Malicious apps snuck back onto Play Store following name change

null

Google's Android Play Store has had its security protections called into question after researchers found that previously-banned products were able to sneak back in with a simple name change.

Symantec's security researchers found seven malicious apps in the Google Play Store that had been reported as security risks in the past already.

The criminals behind the apps apparently just renamed them after they were taken down, before re-uploading them from a new developer account, under a new name.

Symantec says it has re-reported the bad apps, which have now all been taken down.

Just as last time, these apps never did what they promised to do. In the description, those were supposed to be cleaning apps, keyboard add-ons, app lockers and call recorders. In reality, these apps would just trick the users into giving them admin privileges, after which they would show ads via Google Mobile Services, or load scam sites in the victim's browser.

Symantec's team also discovered additional 38 malicious apps, and reported those to Google, as well. These apps were focused on loading a blog's URL in the phone's background.

"The URLs lead to various blogs and it is likely the app is being used to increase web traffic to these sites," Symantec researchers explained the existence of these 38 weird apps.

"So far, the majority of users downloading these apps seem to be located in the U.S., U.K., South Africa, India, Japan, Egypt, Germany, Netherlands, and Sweden," the company added. "The presence of the apps on the Google Play Store and the seemingly legitimate app names and descriptions allowed the apps to be downloaded onto at least 10,000 devices."

Symantec's full report can be found on this link.

Image Credit: CyberHades / Flickr