Categories: Technology

Malware uses Google Play Store to bypass Google defence

Share

Malicious malware could be repeatedly bypassing the Google defense by penetrating Android devices through Google Play Store.

Google Play Store served as a platform for malicious malware to enter Android devices. The said malware bypassed the Google defense repeatedly.

Kaspersky, a Russian security firm revealed that they recovered several Google play apps capable of stealing sensitive data. The malware launches the attack through an advanced back door that the hackers distribute through the Play Store.

The security firm named Phantom Lance hacking campaign as one of the names behind the attack. Kaspersky elaborated that hackers used the Play Store to hide the malware.

The attack targets Android users from India, Vietnam, Bangladesh, and Indonesia.

Hackers silently plant malware through Google Play Store

In its annual Security Analyst Summit remote virtual version, the firm stated a few details on how the malware evaded Google detection. The hackers disguised the malware as a gentle version of an app to be accepted.

Once the benign version of the app managed to enter in, it will add a data-stealing capable advanced backdoor. Some apps will require no permission during installation so that users won’t suspect at all.

Once installed, the app will use a code hidden inside an executable file to request permission. Some of the app disguised malware will even request permission at the device’s root level.

Alexey Firsh, a researcher from Kaspersky said the attackers using the Google Play Store as a trusted source. He added that it will be easy for hackers to deliver a link since users will easily trust the links coming from Google Play.

In a short period of time, the apps created a backdoor that gave attackers access to collect important data from the infected Android phone.

Hackers can get details such as hardware model, operating system, Android version, and the list of apps currently installed.

Hackers can then execute payloads that can collect sensitive information such as call logs, location, and more. Through the gathered data, attackers can increase their privileges and be able to evade security detection.

Kaspersky suspects that the malware that bypassed defense through Google Play Store has been out in the market for years now. The firm believes that the attack existed as early as 2015.

Google’s response

When asked about the corrective measures taken on the attack, Google answered that they are working to improve their detection capabilities.

Through an official statement, the company representative added that they appreciate the researchers’ works and that they are taking actions against identified apps.

Image courtesy of Mohamed_hassan/Pixabay

Leah Yecla

Published by
Leah Yecla

Recent Posts

Vince McMahon’s documentary is in progress by Netflix with WWE

Netflix is bringing the story of the iconic WWE CEO and Vice-Chairman, Vince McMahon, to…

3 hours ago

The full self-driving option of Tesla saw hike in price to $10,000

Tesla's "full self-driving" option can change lanes on rush highways and automatic parking with perfect…

3 hours ago

Apple One is here; learn how to sign up for the services?

Apple has rolled out Apple One in the market, which will include all the enthralling…

4 hours ago