Android users have once again been warned to take care when installing new apps on their phone after yet another major security risk was detected.
Researchers at security firm ESET have revealed the discovery of a family of apps hiding the Android/TrojanDropper.Agent.BKY malware within the Google Play Store.
Masquerading as legitimate looking offerings with names such as ‘Cleaner for Android’ and ‘World News’, ESET detected eight different apps carrying the malware type right under Google's nose.
The apps differ from other malware strains in that they do not ask for any app permissions that may raise suspicions, and in most case actually behave exactly how an app of their type should do.
However after a five minute delay, a further malicious app (which has been downloaded without the user's knowledge in the background), is presented to the user as a further legitimate service, often an update to Adobe Flash.
The user is then prompted to approve the installation of this new app, which once downloaded then quietly drops the final payload - a mobile banking trojan that is able to steal the user’s information.
ESET says that it reported all the malicious apps to Google, which has removed all eight products from the Play Store, although fortunately none of the apps had attracted more than a few hundred downloads.
“Unfortunately, multi-stage downloaders, with their improved obfuscation features, have a better chance of sneaking into official app stores than common Android malware does,” ESET’s Lukas Stefanko wrote in a blog post detailing the attack.
“Users who want to stay protected should not rely fully on the stores’ protections; instead, it’s crucial for users to check app ratings and comments, pay attention to what permissions they grant to apps, and run a quality security solution on their mobile devices.”