Spyware

Malicious spyware in Google Play

May 11th, 2013

New malicious spyware spreading around in Google Play, threatening millions of Android users. The good news is that you’re only infected if you downloaded a funny Russian app, intended to transcribe other common applications. The bad news is it’s probably popular applications since millions of users have already been infected.

The spyware received the non-surprising name ‘bad news’, and is currently detected in 32 different applications, created by four different developers. We can’t tell exactly how many devices got infected, because Google Play is not showing exact number of downloads, but only a relatively wide range, so all we can say now is that between two million to nine million, not bad for relatively new spyware.

The great wisdom inherent in this particular spyware is that it is installed in the form of advertisements server that alerts users later on, thus it does not look dangerous at the initial stage, or when it is placed in the apps store, because there is no initial spyware expression as it “wakes up” only after some time.

Please note that it is unknown if all the infected app developers intended to harm. May be that they were just planning to develop a user-friendly application, but unfortunately bought a tainted platform. One of the recommendations to Android app developers: Observe carefully third-party libraries listed in your application. Even if you meant for the best, you may be putting users at risk.

So what does this spyware do? Two things you would not be very happy to happen to your device. First, it sends false alerts encourage you to download other infected apps, including ‘AlphaSMS’ that in turn sign your name without your approval to premium SMS services that cost money.

Second, it sends your phone number and your device identification number to the Spyware developers – two pieces of data that when are in the wrong hands, the sky’s the limit.

You obviously assume Google is doing something about this. You are right. The company operates the ‘Bouncer’ service that scans the applications for traces of spyware, but it is among the ongoing anthology in which no society cannot always win. Not even Google. As of today, Google removed all known infected apps from its store. On the other hand, it is only those that are known, it is unclear how many more unknown still out there in the market.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta