Google Play stocks malicious apps

Key details:

12/02/2017

Google Play fooled into stocking malicious apps that were downloaded by over 1 million users.

Another example of Google Play’s security and checking processes that have failed, allowing malicious applications to be made available to users.

Fake App

google-playstore-malware

  • Most of these apps were uploaded to Google Play in October 2017
  • Cyber criminals were publishing malicious apps on Google Play Store for more than two years
  • Apps use malicious code to steal login credentials
  • Targeted users in certain languages – Russian, Ukrainian, Armenian, Azerbaijani, Belarusian, Romanian….

https://securelist.com/still-stealing/83343/ 

WhatsApp fake

  • A fake version of WhatsApp was found to have more than a million user downloads.

whatsapp

  • The malicious creators used a blank space after the name WhatsApp, to allow it to be uploaded to Google Play
  • The fake application tried to download another application onto the user’s phone.
  • Suspected of trying to steal user credentials.
  • It is another time that Google Play stocks malicious apps.

Other user credential thefts