Spyware Android apps downloaded over 100,000 times from Google Play Store: Report

By Digit NewsDesk | Updated 9 Jan 2019
Spyware Android apps downloaded over 100,000 times from Google Play Store: Report
  • According to cybersecurity company Trend Micro, India is the most affected country with this spyware, which is stealing users’ personal information.

Highlights:

  • Trend Micro claims to find spyware on Google Play Store.
  • Some of them have nearly 100,000 downloads.
  • India has most affected users in the world.

Japan-based IT security company Trend Micro has claimed that it has discovered spyware on Google Play Store that has been stealing users’ personal information. The firm says that some spyware apps have been downloaded over 100,000 times by users, and claims that India is the most affected country in the world. The spyware (detected as ANDROIDOS_MOBSTSPY) disguised itself as legitimate Android applications and these apps were available for download on Google Play in 2018.

advertisements

As per Ecular Xu and Grey Guo from Trend Micro, “One of the applications that was initially investigated was the game called Flappy Birr Dog. Other applications included FlashLight, HZPermis Pro Arabe, Win7imulator, Win7Launcher and Flappy Bird.” All the reported apps have been removed from Google Play now. The spyware MobSTSPY is capable of stealing information like user location, SMS conversations, call logs and clipboard items.

Trend Micro says that MobSTSPY uses Firebase Cloud Messaging to send information to its server. Once the malicious application is launched, the malware will first check the device’s network availability. “It then reads and parses an XML configure file from its C&C server. The malware will then collect certain device information such as the language used, its registered country, package name, device manufacturer etc,” the firm claimed.

In addition to its information-stealing capabilities, the spyware can also gather additional credentials through a phishing attack. It is capable of displaying fake Facebook and Google pop-ups to phish for the user’s account details. If the user inputs his/her credentials, the fake pop-up will only state that the log-in was unsuccessful. By this time, the malware would already have stolen the user’s credentials.

advertisements

Trend Micro says that its back-end monitoring and deep research was able to see the general distribution of affected users and found that they hailed from a total of 196 different countries. India tops the list with the most number of affected users. Other countries which are affected include Russia, Pakistan, Bangladesh, Italy, Germany, and the US. Recently, Google removed 13 malware apps from Play Store that were installed over half million times.

Related Read:

Quick Heal claims to discover fake apps on Google Play Store

advertisements

Google removes massive trove of malware apps and shoddy reviews from Play Store

advertisements
Digit NewsDesk
The guy who answered the question 'What are you doing?' with 'Nothing'.
advertisements
ASK DIGIT

Recent Questions

Purchasing apps from google play store in india
Anil Kumar
Aug 20, 2014
Responses 5
Ravi Arvind Rathod
Aug 21, 2014
Anil Kumar
Aug 21, 2014
Hemant Pathak
Aug 22, 2014
Digit User
Aug 23, 2014
Jyoti Prakash
Aug 24, 2014
Comments
Be the first one to post the comment
Post a New Comment
You must be signed in to post a comment
advertisements