Malware returns Play Store with other names and uses Google cones | Security

Malware returns Play Store with other names and uses Google cones | Security

Malicious apps that had been banned from the Google Play Store reappeared on the Android store after changing their name and developer. According to Symantec experts, who discovered the problem, some programs camouflaged themselves using popular Google app cones to go unnoticed on the victim's phone.

Apps infect smartphones with Android Reputation malware, the same one that has been found and removed in the past. Google has yet to explain how the programs circumvented the platform's checking mechanism for the second time. Symantec does not make it clear whether downloads are still available and how many users would have been affected.

Malware circumvents Google's verification for the second time and resurfaces in the Play Store Photo: Reproduo / dnetcMalware circumvents Google's verification for the second time and resurfaces in the Play Store Photo: Reproduo / dnetc

Malware circumvents Google's verification for the second time and resurfaces in the Play Store Photo: Reproduo / dnetc

Android Oscar: Google Play awards the best mobile apps

The purpose of the malware is to force the display of advertising on the cell phone to generate revenue for hackers. To attract download, the apps imitate calculators, memory cleaners, password apps, call recorders and offer new keyboard emojis. However, none actually offer the features promised on the Google Play page.

Apps exhibit the same behavior. After downloading to the cell phone, they remain inactive for four hours before starting the attack. They then ask the user for special permission to administer the system. On that occasion, some apps use the Google Play Store icon to trick the victim and attract the click.

Google Play Store may contain hidden malicious apps Photo: Thssius Veloso / dnetcGoogle Play Store may contain hidden malicious apps Photo: Thssius Veloso / dnetc

Google Play Store may contain hidden malicious apps Photo: Thssius Veloso / dnetc

The same happens in the battery consumption list: in order not to raise suspicions, infected programs start to display icons of famous apps, such as Google Maps, to justify the high power consumption and activation time.

Although the initial purpose is to issue pop-ups for advertising, Symantec warns that administrator access granted by the user can give freedom to other types of scams.

Common security measures on Android such as avoiding alternative stores do not apply to dangers arising from the official store. In this case, the best way to protect yourself is to check the application's provenance. Here are five tips to stay safe:

  • D preference for known software manufacturers or those with the Google Play Store publisher badge;
  • Suspect apps with few downloads and not from recognized developers;
  • Activate the Google Play Protect tool;
  • Do not grant administrator permission, except to the official Google phone finder (Find my device);
  • If you notice strange behavior, such as displaying many advertisements, install an antivirus to scan. It gives preference to famous developers, such as Avast, AVG and Kaspersky, and Symantec.

Mobile opening ads: what to do? Users exchange tips at Frum dnetc.