If you have recently downloaded and installed a driving game from Google Play Store, you might be in the over 500,000 users that have downloaded malware from Google’s app store.
On Monday, Lukas Stefanko who works at ESET as a security researcher tweeted out details of 13 gaming apps infected with malware on the Play Store. And the funny thing is, all of the apps were posing as driving games, and also all were from the same developer. Two of these apps were trending in the store; tricky isn’t it? Anyways it meant more visibility for unsuspected users.
Over 580,000 installs of the malicious apps took place before Google removed them from the storefront.
The games all looked like a car driving game or innocuous trucks to anyone browsing them in the store. But once it’s downloaded, your expectations will be dashed with what seems to look like a buggy app that crashed every time it was opened.
That is not what was happening, however, with the app downloading a payload from another domain and installing malware on its users’ device. Then the app deletes its icon, hiding it from view.
Don't install these apps from Google Play – it's malware.
-all together 560,000+ installs
-after launch, hide itself icon
-downloads additional APK and makes user install it (unavailable now)
-2 apps are #Trending
-no legitimate functionality
— Lukas Stefanko (@LukasStefanko) November 19, 2018
What was the primary purpose of these malicious apps?
It is still not clear yet what the malicious apps were meant to do, with the malware scanners on VirusTotal not agreeing on what the apps are infected with and its intention. But we do know that the app has persistence, meaning it will launch every time the Android device is started and will have full access to the device’s network traffic, which means the malware author can steal secrets.
Google spokesperson Scott Westover who confirmed to TechCrunch that the apps “violated our policies and it has been removed from the Play Store.”
It has been a busy week, where we saw Tumblr had their official app removed from the iOS App Store, it is clear that Google needs to step up its security efforts on apps the company allow into the Google Play Store. Do you know that over 700,000 malicious apps were pulled out from Google Play Store by Google last year alone? And that issue shows no sign of slowing down in taking out malicious apps from the app store.
Did you download any of these games? Do you have any issue after downloading it? Share your thoughts with us in the comments section below.