Header Ads

Ghost apps live on to torment Android users

Phantom applications live on to torment Android clients


The same number of as a large portion of a million Android clients could be at hazard from hacking, phishing, and different dangers since they are as yet utilizing applications they've downloaded from Google Play, which have since been expelled from the store. 

With more than two million applications accessible to download from Android's authentic store, some of the time pernicious applications discover their way through the underlying screening process and are just recognized as risky after they've been downloaded by clients.

Recent examples include the data-stealing Charger ransomware, which disguised itself as a battery saver app, and the Dresscode spy malware which hid in the Google Play store as games, skins, themes, and phone optimization boosters.
In both of these cases -- and others like them -- the malicious apps were identified by cybersecurity researchers, and then removed from the app store.
However, while Google might eventually remove these threats from Play, users who have mistakenly installed malicious apps from the official Android store aren't told about the risk. Security company Intel Security said 4,000 apps have been removed from Google Play during the last year without users being notified. Some were malicious, others were abandoned by their developers.
"Dead apps need recall notices like other defective products," said Intel Security.
According to telemetry data collected by McAfee Mobile Threat Research, more than 500,000 Android devices still have these ghost apps installed on them, meaning that these users -- and the organisations they work for -- are potentially exposed to malware and data breaches.
One such threat is a Trojan designed for stealing passwords, disguised as an app which offered to help users gain Instagram followers. Once downloaded from Google Play, the malicious app directed the user to a fake Instagram login site which stole their login credentials.

Another threat is a Trojanized photo app called 'I Love Filter', which purports to have been downloaded over a million times. Once downloaded and installed, the app requests users 'upgrade to VIP', which triggers the continuous sending of text messages to premium rate numbers, as well as providing the malicious software with the ability to carry out additional attacks.
Despite being malicious, the app is rated 3.5 out of 5.0 on Google Play, something which Intel Security researchers say demonstrates "that the rating system is not enough to go on when it comes to evaluating apps and threats". Google should inform users that they're still using a malicious app, say the researchers.
"It's time for app store curators to notify those users impacted to help keep them secure and protect their privacy," the report recommends.
But until this happens, users need to remain vigilant about what they're downloading, even if it comes from an official source.
"To avoid losing personal data to dead apps, consumers need to pay close attention to the apps they've downloaded and research the developer and reviews about any app before installing it," says Raj Samani, EMEA CTO of Intel Security.


No comments:

Powered by Blogger.