Spyware Android apps downloaded over 100,000 times from Google Play Store: Report

By Digit NewsDesk | Published on Jan 09 2019
Spyware Android apps downloaded over 100,000 times from Google Play Store: Report
HIGHLIGHTS

According to cybersecurity company Trend Micro, India is the most affected country with this spyware, which is stealing users’ personal information.

A quick look at some key features of Philips’ air purifiers

This handy little gadget has become a necessity, especially in metropolitan cities where pollution levels tend to be quite high

Click here to know more

Highlights:

  • Trend Micro claims to find spyware on Google Play Store.
  • Some of them have nearly 100,000 downloads.
  • India has most affected users in the world.

Japan-based IT security company Trend Micro has claimed that it has discovered spyware on Google Play Store that has been stealing users’ personal information. The firm says that some spyware apps have been downloaded over 100,000 times by users, and claims that India is the most affected country in the world. The spyware (detected as ANDROIDOS_MOBSTSPY) disguised itself as legitimate Android applications and these apps were available for download on Google Play in 2018.

As per Ecular Xu and Grey Guo from Trend Micro, “One of the applications that was initially investigated was the game called Flappy Birr Dog. Other applications included FlashLight, HZPermis Pro Arabe, Win7imulator, Win7Launcher and Flappy Bird.” All the reported apps have been removed from Google Play now. The spyware MobSTSPY is capable of stealing information like user location, SMS conversations, call logs and clipboard items.

Trend Micro says that MobSTSPY uses Firebase Cloud Messaging to send information to its server. Once the malicious application is launched, the malware will first check the device’s network availability. “It then reads and parses an XML configure file from its C&C server. The malware will then collect certain device information such as the language used, its registered country, package name, device manufacturer etc,” the firm claimed.

In addition to its information-stealing capabilities, the spyware can also gather additional credentials through a phishing attack. It is capable of displaying fake Facebook and Google pop-ups to phish for the user’s account details. If the user inputs his/her credentials, the fake pop-up will only state that the log-in was unsuccessful. By this time, the malware would already have stolen the user’s credentials.

Trend Micro says that its back-end monitoring and deep research was able to see the general distribution of affected users and found that they hailed from a total of 196 different countries. India tops the list with the most number of affected users. Other countries which are affected include Russia, Pakistan, Bangladesh, Italy, Germany, and the US. Recently, Google removed 13 malware apps from Play Store that were installed over half million times.

Related Read:

Quick Heal claims to discover fake apps on Google Play Store

Google removes massive trove of malware apps and shoddy reviews from Play Store

Videos

Google Pixel 3 XL Unboxing
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.