and draft SMS by logging in to their web portal, enjoying quick synchronization and having all messages forwarded to their account. The same goes for call logs - users can forward all incoming, outgoing and missed calls to their registered account and view the call number, call time and duration. In terms of location services, users can find the exact location of the device they are monitoring and they can even request the device to send them the location details on their online account and view those details via a map.
It remains unclear whether iKno Android Spy actually does everything it claims to do or whether it also sends the data to a third party as well. If another app is downloading it, for instance, uses no longer have control over what iKno is doing.
most read
related stories
more stories from What's App
WhatsApp beta update unlocks direct access to Meta AI via search bar. Explore the latest features and streamline your messaging experience. Update now for enhanced functionality!
ernest hamiltonWhatsApp extends video status length to 60 seconds. Share more of your life's moments with friends and family. Update now for the latest feature!
ernest hamiltonBig news for WhatsApp users! Voice message transcription may soon extend to Android. Stay tuned for enhanced messaging features.
ernest hamiltonPrivacy boost! WhatsApp introduces profile picture privacy feature, blocking screenshots. Safeguard your privacy with this latest update. Update now!
ernest hamiltonWhatsApp gears up for a game-changing update allowing users to send messages from other apps directly. Stay tuned for a revolutionary messaging experience.
ernest hamiltonEngage like never before! WhatsApp Channels unveils 4 exciting features for enhanced brand and celebrity interaction. Explore the future of messaging now!
ernest hamiltonWhatsApp elevates your experience! Now share photos and videos in original quality. Enjoy enhanced sharing today!
ernest hamiltonGoogle plans to delete dormant accounts. Learn how to preserve your Google account and safeguard your data.
ernest hamilton