Google Again Failed To Detect The Trojan Malware In The Play Store

It’s Look like Google had to take the Play Store security check way more seriously as another malware hit the Android phones. This is the second time this month had to remove the apps from the Play store to chuck the malware attack. Google frequently got attacked by the infected apps in Play Store by the attackers. A researcher from the Kaspersky gives detailed information, how these attackers are able to ditch the Google’s Verify Apps security.

Earlier this month Google removed a Trojan from the Play Store named Dvmap, supposed to be a simple puzzle game. The app after getting downloaded rooted to the Android and inject malicious code into the device. According to the Kaspersky Google removed two apps, Magic browser and Noise detector who are the carrier of the Trojan.

MUST READ A Quick Dive into Google’s Android O Developer Preview

Both the apps were successfully transferring the trojan into the Android phones by disguising the users.The Magic browser is just the clone of Google Chrome and had been installed 50,000 times since it uploaded on 15 may. The other one Noise detector is supposed to measure the noise in decibels. The app has the downloads of 10,000 till the Google deleted it from the Play Store.

Once the Store Trojan deployed in the device it gathers all the information of the device and sends it to the attacker over the command. The Trojan also provide some control over the device functionality to the attacker and they can draw money with this. This lets the attackers do tasks like sending premium rate messages, delete the incoming messages along with turning off the sound.

Uncheck said the Noise detector app was intended to root the device with the original Story Trojan which is provided with the encrypted module but the app was not able to decrypt it.

The main agenda of the Trojan is to make the attackers capable of doing money making activities. The SMS functionality is the prime actions of the attacker via malware apps. The use of Trojan to send premium messages is nothing new the attackers are using since the introduction of malware in smartphones.

The Magic Browser tries to send messages from 11 places showing different locations for each. App sends these messages by the processing web loading errors which are operated by the control server.

These incidents show of frequent breaching of the Google’s play security by the malware apps is a serious issue. There is no guarantee that the app downloaded by the user from the Play Store it will be safe and secured. Now bypassing the Google app security check is doesn’t seem a tedious task for the malware makers. Google need to revamp the security infrastructure and make it more reliable for the users.

For the Latest tech news and reviews, follow MobileAppDaily on Twitter, Facebook, LinkedIN, Instagram and Flipboard.


Originally published at www.mobileappdaily.com on June 22, 2017.