Advertisement

Malicious apps in Play Store stealing user's data: Report

By: S Aadeetya, The Mobile Indian, New Delhi Last updated : April 29, 2020 5:44 pm

The app were infected with malware which were able to access confidential details about a user.
Advertisement

Security researchers at Kaspersky have come across some disturbing facts, which will concern millions of Android users across the globe. The cyber security firm says a campaign called PhantomLance has been used by hackers to infiltrate malicious apps into Google Play Store and other third-party app stores.

 

They say the malware has been active in the Play Store for over four years now, and they have worryingly found 4 versions of the malware which was hiding in plain sight for all this time. "We have observed around 300 infection attacks on Android devices in India, Vietnam, Bangladesh, Indonesia, etc. starting in 2016," Kaspersky mentioned in this detailed blog post about the campaign. 

Advertisement

 

Interestingly, the researchers found that all the versions of the malware were connected by similar code. The report mentions the actors have primarily targeted the South Asia region with this form of attack, where you predominantly have Android users. 

 

They also point out the prime focus of the spyware was to steal data from mobile devices. So, if anybody managed to download apps like the one given below, the attacker was able to access confidential details user's contact history, contact, call history and SMS along with location data as well.

 

malware infected app which has been removed

In addition to this, the malware was able to reveal details about the apps installed on the phone, and share information about the software and phone model as well. Kaspersky assures that it has informed Google about the existence of these apps and the motive to steal data through this campaign, but even then they have found PhantomLance to be active for some or the other reason.

 

It's evident that even after all these years, Google is finding it hard to stop attackers from infiltrating their malware through apps to the Play Store. The report suggests the actors used multiple versions of the malware to avoid getting tracked by Google, who will first have to approve the apps for adhering to its policies. There's a definite concern among researchers about such campaigns, which is only looking to take advantage of exploiting an ecosystem, which is used by more than billions across the world. 

 


You might like this

 

0 Comments

Login with

Mobile Finder