Google has often been criticized for not policing Play Store content closely and their backseat approach has landed them in hot water again. Thirteen malicious driving apps had to be pulled from Google Play, after a security researcher exposed them as malware.
All 13 of the apps were posing as driving games or driving sims, including an SUV city driving sim, a luxury car racing game, motocross sim, etc. They were all 'developed' and published by the same person - Luiz O Pinto. The thumbnail images resemble that of any driving game and there are no dead giveaways that the apps are malicious.
Lukas Stefanko, a security researcher for ESET, made the discovery. He quickly posted on Twitter warning users not to download the apps, but by that time two of them were trending. Before Google pulled the plug, the malware was installed by over half a million users.
If you downloaded one of the driving sims, at first they seemed like harmless but poorly-programmed apps that crashed on opening. However, the app icons disappeared after installation, making them hard to find and uninstall. Some of the apps also requested that users download and install an additional APK. You can see a demonstration from Lukas Stefanko in the video below.
App functionality demonstration pic.twitter.com/11HskeD56S— Lukas Stefanko (@LukasStefanko) November 19, 2018
According to Tech Crunch, the malicious apps installed malware in the background. It is not clear its exact purpose was, but it granted 'full access' to the Android device's network traffic, meaning any information entered online after was not secure.
Other sources, such as ZDNet, however, claim the apps were adware-based: "Such practices force users to view adverts and are used to earn money fraudulently for publishers, hoodwinking ad networks out of legitimate views and causing severe annoyance to those whose devices are infected with such software."
Whatever the intention of the malware creator was, A Google spokesperson confirmed that the apps are no longer available for download: "Providing a safe and secure experience for our users is our top priority. We appreciate the researcher’s report and their efforts to help make Google Play more secure. The apps violated our policies and have been removed from the Play Store."
However, if the 560 000 number of installs is accurate, this is one of the biggest breaches the Play Store has had in its history. Although many criticize Apple for its 'walled garden' approach to its app store, maybe it's time for Google to follow their example or at least adopt stricter security measures. Despite removing more than 700 000 apps from the Play Store in 2017 alone, many malicious ones still find a way to sneak in.
What do you think? Have you dealt with malicious apps downloaded from Google Play before? Let us know in the comments.
Source: Tech Crunch