How cybercriminals use common apps on Google Play to spread malware
The Hindu
Threat actors have developed a number of techniques to sneak malicious apps onto Google Play. These apps with millions of downloads include photo editing apps, file managers, games, music and video players, call recording apps as well as health tracking apps are used to spread malware. Apps can steal sensitive user data, activate microphone, track location and cellular information.
Google Play is home to more than three million unique apps, most of which get updated regularly to update security patches and implement changes. However, cybercriminals have found ways to make use of these periodic updates to sneak malicious apps onto Google Play.
In 2023, apps with malicious codes were found to have been downloaded more than 600 million times on Google Play, Kaspersky shared in a blog post.
Some of the commonly downloaded apps that contain malware include photo editing apps, file managers, games, music and video players as well as health tracking apps.
The malware in these apps has been found to not just hide adware, but also track users’ location, cellular operator information, load spyware, record voice, and other sensitive user information.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
Cybercriminals create multiple developer accounts to upload apps on Google Play. Through these accounts they upload seemingly unremarkable apps with simple functionality and no malicious code to ensure they are able to sail through Google’s moderation checks. Once the app is downloaded by a sizeable audience, cybercriminals add malicious functionality in the app through an update.
An example of this is seen in the case of iRecorder app, which when uploaded to Google Play in 2021 was able to get past Google’s moderation checks as it did not contain any malicious code. However, once the app garnered close to 50,000 downloads, threat actors updated the app with malicious functionality, allowing the app to record sound from the device’s microphone every 15 minutes and sending it to a server of the app creators.
Kerala Assembly: UDF stages walkout over scarcity of Plus One seats in six districts in North Kerala
Kerala Assembly: UDF walks out over scarcity of Plus One seats in six districts in North Kerala