malicious apps reappeared  - malicious apps reappeared - 7 Malicious Apps Reappeared on the Play Store Using Google Icons

Seven malicious apps in Play with slightly different names under a new publisher account.

Those malicious apps are already reported to by Symantec researchers and the original apps were already removed. The malware Android.Reputation.1 found hidden at least in seven of apps in the U.S. that offered fun and cool features.

The malware dubbed .Reputation.1 appears to be in emoji keyboard additions, space cleaners, calculators, app lockers, and call recorders.

Once it installed to the device it follows a number of methods to stay Persistent on the device, it erases the tracks and disappears.

The malware used to wait for a number of number hours to launch malicious activity, so as to avoid getting detected by the user.

It has an ability to change the icon after installation, it uses trusted of Google play store and Google maps. Also, the app tries to elevate the privileges and it uses Google Play icon while requesting administrator privileges.

The installed malicious apps push through Google Mobile Services, and URLs are launched in the that redirects the users to the scam pages like “Congratulations, you won

Package Names used by Malicious apps Reappeared

malicious apps reappeared  - Figure 4 - 7 Malicious Apps Reappeared on the Play Store Using Google Icons

Common Defences and Mitigations

  • Give careful consideration to the permission asked for by applications.
  • Download applications from trusted sources.
  • Stay up with the latest version.
  • Encrypt your devices.
  • Make frequent backups of important data.
  • Install anti-malware on their devices.
  • Stay strict with CIA Cycle.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here