A recent investigation by Check Point reveals that there is a new family of malicious software for Android that is trying to infiltrate the Google Play Store. The researchers found out that the Tekya malware was present in 56 applications, 24 of which were games for children, which already had 1 million installations. Google has already been notified and has removed them from the digital store.
Experts indicate that in order to spread Tekya, hackers have created fake versions of legitimate applications, from translation tools and PDF readers, to puzzles, racing or cooking games targeted at the youngest. Among the applications targeted are offers from developers such as Caracal Entertainment, Leopardus Studio, Biscuit Ent, Titanyan Entertainment or MajorStudioX.
According to the cybersecurity company's investigation, Tekya uses native code to circumvent Google's security mechanisms. The malware uses an Android mechanism called MovtionEvent to imitate user behavior and click on ads, thus generating profit fraudulently.
Check Point says the incident again demonstrates that, despite Google’s efforts to contain the presence of malicious software, the Play Store is still a place where malware applications thrive. There are more than 3 million applications in the technological giant's digital store and, with hundreds of new offers published daily, it becomes increasingly difficult to guarantee security.
