Another Malware Has Entered the Google Play Store

It is not new that malicious android application posing as legitimate application are found in the Google Play Store. We use to have a notion that any app that is on the Play Store is safe to be downloaded and install. But that is not the case these days, various malware disguise themselves among the application that are there in the play store and lure android users to download and install them.

However, this time, a number of such application has been detected to be impersonation as security scanner application.

Details of the campaign-

An android malware family named Brazilian Remote Access Tool Android (BRATA) has feen detected with new strains which were capable of propagating a backdoor that could steal confidential information. Generally, these apps target the users of Brazil, the U.S., and Spain, where they have been installed somewhere around 1,000 to 5,000 times. Another malicious app named DefenseScreen was installed around 10,000 times before being taken down from the Play Store.

History-

  • BRATA was a banking trojan when it was first spotted in 2018.
  • This was distributed entirely through Google Play and these enabled the attacker to lure the victim into downloading the software by notifying about security issues that never existed.

Other such malware that are available are FlixOnline, that disguised as Netflix app and stole WhatsApp conversation. Also, Class82 dropper was detected to be hidden in nine legitimate Android utility app last month. These app were distributed using     Play Store.

Conclusion-

We can no more blindly trust the apps that are on the Google Play Store just for the sake of it. The users should remember that no app in the Play Store ever asks for third party permission and all apps should be updated via play store only. Research suggest that malware groups like BRATA will evolve to be more powerful and come up with better techniques of obfuscation and newer and better capabilities.

By Hrithik Lall

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.