Google is of course doing its utmost to prevent malware from being given a chance in the Play Store. But there are some loopholes in the net, as it turns out again today. A new malware app has been found that steals sensitive data from unsuspecting users.
Security researcher Lukas Stefanko yesterday published a video in which he showed how a malware app from the Google Play Store captures sensitive data. The app stood in the Play Store under the name Easy Rates Converter and makes it easy to calculate exchange rates. At the same time, it is designed to steal login codes for a number of legitimate apps.
Stefanko states that the app was aimed at, among others, CommBank, Google Play and Binance. The Easy Rates Converter app was not yet very widely picked up and according to Stefanko it was downloaded five hundred times. For a user who downloads and installs the app, nothing seems to be wrong. The app can indeed simply convert the value of currencies. But in the background, the app also downloads malware that looks like an update for Adobe Flash.
The malware then waits for its attack. For example, when a user opens Binance, the malware creates a fake activity that takes over the legitimate app. The user has to fill in data in this form, which the malware then sends to the developers. In this way, the app would be able to access various user accounts.
Secure Play Store
In the meantime, Google has removed the app from Play Store. In this case, the damage, with five hundred downloads, is not that bad. But there are also known cases of malware, such as ExpensiveWall, which were downloaded more than one million times. Although it does everything it can to prevent malware from ending up in the Play Store, Google cannot prevent it from doing so.
One of the reasons for this is that hackers and malware developers know exactly how Play Store detects malware. Packing them within an app, or downloading them later, can cause malware to slip through the scans in some cases. It happens in less than one percent of the apps in the Play Store, but that’s more than 2.5 million. This means that thousands of apps are still infected with malware. For Google, it is therefore especially difficult to find the latter apps.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.