More Hidden App Malware Found on Google Play

Symantec Threat Intelligence: More Hidden App Malware Found on Google Play – Over 2.1 Million Downloads

Malicious apps hide themselves after installation and aggressively display full-screen advertisements.

Symantec has uncovered another wave of malicious apps in the Play Store which have been downloaded more than 2.1 million times. The company reported these apps to Google on September 2, 2019, and they have been removed from the store.

A total of 25 Android Package Kits (APKs), mostly masquerading as a photo utility app and a fashion app, were published under 22 different developer accounts, with the initial sample uploaded in April 2019.

These 25 malicious hidden apps share a similar code structure and app content, leading Symantec to believe that the developers may be part of the same organisational group or, at the very least, are using the same source code base.

Figure 1. Hidden app malware on Google Play

The app uses hidden icons, and the malware displays advertisements, which are shown even when the app is closed. Full-screen advertisements are displayed at random intervals with no app title registered in the advertisement window, so users have no way of knowing which app is responsible for the behaviour.

Monetary gain from advertising revenue is likely the motivating factor behind these apps.

Protection
Symantec and Norton products detect these malicious apps as:
• Android.Reputation.1

Mitigation
Stay protected from mobile risks and malware by taking these precautions:
• Keep your software up to date.
• Do not download apps from unfamiliar sites.
• Only install apps from trusted sources.
• Pay close attention to the permissions requested by apps.
• Install a suitable mobile security app, such as Norton or Symantec Endpoint Protection Mobile, to protect your device and data.
• Make frequent backups of important data.

To read the full report please visit https://www.symantec.com/blogs/threat-intelligence/hidden-adware-google-play

ends

© Scoop Media