Another case where the Play Store has released advanced malware for years



[ad_1]

Unfortunately, we still have a case where the Google Play Store has been distributing malware for years, without Google noticing. Kaspersky Lab researchers have discovered at least 8 applications dating back to 2018.

The mechanisms they used to go unnoticed by Play Store security demonstrate how advanced these applications were. One method was to first submit a clean version of the app to the Play Store and as soon as it was accepted, then take the back door to the app.

Over time, the apps and backdoors they had could collect data from the infected device, including the model, running Android version, and apps that were installed on the device. Based on this information, applications could download payloads specifically for each device, which used to collect contacts, text messages, location, and other sensitive data.

The names of the applications are as follows:

Package name Google Play persistence date (at least)
com.zimice.browserturbo 2019-11-06
com.physlane.opengl 2019-07-10
com.unianin.adsskipper 2018-12-26
com.codedexon.prayerbook 2018-08-20
com.luxury.BeerAddress 2018-08-20
com.luxury.BiFinBall 2018-08-20
com.zonjob.browsercleaner 2018-08-20
com.linevialab.ffont 2018-08-20

More information here.

[ad_2]