Android users warned as more malware infected apps are found in the Google Play Store

0

Android users are once again urged to be cautious about which apps they download, even if the apps appear in the Google Play Store.

The warning comes after cyber security experts discovered more malware ridden apps that were available to download from the Google Play Store.

The apps contained malware that could allow hackers to take control of your phone and send premium rate text messages, that can potentially rack up a huge bill, without you knowing

The apps, which have now been removed by Google, contained the Ztorg trojan exploit which has been found in more than 100 apps in the Play Store over the past year.

Magic Browser

One of the apps, Magic Browser, which claims to be an internet browser, was uploaded to the Google Play Store on May 15 and had been downloaded more than 50,000 times.

Another app called Noise Detector, which claimed to be able to measure decibel levels was downloaded 100,000 times.

Noise Detector

“By analysing these apps I found that cybercriminals are working on clickjacking WAP billing”, said Roman Unuchek from Kaspersky who discovered the apps.

“It means that these Trojans may not only open ad urls, or send Premium rate SMS, but also open web-pages with WAP billing and steal money from a user’s account.

“To hide these activities the Trojans turn off the device sound and delete all incoming SMS.

“Most likely, the attackers are publishing Ztorg modules to make some additional money while they are trying to upload the regular rooting Ztorg Trojan.

“I suggest this because one of the malicious apps had an encrypted Ztorg module but it wasn’t able to decrypt it.”

Last month, Android users were warned of another threat from apps that had been downloaded from the Google Play Store.

Researchers warned that as many 36.5 million devices may have been infected by the so called Judy malware, which bombarded infected devices with advertisements in order to generate fraudulent ad revenue.

Share.

Comments are closed.